AtLast: Another Three-party Lattice-based PAKE Scheme

Password-based Authenticated Key Exchange (PAKE) protocol assumes that the parties share a low-entropy, easy-to-remember password to achieve the authentication with a high-entropy session key. PAKE protocols can be employed to hand-held devices for access control of sensitive personal data remotely. For communication with more than one user, the user needs to remember all passwords between other users. To resolve this problem, a three-party PAKE (3PAKE) protocol, where user only shares a password with a server, is introduced. In this paper, we construct a novel lattice-based three-party PAKE protocol, AtLast, based on the hardness of ring-LWE assumption, with a simple design and extend Ding et al.’s PAKE protocol with implicit server authentication, RLWE-PPK protocol, to three-party setting by modifying the generic approach by Abdalla et al. Then, we compare our protocol with Xu et al.’s three-party PAKE protocol, RLWE-3PAKE, over lattices.