Three Party Post Quantum Secure Lattice Based Construction of Authenticated Key Establishment Protocol for Mobile Communication

Abstract

A three-party post-quantum key agreement protocol involves server with two communicating parties securely agreeing on a shared secret key in a way that is resistant to quantum attacks. Once the shared secret key is shared using authenticated key agreement protocol, then user (A), and user (B) can use it for securing communication channel using symmetric-key encryption AES-256 algorithm. Although there are few third-party post-quantum authenticated and key agreement schemes exist, but the recent studies in this paper illustrates that they are not satisfying properties like unlinkability, anonymity, perfect forward secrecy, and signal leakage attacks. Therefore, the proposed protocol ensures anonymity, unlinkablity, perfect forward secrecy, and resistant against signal leakage attacks. The proposed protocol uses different random numbers for each of sessions and ensures freshness of the session key to maintain forward secrecy. In this protocol, the user (A) only communicates with server, and establish an authenticated session key with user (B) which avoids server overheads. The use of ring learning with errors (RLWE) instead of the simpler learning with errors (LWE) is primarily motivated by the need for efficiency, compactness, and scalability in cryptographic applications. A comparative study, including both performance and security assessments, demonstrates that the proposed design is more secure and efficient.