RAKA:一种新的基于Ring-LWE的认证密钥协商协议

发布时间：2018-06-30 04:31

本文选题：格理论 + 认证密钥协商　；参考：《计算机研究与发展》2017年10期

【摘要】：后量子时代,基于格理论的公钥密码被认为是最有前途的抵抗量子计算机攻击的公钥密码体制.然而,相对于格上公钥加密体制和数字签名方案的快速发展,基于格上困难问题的密钥协商协议成果却较少.因此,现阶段如何构建格上安全的密钥协商协议是密码学领域具有挑战性的问题之一.针对上述问题,基于环上带错误学习问题困难假设,采用调和技术构造了一种新的认证密钥协商协议RAKA(authenticated key agreement protocol based on reconciliation technique),该方案采用格上陷门函数技术提供了单向认证功能,并且在Ring-LWE假设下证明是安全的.与现有的基于LWE的密钥协商协议相比,该方案的共享会话密钥减小为2nlog q,效率更高;同时,由于该方案的安全性是基于格上困难问题,因此可以抵抗量子攻击.
[Abstract]:In the post-quantum era, lattice-based public key cryptography is considered to be the most promising public key cryptosystem against the attack of quantum computers. However, compared with the rapid development of public-key cryptosystem and digital signature scheme on lattice, the key agreement protocol based on the problem of lattice is less successful. Therefore, how to construct secure key agreement protocol is one of the challenging problems in cryptography. In order to solve the above problems, a new authentication key agreement protocol RAKA (authenticated key agreement protocol based on reconciliation technique), is constructed based on the assumption of difficulty in learning problems with errors on the ring. The scheme provides unidirectional authentication function by using the trapping gate function technology. And it is proved to be safe under the Ring-LWE hypothesis. Compared with the existing LWE-based key agreement protocol, the shared session key of the scheme is reduced to 2nlog Q, which is more efficient. At the same time, because the security of the scheme is based on lattice difficulties, it can resist quantum attack.
【作者单位】：北京电子科技学院通信工程系;西安电子科技大学通信工程学院;北京印刷学院教务处;
【基金】：国家自然科学基金项目(61370188) “十三五”国家密码发展基金项目(MMJJ20170110) 中央高校基本科研业务费专项资金项目(328201523)~~
【分类号】：TP309

【相似文献】