Abstract

In order to build a secure and an efficient scheme even in the presence of quantum computers, we propose an improved authenticated key agreement scheme based on NTRU for applications in e-health platforms. In fact, user authentication and key agreement are important cryptographic primitives that allow two entities to establish a secure and an authenticated channel over insecure networks. Currently, the security of the most of these primitives relies on RSA or ECC standards, which ensure high security levels. Unfortunately, all cryptosystems based on factorization problems (e.g., RSA) or the discrete logarithm problem in finite groups (e.g., ECC) will be vulnerable to quantum attacks in the next few years due to Shor’s algorithm. Security and efficiency analysis show that the proposed scheme can resist various attacks, including quantum attacks while preserving efficiency.

Keywords:

Authentication, e-health, key agreement, lattice, security,

References

1. ANSI X9.98, 2010. Lattice–based polynomial public key establishment algorithm for the financial services industry. Technical Report: X9.98, American National Standards Institute (ANSI).
   
2. Chen, L., S. Jordan, Y.K. Liu, D. Moody, R. Peralta, R. Perlner and D. Smith-Tone, 2016. Report on post-quantum cryptography. Internal Report: 8105, National Institute of Standards and Technology (NIST).
   CrossRef    
3. Coppersmith, D. and A. Shamir, 1997. Lattice Attacks on NTRU. Proceeding of the 16th Annual International Conference on the Theory and Application of Cryptographic Techniques. Konstanz, Germany, May. 11-15, pp: 52-61.
   CrossRef    
4. Hoffstein, J., J. Pipher and J.H. Silverman, 1998. NTRU: A ring-based public key cryptosystem. Proceeding of the 3rd International Symposium on Algorithmic Number Theory. Springer-Verlag London,, June 21-25, pp: 267-288.
   CrossRef    
5. Hoffstein, J., J. Pipher, J.M. Schanck, J.H. Silverman, W. Whyte and Z. Zhang, 2015. Choosing parameters for NTRUEncrypt. Cryptology ePrint Archive, Report: 2015/708.
   Direct Link
6. Howgrave-Graham, N., 2007. A hybrid lattice-reduction and meet-in-the-middle attack against NTRU. Proceeding of the 27th Annual International Cryptology Conference. Santa Barbara, CA, USA, August 19-23, pp: 150-169.
   CrossRef    
7. Howgrave-Graham, N., P.Q. Nguyen, D. Pointcheval, J. Proos, J.H. Silverman, A. Singer and W. Whyte, 2003. The impact of decryption failures on the security of NTRU encryption. Proceeding of the 23rd Annual International Cryptology Conference. Santa Barbara, California, USA, August 17-21, pp: 226-246.
   CrossRef    
8. Koblitz, N., 1987. Elliptic curve cryptosystems. Math. Comput., 48(177): 203-209.
   CrossRef    
9. Lenstra, A.K., H.W. Lenstra and L. Lovász, 1982. Factoring polynomials with rational coefficients. Math. Ann., 261(4): 515-534.
   CrossRef    
10. Lochter, M. and J. Merkle, 2010. Elliptic Curve Cryptography (ECC) brainpool standard curves and curve generation. Internet Engineering Task Force (IETF), RFC 5639.
    
11. Miller, V.S., 1985. Use of elliptic curves in cryptography. Proceeding of the Conference on the Theory and Application of Cryptographic Techniques. Santa Barbara, CA, USA, August 18-22, pp: 417-426.
    PMid:3850907    
12. Rivest, R.L., A. Shamir and L. Adleman, 1978. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM., 21(2): 120-126.
    CrossRef    
13. Shor, P.W., 1997. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput., 26(5): 1484-1509.
    CrossRef    
14. Stehlé, D. and R. Steinfeld, 2011. Making NTRU as secure as worst-case problems over ideal lattices. Proceeding of the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques. Tallinn, Estonia, May 15-19, pp: 27-47.
    CrossRef    
15. Vaudenay, S., 1996. Hidden collisions on DSS. Proceeding of the 16th Annual International Cryptology Conference on Advances in Cryptology. Santa Barbara, California, USA, August 18-22, pp: 83-88.
    CrossRef    
16. Whyte, W., N. Howgrave-Graham, J. Hoffstein, J. Pipher, J. Silverman, and P. Hirschhorn, 2008. Draft standard for public-key cryptographic techniques based on hard problems over lattices. Technical Report: IEEE P1363.1, Institute of Electrical and Electronics Engineers (IEEE).
    
17. Xie, Q., J. Zhang and N. Dong, 2013. Robust anonymous authentication scheme for telecare medical information systems. J. Med. Syst., 37(2): 9911.
    CrossRef    PMid:23321972    
18. Xu, X., P. Zhu, Q. Wen, Z. Jin, H. Zhang and L. He, 2014. A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine information systems. J. Med. Syst., 38(1): 9994.
    CrossRef    PMid:24346928    

Competing interests

The authors have no competing interests.

Open Access Policy

This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Copyright

The authors have no competing interests.