dc.contributor.author | Pan, Jiaxin | |
dc.contributor.author | Wagner, Benedikt | |
dc.contributor.author | Zeng, Runzhi | |
dc.date.accessioned | 2024-02-07T09:04:43Z | |
dc.date.available | 2024-02-07T09:04:43Z | |
dc.date.created | 2023-12-19T16:06:17Z | |
dc.date.issued | 2023 | |
dc.identifier.issn | 0302-9743 | |
dc.identifier.uri | https://hdl.handle.net/11250/3116075 | |
dc.description.abstract | We construct the first tightly secure authenticated key exchange (AKE) protocol from lattices. Known tight constructions are all based on Diffie-Hellman-like assumptions. Thus, our protocol is the first construction with tight security from a post-quantum assumption.
Our AKE protocol is constructed tightly from a new security notion for key encapsulation mechanisms (KEMs), called one-way security against checkable chosen-ciphertext attacks (OW-ChCCA). We show how an OW-ChCCA secure KEM can be tightly constructed based on the Learning With Errors assumption, leading to the desired AKE protocol. To show the usefulness of OW-ChCCA security beyond AKE, we use it to construct the first tightly bilateral selective-opening (BiSO) secure PKE. BiSO security is a stronger selective-opening notion proposed by Lai et al. (ASIACRYPT 2021). | en_US |
dc.language.iso | eng | en_US |
dc.publisher | Springer | en_US |
dc.rights | Navngivelse 4.0 Internasjonal | * |
dc.rights.uri | http://creativecommons.org/licenses/by/4.0/deed.no | * |
dc.title | Lattice-Based Authenticated Key Exchange with Tight Security | en_US |
dc.title.alternative | Lattice-Based Authenticated Key Exchange with Tight Security | en_US |
dc.type | Peer reviewed | en_US |
dc.type | Journal article | en_US |
dc.description.version | acceptedVersion | en_US |
dc.source.journal | Lecture Notes in Computer Science (LNCS) | en_US |
dc.identifier.doi | 10.1007/978-3-031-38554-4_20 | |
dc.identifier.cristin | 2215813 | |
cristin.ispublished | true | |
cristin.fulltext | postprint | |
cristin.qualitycode | 1 | |