## CryptoDB

### Paper: Generic Authenticated Key Exchange in the Quantum Random Oracle Model

Authors: Kathrin Hövelmanns Eike Kiltz Sven Schäge Dominique Unruh DOI: 10.1007/978-3-030-45388-6_14 Search ePrint Search Google We propose $mathsf {FO_mathsf {AKE}}$ , a generic construction of two-message authenticated key exchange (AKE) from any passively secure public key encryption (PKE) in the quantum random oracle model (QROM). Whereas previous AKE constructions relied on a Diffie-Hellman key exchange or required the underlying PKE scheme to be perfectly correct, our transformation allows arbitrary PKE schemes with non-perfect correctness. Dealing with imperfect schemes is one of the major difficulties in a setting involving active attacks. Our direct construction, when applied to schemes such as the submissions to the recent NIST post-quantum competition, is more natural than previous AKE transformations. Furthermore, we avoid the use of (quantum-secure) digital signature schemes which are considerably less efficient than their PKE counterparts. As a consequence, we can instantiate our AKE transformation with any of the submissions to the recent NIST competition, e.g., ones based on codes and lattices. $mathsf {FO_mathsf {AKE}}$ can be seen as a generalisation of the well known Fujisaki-Okamoto transformation (for building actively secure PKE from passively secure PKE) to the AKE setting. As a helper result, we also provide a security proof for the Fujisaki-Okamoto transformation in the QROM for PKE with non-perfect correctness which is tighter and tolerates a larger correctness error than previous proofs.
##### BibTeX
@article{pkc-2020-30316,
title={Generic Authenticated Key Exchange in the Quantum Random Oracle Model},
booktitle={Public-Key Cryptography – PKC 2020},
series={Public-Key Cryptography – PKC 2020},
publisher={Springer},
volume={12111},
pages={389-422},
doi={10.1007/978-3-030-45388-6_14},
author={Kathrin Hövelmanns and Eike Kiltz and Sven Schäge and Dominique Unruh},
year=2020
}