



















Konstantinos Karampidis, Department of Electrical and Computer Engineering, Hellenic Mediterranean University, Crete, Greece
Muath AlShaikh, Cyber Security Department, College of Engineering, Al Ain University, Abu Dhabi, UAE
We present PQES-AKE, a novel two-party authenticated key exchange (AKE) protocol built upon the Post-Quantum Encryption and Signcryption Scheme (PQES) introduced by Kara et al. The protocol achieves mutual authentication, session key secrecy, and forward secrecy in a post-quantum adversarial model. The central design principle of PQES-AKE is the concealment of ephemeral Diffie-Hellman (DH) keys within affine masks derived from randomness generated internally by the PQES signcryption algorithm. The security of PQES-AKE rests on three hardness assumptions, including Learning With Errors (LWE) for ciphertext confidentiality, a Secret-Base Discrete Exponentiation (SBDE) assumption for signature unforgeability, and the Computational Diffie-Hellman (CDH) assumption for session key secrecy. The protocol completes in two network rounds, with a total communication cost of approximately 627 bytes, and requires 17 modular exponentiations. A Python prototype evaluated on a commodity Intel Core i7 laptop achieves an average execution time of 6.2ms. These results confirm that PQES-AKE provides a competitive, single-primitive alternative to composite KEM-then-authenticate constructions in post-quantum secure channel establishment.
BibTeX
@misc{cryptoeprint:2026/914,
author = {Mostefa Kara and Konstantinos Karampidis and Muath AlShaikh},
title = {Post-Quantum Authenticated Key Exchange via Signcryption with Ephemeral Key Masking},
howpublished = {Cryptology {ePrint} Archive, Paper 2026/914},
year = {2026},
url = {https://eprint.iacr.org/2026/914}
}
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。