A novel quantum dragonfly multi-key exchange protocol beyond conventional attacks (Q2240991)

To meet the needs of people using the Internet while caring about information security, authenticated key agreement protocols come to the rescue to establish confidential communication channels. Properly applied, attempts by third parties to interfere in any session key choice can be averted. The Dragonfly Key Exchange Protocol (DFKEP) is one of the most general application scenarios for two-party password-authenticated application scenarios. Its author \textit{D.Harkins} claimed to have made this protocol resistant to offline dictionary attack, whereas former key choice protocols failed in this regard. However, more sophisticated attacks have been successful when based on offline dictionary attacks. The authors of the paper present an enhanced DFKEP version that improves on the protocol's security level, storage space consumption and attack immunity due to a shift from classical to quantum cryptographical techniques and results in a novel Quantum Dragonfly Multiple-Key Exchange Protocol, QDFMKEP for short. After concise preliminaries on Chebyshev chaotic maps, threat models for password-based authentication schemes and quantum cryptosystem techniques, the original dragonfly protocol is outlined, followed by an elaborate proposal of a novel quantum dragonfly multi-key exchange protocol. Naturally, a security analysis of the proposed protocol follows based on established password authentication scheme proof methods. To instigate further discussion, the authors state several propositions that claim enforced resilience of QDFMKEP against several methods of attacks and desirable properties of any scheme like key freshness and secrecy. The proofs given are rather informal and may render these propositions plausible for the well-informed reader. Advantages of both classical and quantum cryptography have been combined to yield a more robust multi-key exchange protocol.