Quantum-Safe Round-Optimal Password Authentication for Mobile Devices

However, most of the existing asymmetric-PAKE protocols either are based on traditional hash functions under random oracles or depend on non-quantum-secure hardness assumptions and remain insecure in the quantum era. To bridge the gap between the asymmetric-PAKE and quantum-safe, in this paper, we resort to smooth projective hash functions (SPHF) and commitment-based password-hashing schemes (PHS) over lattice-based cryptography, and we propose the construction of round-optimal asymmetric PAKE protocol secure against quantum attacks. Our construction eliminates the costly non-interactive zero-knowledge (NIZK) method, bypasses assumptions of the random oracle model, and achieves quantum resistance. We also show that our asymmetric-PAKE protocol can achieve balanced security and robustness under the Bellare-Pointcheval-Rogaway (BPR) model. Finally, we develop a prototype implementation of our instantiation and use it to evaluate its performance in realistic settings.