KSRP: Improved Secure Remote Password Protocol Based on Post Quantum Algorithm

Abstract

Abstract In order to solve the issue that traditional secure remote password (SRP) protocols cannot resist the active quantum computing attack, a simple and efficient SRP protocol based on post quantum algorithm Kyber named KSRP is proposed. In the protocol, the asymmetrical key consensus algorithm (AKCN) and post quantum algorithm are used to implement authenticated key exchange. This scheme can resist password recovery, Denning-Sacco’s attack and other attacks after being analyzed, which satisfies provable security under eCK model and indistinguishable game model. Compared with the traditional password authenticated key exchange (PAKE) protocols based on classical hard mathematical problems, this protocol refers to the generation method on the temporary public key and private key in the post quantum public key encryption algorithm Kyber, which enhances the security of process parameters. In addition, the scheme uses compression functions for the transmitted session public key to reduce communication overhead and improve security. After being tested in the LWE tester tool SageMathCell, the security of this protocol can reach 313 bits, which is 2.79 times the traditional SRP protocol, and 3.91 times J-PAKE protocol, also is higher 70.1% than Ding’s RLWE-PAK and RLWE-PPK protocols. The communication overhead in the protocol is only higher about 16% of post-quantum PPK and PAK protocols. This protocol is simple, efficient, and resistant to quantum computing active attacks, which can be applied in remote authenticated key exchange in cloud networks.