基于LWE可證明安全公鑰密碼體制的研究與應(yīng)用
發(fā)布時間:2018-07-15 16:01
【摘要】:基于格的公鑰密碼體制由于具有簡單高效的線性運(yùn)算、抗量子攻擊、結(jié)構(gòu)靈活多變的特性而被視為最具前景的后量子密碼之一。目前,LWE和SIS兩個難題假設(shè)是我們構(gòu)造格公鑰密碼的最實(shí)用的格難題?勺C明安全理論的提出和發(fā)展,解決了密碼算法或協(xié)議依靠猜想設(shè)計并反復(fù)修補(bǔ)漏洞的缺陷,將破解密碼算法或協(xié)議的難度規(guī)約到解決“極微本原”難題,從而可靠的保證方案安全性。本文通過對格公鑰密碼體制、LWE相關(guān)理論和可證明理論深入研究和分析,主要工作如下:首先,本文對格、LWE和可證明安全理論進(jìn)行闡述,給出了三者之間的關(guān)系和構(gòu)造密碼方案的必要性,主要描述了可證明安全模型的基本定義、模型和證明方法論,以及針對LWE的三種攻擊分析方法以便于設(shè)計方案時避免這種漏洞。其次,本文設(shè)計了兩種基于LWE困難問題的可證明安全公鑰加密方案。一是基于LWE的BGN類加密方案,本文結(jié)合原有的具有良好同態(tài)特性的BGN方案和針對二元矩陣加密的GHV方案的設(shè)計思路,將LWE嵌入到加密算法中,設(shè)計了一種針對p元矩陣加密的BGN類加密方案并證明其是CPA安全。二是基于LWE的多比特IBE方案,本文在研究單比特加密的ABB方案的基礎(chǔ)上,對加密方案進(jìn)行修改,提出一種多比特的加密方案,并證明在標(biāo)準(zhǔn)模型下是INDr-sID-CPA安全。再次,本文提出了一種改進(jìn)的NTRU類數(shù)字簽名方案并設(shè)計了兩種基于R-LWE困難問題的可證明安全公鑰密碼體制。一是改進(jìn)的新型NTRU數(shù)字簽名方案,在不降低新方案安全性的同時,在計算復(fù)雜度的程度上較NTRUSign和NSS方案有一定的提高;二是基于R-LWE的NTRU類的數(shù)字簽名方案,其是在改進(jìn)的NTRU類數(shù)字簽名方案基礎(chǔ)上,將R-LWE嵌入到簽名算法中,并證明新方案是EUF-ACMA安全的;三是基于R-LWE防篡改的加密方案,在LPR’2010方案的基礎(chǔ)上,結(jié)合中國剩余定理設(shè)計一種針對多比特字符串的加密方案,最后給出其IND-CCA安全性證明。最后,本文構(gòu)造了基于LWE的PIR協(xié)議和基于R-LWE的TPC協(xié)議。第一,利用基于LWE的BGN類CPA安全的公鑰密碼方案的Somewhat同態(tài)特性,用于構(gòu)造實(shí)用的PIR協(xié)議應(yīng)用場景;第二,利用基于R-LWE的公鑰密碼體制的高效安全性,用于構(gòu)造兩方保密比較協(xié)議應(yīng)用場景,并利用模擬范例證明新方案在半誠實(shí)模型下是安全保密的,且可以推廣到安全多方保密比較協(xié)議中去。
[Abstract]:Lattice-based public key cryptosystem is regarded as one of the most promising post-quantum cryptography because of its simple and efficient linear operation, anti-quantum attack and flexible structure. At present, the assumption of LWE and SIS is the most practical lattice problem in constructing latticed public key cryptography. With the development of provable security theory, the defect of cryptographic algorithm or protocol which depends on conjecture design and repeatedly mending the loophole is solved, and the difficulty of cracking cryptographic algorithm or protocol is reduced to solving the problem of "minimal primitive". Thus, the security of the scheme can be guaranteed reliably. The main work of this paper is as follows: firstly, this paper expounds the lattice LWE and provable security theory. The relationship among them and the necessity of constructing cryptographic scheme are given. The basic definition, model and proof methodology of provable security model are described. And three attack analysis methods for LWE to avoid this vulnerability when designing the scheme. Secondly, this paper designs two provable secure public key encryption schemes based on LWE problem. The first is the BGN encryption scheme based on LWE. Combining the original BGN scheme with good homomorphism and the GHV scheme for binary matrix encryption, LWE is embedded into the encryption algorithm. A BGN class encryption scheme for p-element matrix encryption is designed and proved to be CPA secure. The second is the multi-bit Ibe scheme based on LWE. Based on the study of ABB scheme of single bit encryption, this paper modifies the encryption scheme, proposes a multi-bit encryption scheme, and proves that INDr-sID-CPA is secure under the standard model. Thirdly, this paper proposes an improved NTRU class digital signature scheme and designs two provable secure public key cryptosystems based on R-LWE difficulties. One is the improved NTRU digital signature scheme, which does not reduce the security of the new scheme, and at the same time increases the computational complexity compared with the NTRUSign and NSS schemes; the other is the NTRU class digital signature scheme based on R-LWE. Based on the improved NTRU digital signature scheme, R-LWE is embedded into the signature algorithm, and the new scheme is proved to be EUF-ACMA secure. An encryption scheme for multi-bit strings is designed based on the Chinese residue theorem. Finally, the IND-CCA security proof is given. Finally, this paper constructs PIR protocol based on LWE and TPC protocol based on R-LWE. Firstly, we use the homomorphism of BGN class CPA secure public key cryptosystem based on LWE to construct a practical application scenario of PIR protocol; secondly, we use R-LWE based public key cryptosystem to improve the security of PIR protocol. It is used to construct the application scenario of two-party security comparison protocol, and a simulation example is used to prove that the new scheme is secure in the semi-honest model and can be extended to secure multi-party security comparison protocol.
【學(xué)位授予單位】:西安電子科技大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TN918.4
[Abstract]:Lattice-based public key cryptosystem is regarded as one of the most promising post-quantum cryptography because of its simple and efficient linear operation, anti-quantum attack and flexible structure. At present, the assumption of LWE and SIS is the most practical lattice problem in constructing latticed public key cryptography. With the development of provable security theory, the defect of cryptographic algorithm or protocol which depends on conjecture design and repeatedly mending the loophole is solved, and the difficulty of cracking cryptographic algorithm or protocol is reduced to solving the problem of "minimal primitive". Thus, the security of the scheme can be guaranteed reliably. The main work of this paper is as follows: firstly, this paper expounds the lattice LWE and provable security theory. The relationship among them and the necessity of constructing cryptographic scheme are given. The basic definition, model and proof methodology of provable security model are described. And three attack analysis methods for LWE to avoid this vulnerability when designing the scheme. Secondly, this paper designs two provable secure public key encryption schemes based on LWE problem. The first is the BGN encryption scheme based on LWE. Combining the original BGN scheme with good homomorphism and the GHV scheme for binary matrix encryption, LWE is embedded into the encryption algorithm. A BGN class encryption scheme for p-element matrix encryption is designed and proved to be CPA secure. The second is the multi-bit Ibe scheme based on LWE. Based on the study of ABB scheme of single bit encryption, this paper modifies the encryption scheme, proposes a multi-bit encryption scheme, and proves that INDr-sID-CPA is secure under the standard model. Thirdly, this paper proposes an improved NTRU class digital signature scheme and designs two provable secure public key cryptosystems based on R-LWE difficulties. One is the improved NTRU digital signature scheme, which does not reduce the security of the new scheme, and at the same time increases the computational complexity compared with the NTRUSign and NSS schemes; the other is the NTRU class digital signature scheme based on R-LWE. Based on the improved NTRU digital signature scheme, R-LWE is embedded into the signature algorithm, and the new scheme is proved to be EUF-ACMA secure. An encryption scheme for multi-bit strings is designed based on the Chinese residue theorem. Finally, the IND-CCA security proof is given. Finally, this paper constructs PIR protocol based on LWE and TPC protocol based on R-LWE. Firstly, we use the homomorphism of BGN class CPA secure public key cryptosystem based on LWE to construct a practical application scenario of PIR protocol; secondly, we use R-LWE based public key cryptosystem to improve the security of PIR protocol. It is used to construct the application scenario of two-party security comparison protocol, and a simulation example is used to prove that the new scheme is secure in the semi-honest model and can be extended to secure multi-party security comparison protocol.
【學(xué)位授予單位】:西安電子科技大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TN918.4
【參考文獻(xiàn)】
相關(guān)期刊論文 前1條
1 張如豐;馬春波;敖s,
本文編號:2124617
本文鏈接:http://sikaile.net/kejilunwen/wltx/2124617.html
最近更新
教材專著
