International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Password-Authenticated Key Exchange from Group Actions

Authors:
Michel Abdalla , DFINITY (Zürich, Switzerland)
Thorsten Eisenhofer , Ruhr-Universität Bochum (Bochum, Germany)
Eike Kiltz , Ruhr-Universität Bochum (Bochum, Germany)
Sabrina Kunzweiler , Ruhr-Universität Bochum (Bochum, Germany)
Doreen Riepel , Ruhr-Universität Bochum (Bochum, Germany)
Download:
Search ePrint
Search Google
Conference: CRYPTO 2022
Abstract: We present two provably secure password-authenticated key exchange (PAKE) protocols based on a commutative group action. To date the most important instantiation of isogeny-based group actions is given by CSIDH. To model the properties more accurately, we extend the framework of cryptographic group actions (Alamati et al., ASIACRYPT 2020) by the ability of computing the quadratic twist of an elliptic curve. This property is always present in the CSIDH setting and turns out to be crucial in the security analysis of our PAKE protocols. Despite the resemblance, the translation of Diffie-Hellman based PAKE protocols to group actions either does not work with known techniques or is insecure (``How not to create an isogeny-based PAKE'', Azarderakhsh et al. ACNS 20). We overcome the difficulties mentioned in previous work by using a ``bit-by-bit'' approach, where each password bit is considered separately. Our first protocol X-GA-PAKE can be executed in a single round. Both parties need to send two set elements for each password bit in order to prevent offline dictionary attacks. The second protocol Com-GA-PAKE requires only one set element per password bit, but one party has to send a commitment on its message first. We also discuss different optimizations that can be used to reduce the computational cost. We provide comprehensive security proofs for our base protocols and deduce security for the optimized versions.
BibTeX
@inproceedings{crypto-2022-32151,
  title={Password-Authenticated Key Exchange from Group Actions},
  publisher={Springer-Verlag},
  author={Michel Abdalla and Thorsten Eisenhofer and Eike Kiltz and Sabrina Kunzweiler and Doreen Riepel},
  year=2022
}