Secure User Authentication With Information Theoretic Security Using Secret Sharing-Based Secure Computation

Abstract

When using an insecure communication channel, the initial step involves authenticating the user (verifying the other party) to ensure the legitimacy of the communication partner, followed by an encrypted communication. Public key encryption-based digital signatures are widely used for user authentication; however, with the development of quantum computers they are highly likely to be deciphered. Studies are also ongoing on post-quantum cryptography, although they require significant computational resources and are challenging to implement in Internet of Things (IoT) devices. Therefore, this study suggests the implementation of user authentication and secure communication that guarantees information-theoretic security through the use of secure computation based on a computationally lightweight $(k,n)$ -threshold secret sharing scheme. In this study, a user authentication system is proposed with information-theoretical security that utilizes constantly changing information. Subsequently, it is demonstrated that secure communication with information-theoretic security can be achieved without the need to distribute a substantial number of true random numbers by employing secure computation based on $(k,n)$ -threshold secret sharing. The proposed methods are suitable for implementation in IoT environments because they require minimal processing overhead. The practical application of the proposed methods are also demonstrated through an implementation using C++. For example, the average execution time of the claimant was less than 0.1 [ms], proving that the proposed methods are very efficient.