A Post-Quantum Authentication and Key Agreement Protocol Based on Lattice-Based KEM for Secure Network Environments

In emerging environments such as cloud computing and the Internet of Things (IoT), secure authentication and key negotiation play a crucial role in protecting data transmitted over public networks. However, many existing authentication protocols are still designed based on classical public-key cryptography primitives, and quantum computing may threaten their security. To address this challenge, we propose a post-quantum authentication and key agreement protocol that uses the lattice-based Kyber key encapsulation mechanism (KEM). Our proposed protocol integrates cryptographic authentication, smart card protection, and post-quantum key encapsulation mechanisms, enabling mutual authentication between users and servers and securely establishing session keys. The security of the protocol is formally analyzed in the Real-or-Random (ROR) model under the random oracle assumption and the IND-CCA security of the underlying KEM scheme. Furthermore, through informal security analysis, we have further demonstrated that the protocol possesses important security properties, including anonymity, untraceability, perfect forward confidentiality, and resistance to known attacks. In addition, the computational cost and communication overhead of the proposed scheme are evaluated and compared with several representative authentication protocols. The results show that the proposed protocol can provide strong security while maintaining low computational cost and communication overhead.