Fred Araujo, Teryl Taylor
OSSNA 2023
Much work has been done recently on developing password-authenticated key exchange (PAKE) mechanisms with post-quantum security. However, modern guidance recommends the use of \emph{hybrid} schemes - schemes which rely on the combined hardness of a post-quantum assumption, e.g., Learning with Errors (LWE), and a more traditional assumption, e.g., decisional Diffie-Hellman. To date, there is no known hybrid PAKE construction, let alone a general method for achieving such.
In this paper, we present two efficient PAKE combiners - algorithms that take two PAKEs satisfying mild assumptions, and output a third PAKE with combined security properties - and prove these combiners secure in the Universal Composability (UC) model. Our sequential combiner, instantiated with efficient existing PAKEs such as CPace (built on Diffie-Hellman-type assumptions) and CHIC[ML-KEM] (built on the Module LWE assumption), yields the first known hybrid PAKE.
Fred Araujo, Teryl Taylor
OSSNA 2023
Matías Mazzanti, Esteban Mocskos, et al.
ISCA 2025
Chen Xiong, Xiangyu Qi, et al.
ACL 2025
Andrea Basso, Luciano Maino
Eurocrypt 2025