An efficient statistical zero-knowledge authentication protocol for smart cards

We construct an efficient statistical zero-knowledge authentication protocol for smart cards based on general assumptions. We show how it can be instantiated using lattice-based primitives, which are conjectured to be secure against quantum attacks. We illustrate the practicality of our protocol on smart cards in terms of storage, computation, communication, and round complexities. Furthermore, we compare it to other lattice-based authentication protocols, which are either zero-knowledge or have a similar structure. The comparison shows that our protocol improves the best previous protocol in several aspects.

[1]  Chris Peikert,et al.  Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller , 2012, IACR Cryptol. ePrint Arch..

[2]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[3]  Keisuke Tanaka,et al.  Zero-Knowledge Protocols for NTRU: Application to Identification and Proof of Plaintext Knowledge , 2009, ProvSec.

[4]  Joseph H. Silverman,et al.  NTRU: A Ring-Based Public Key Cryptosystem , 1998, ANTS.

[5]  Mohammad Sadeq Dousti,et al.  Efficient Statistical Zero-Knowledge Authentication Protocols for Smart Cards Secure Against Active & Concurrent Attacks , 2014 .

[6]  Rasool Jalili,et al.  Implementation and Comparison of Lattice-based Identification Protocols on Smart Cards and Microcontrollers , 2014, IACR Cryptol. ePrint Arch..

[7]  Vadim Lyubashevsky,et al.  Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures , 2009, ASIACRYPT.

[8]  Phong Q. Nguyen,et al.  BKZ 2.0: Better Lattice Security Estimates , 2011, ASIACRYPT.

[9]  Michele Mosca,et al.  Solving the Shortest Vector Problem in Lattices Faster Using Quantum Search , 2013, PQCrypto.

[10]  Rasool Jalili,et al.  Efficient Statistical Zero-Knowledge Authentication Protocols for Smart Cards Secure Against Active & Concurrent Quantum Attacks , 2013, IACR Cryptol. ePrint Arch..

[11]  Pierre-Louis Cayrel,et al.  Improved code-based identification scheme , 2010, ArXiv.

[12]  Daniele Micciancio,et al.  Statistical Zero-Knowledge Proofs with Efficient Provers: Lattice Problems and More , 2003, CRYPTO.

[13]  Rasool Jalili,et al.  On Constrained Implementation of Lattice-Based Cryptographic Primitives and Schemes on Smart Cards , 2015, ACM Trans. Embed. Comput. Syst..

[14]  Léo Ducas,et al.  Lattice Signatures and Bimodal Gaussians , 2013, IACR Cryptol. ePrint Arch..

[15]  Tim Güneysu,et al.  Practical Lattice-Based Cryptography: A Signature Scheme for Embedded Systems , 2012, CHES.

[16]  David Chaum,et al.  Direct Zero Knowledge Proofs of Computational Power in Five Rounds , 1991, EUROCRYPT.

[17]  Chris Peikert,et al.  Efficient Collision-Resistant Hashing from Worst-Case Assumptions on Cyclic Lattices , 2006, TCC.

[18]  Jacques Stern,et al.  A new paradigm for public key identification , 1996, IEEE Trans. Inf. Theory.

[19]  Chris Peikert,et al.  Hardness of SIS and LWE with Small Parameters , 2013, CRYPTO.

[20]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[21]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[22]  Tanja Lange,et al.  Attacking and defending the McEliece cryptosystem , 2008, IACR Cryptol. ePrint Arch..

[23]  Hugo Krawczyk,et al.  On the Composition of Zero-Knowledge Proof Systems , 1990, ICALP.

[24]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[25]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[26]  Chris Peikert,et al.  Better Key Sizes (and Attacks) for LWE-Based Encryption , 2011, CT-RSA.

[27]  Vadim Lyubashevsky,et al.  Lattice-Based Identification Schemes Secure Under Active Attacks , 2008, Public Key Cryptography.

[28]  Daniele Micciancio,et al.  Generalized Compact Knapsacks Are Collision Resistant , 2006, ICALP.

[29]  Ricardo Dahab,et al.  LWE-based identification schemes , 2011, 2011 IEEE Information Theory Workshop.

[30]  Chris Peikert,et al.  SWIFFT: A Modest Proposal for FFT Hashing , 2008, FSE.

[31]  Oded Goldreich,et al.  More Constructions of Lossy and Correlation-Secure Trapdoor Functions , 2010, Journal of Cryptology.

[32]  Daniele Micciancio Lattice-Based Cryptography , 2011, Encyclopedia of Cryptography and Security.

[33]  Daniele Micciancio,et al.  Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[34]  Keita Xagawa,et al.  Cryptography with Lattices , 2010 .

[35]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[36]  Sorin A. Huss,et al.  On the Design of Hardware Building Blocks for Modern Lattice-Based Encryption Schemes , 2012, CHES.

[37]  Pierre-Louis Cayrel,et al.  Improved Zero-Knowledge Identification with Lattices , 2010, ProvSec.

[38]  Keisuke Tanaka,et al.  Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems , 2008, ASIACRYPT.