Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A public-key cryptosystem with worst-case/average-case equivalence
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
SIAM Journal on Computing
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
How to Enhance the Security of Public-Key Encryption at Minimum Cost
PKC '99 Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography
Semantically Secure McEliece Public-Key Cryptosystems-Conversions for McEliece PKC
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
NTRU: A Ring-Based Public Key Cryptosystem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Simplified OAEP for the RSA and Rabin Functions
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
Chosen-Ciphertext Security from Identity-Based Encryption
SIAM Journal on Computing
Lossy trapdoor functions and their applications
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
A Framework for Efficient and Composable Oblivious Transfer
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
One-round key exchange in the standard model
International Journal of Applied Cryptography
Practical Chosen Ciphertext Secure Encryption from Factoring
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
A CCA2 Secure Public Key Encryption Scheme Based on the McEliece Assumptions in the Standard Model
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
On lattices, learning with errors, random linear codes, and cryptography
Journal of the ACM (JACM)
Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
The Group of Signed Quadratic Residues and Applications
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Efficient Public Key Encryption Based on Ideal Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Authenticated key exchange and key encapsulation in the standard model
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Miniature CCA2 PK encryption: tight security without redundancy
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Proceedings of the 30th annual conference on Advances in cryptology
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Efficient chosen-ciphertext security via extractable hash proofs
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Proceedings of the 30th annual conference on Advances in cryptology
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
SPAKE: a single-party public-key authenticated key exchange protocol for contact-less applications
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Better key sizes (and attacks) for LWE-based encryption
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Making NTRU as secure as worst-case problems over ideal lattices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Smaller decoding exponents: ball-collision decoding
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Public-key cryptographic primitives provably as secure as subset sum
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
On ideal lattices and learning with errors over rings
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Bonsai trees, or how to delegate a lattice basis
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient lattice (H)IBE in the standard model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Random oracles in a quantum world
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
New directions in cryptography
IEEE Transactions on Information Theory
Hiding information and signatures in trapdoor knapsacks
IEEE Transactions on Information Theory
A public key cryptosystem and a signature scheme based on discrete logarithms
IEEE Transactions on Information Theory
Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Efficient implementation of a CCA2-Secure variant of mceliece using generalized srivastava codes
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Public-Key cryptography from new multivariate quadratic assumptions
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
NTRUCCA: how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Strongly secure authenticated key exchange from factoring, codes, and lattices
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
| Hi-index | 0.00 |
This paper discusses how to realize practical post-quantum authenticated key exchange (AKE) with strong security, i.e., CK+ security (Krawczyk, CRYPTO 2005). It is known that strongly secure post-quantum AKE protocols exist on a generic construction from IND-CCA secure key encapsulation mechanisms (KEMs) in the standard model. However, when it is instantiated with existing IND-CCA secure post-quantum KEMs, resultant AKE protocols are far from practical in communication complexity. We propose a generic construction of AKE protocols from OW-CCA secure KEMs and prove CK+ security of the protocols in the random oracle model. We exploit the random oracle and instantiate AKE protocols from various assumptions; DDH, gap DH, CDH, factoring, RSA, DCR, (ring-)LWE, McEliece one-way, NTRU one-way, subset sum, multi-variate quadratic systems, and more. For example, communication costs of our lattice-based scheme is approximately 14 times lower than the previous instantiation (for 128-bit security). Also, in the case of code-based scheme, it is approximately 25 times lower.