發(fā)布時(shí)間：2018-02-22 10:48

  本文關(guān)鍵詞： 格 LWE R-LWE 高斯抽樣 密鑰交換　出處：《西安電子科技大學(xué)》2014年碩士論文　論文類型：學(xué)位論文

【摘要】：伴隨著數(shù)字信息化的快速發(fā)展,人類即將進(jìn)入量子信息時(shí)代,基于格的公鑰密碼作為后量子密碼(即抵抗量子計(jì)算攻擊的密碼)的典型代表,在密碼學(xué)領(lǐng)域占據(jù)重要地位。基于格的公鑰密碼具有清晰的安全性證明(即良好的歸約特性)以及豐富多彩的服務(wù)功能等優(yōu)點(diǎn)。近年來(lái)基于格的各種密碼體制得到飛速發(fā)展。然而,格公鑰密碼的安全性和效率還嚴(yán)重受制于格上陷門(mén)的質(zhì)量,即陷門(mén)基的尺寸和陷門(mén)基上高斯抽樣的標(biāo)準(zhǔn)偏差。Micciancio和Peikert兩位學(xué)者在2012年提出了一種基于格的陷門(mén)生成方案(簡(jiǎn)稱MP12陷門(mén)),該方案簡(jiǎn)潔而緊湊,生成陷門(mén)的速度快,且生成陷門(mén)的質(zhì)量達(dá)到了擬最優(yōu)的程度；同時(shí)他們也給出了該陷門(mén)上的高斯抽樣算法,該算法在保證安全性的同時(shí),很大程度上提高了執(zhí)行效率。但是在模數(shù)不為2的冪次時(shí),該算法執(zhí)行效率仍然不高,使得運(yùn)行時(shí)間長(zhǎng),占用空間大。針對(duì)這個(gè)問(wèn)題,本文基于MP12陷門(mén)提出了一個(gè)改進(jìn)的高斯抽樣算法,該算法主要利用非球形的基本高斯抽樣來(lái)對(duì)原始算法進(jìn)行改進(jìn),明顯地減少了模數(shù)不為2的冪次時(shí)的計(jì)算量。此外,當(dāng)陷門(mén)矩陣選取自典型分布時(shí),改進(jìn)的高斯抽樣的標(biāo)準(zhǔn)差幾乎總是略小于MP12陷門(mén)的標(biāo)準(zhǔn)差。與此同時(shí),基于格的密鑰交換協(xié)議在近些年也得到了很大的發(fā)展。盡管相關(guān)的研究還比較少,不夠深入,但還是有很多密碼學(xué)者對(duì)此進(jìn)行了研究。2012年,丁津泰等人提出了一個(gè)基于LWE問(wèn)題的可證明安全的密鑰交換協(xié)議,該協(xié)議簡(jiǎn)潔且效率高,卻不具備認(rèn)證功能,不能抵抗主動(dòng)攻擊。因此,本文提出了該協(xié)議的一種可認(rèn)證形式,利用廣義壓縮背包問(wèn)題的哈希函數(shù)對(duì)需要發(fā)送的消息進(jìn)行一次雜湊,從而達(dá)到認(rèn)證的效果。
[Abstract]:With the rapid development of digital information, mankind is about to enter the era of quantum information. The lattice-based public key cryptography is a typical representative of post-quantum cryptography (that is, to resist the attack of quantum computing). Lattice-based public key cryptography has the advantages of clear security proof (that is, good reduction property) and rich and colorful service functions. In recent years, various lattice-based cryptosystems have been obtained. To rapid development. However, The security and efficiency of latticed public key cryptography are also severely restricted by the quality of the lattice trap. In 2012, two scholars, Micciancio and Peikert, proposed a grid-based trapping door generation scheme (MP12 trapping door for short), which is simple and compact. At the same time, they also give the Gao Si sampling algorithm on the trapping door, which not only guarantees the security, but also improves the execution efficiency to a great extent. But when the modulus is not equal to the power of 2, The efficiency of the algorithm is still not high, which makes the operation time long and the space large. In order to solve this problem, an improved Gao Si sampling algorithm based on MP12 trapdoor is proposed in this paper. The algorithm mainly uses the non-spherical basic Gao Si sampling to improve the original algorithm, which obviously reduces the computational complexity when the modulus is not equal to 2. In addition, when the trapdoor matrix is selected from the typical distribution, The standard deviation of improved Gao Si sampling is almost always slightly smaller than that of MP12 trapping. At the same time, the lattice-based key exchange protocol has been greatly developed in recent years. In 2012, Ding Jintai and others put forward a provable secure key exchange protocol based on LWE problem. The protocol is simple and efficient, but it does not have authentication function. Therefore, an authenticated form of the protocol is proposed, in which the hash function of the generalized compressed knapsack problem is used to hash the messages to be sent, so as to achieve the authentication effect.
【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TN918.4

【相似文獻(xiàn)】

相關(guān)期刊論文 前7條

1 鄭寶東;半群上的一類陷門(mén)單向映射[J];電子學(xué)報(bào);1996年04期

2 張文政;基于陷門(mén)的密碼攻擊[J];通信保密;2000年04期

3 楊先偉;;分析RSA的攻擊與陷門(mén)[J];煙臺(tái)職業(yè)學(xué)院學(xué)報(bào);2007年03期

4 王晟;陳勤;張e，

本文編號(hào)：1524221