基于LWE可证明安全公钥密码体制的研究与应用
发布时间:2018-07-15 16:01
【摘要】:基于格的公钥密码体制由于具有简单高效的线性运算、抗量子攻击、结构灵活多变的特性而被视为最具前景的后量子密码之一。目前,LWE和SIS两个难题假设是我们构造格公钥密码的最实用的格难题。可证明安全理论的提出和发展,解决了密码算法或协议依靠猜想设计并反复修补漏洞的缺陷,将破解密码算法或协议的难度规约到解决“极微本原”难题,从而可靠的保证方案安全性。本文通过对格公钥密码体制、LWE相关理论和可证明理论深入研究和分析,主要工作如下:首先,本文对格、LWE和可证明安全理论进行阐述,给出了三者之间的关系和构造密码方案的必要性,主要描述了可证明安全模型的基本定义、模型和证明方法论,以及针对LWE的三种攻击分析方法以便于设计方案时避免这种漏洞。其次,本文设计了两种基于LWE困难问题的可证明安全公钥加密方案。一是基于LWE的BGN类加密方案,本文结合原有的具有良好同态特性的BGN方案和针对二元矩阵加密的GHV方案的设计思路,将LWE嵌入到加密算法中,设计了一种针对p元矩阵加密的BGN类加密方案并证明其是CPA安全。二是基于LWE的多比特IBE方案,本文在研究单比特加密的ABB方案的基础上,对加密方案进行修改,提出一种多比特的加密方案,并证明在标准模型下是INDr-sID-CPA安全。再次,本文提出了一种改进的NTRU类数字签名方案并设计了两种基于R-LWE困难问题的可证明安全公钥密码体制。一是改进的新型NTRU数字签名方案,在不降低新方案安全性的同时,在计算复杂度的程度上较NTRUSign和NSS方案有一定的提高;二是基于R-LWE的NTRU类的数字签名方案,其是在改进的NTRU类数字签名方案基础上,将R-LWE嵌入到签名算法中,并证明新方案是EUF-ACMA安全的;三是基于R-LWE防篡改的加密方案,在LPR’2010方案的基础上,结合中国剩余定理设计一种针对多比特字符串的加密方案,最后给出其IND-CCA安全性证明。最后,本文构造了基于LWE的PIR协议和基于R-LWE的TPC协议。第一,利用基于LWE的BGN类CPA安全的公钥密码方案的Somewhat同态特性,用于构造实用的PIR协议应用场景;第二,利用基于R-LWE的公钥密码体制的高效安全性,用于构造两方保密比较协议应用场景,并利用模拟范例证明新方案在半诚实模型下是安全保密的,且可以推广到安全多方保密比较协议中去。
[Abstract]:Lattice-based public key cryptosystem is regarded as one of the most promising post-quantum cryptography because of its simple and efficient linear operation, anti-quantum attack and flexible structure. At present, the assumption of LWE and SIS is the most practical lattice problem in constructing latticed public key cryptography. With the development of provable security theory, the defect of cryptographic algorithm or protocol which depends on conjecture design and repeatedly mending the loophole is solved, and the difficulty of cracking cryptographic algorithm or protocol is reduced to solving the problem of "minimal primitive". Thus, the security of the scheme can be guaranteed reliably. The main work of this paper is as follows: firstly, this paper expounds the lattice LWE and provable security theory. The relationship among them and the necessity of constructing cryptographic scheme are given. The basic definition, model and proof methodology of provable security model are described. And three attack analysis methods for LWE to avoid this vulnerability when designing the scheme. Secondly, this paper designs two provable secure public key encryption schemes based on LWE problem. The first is the BGN encryption scheme based on LWE. Combining the original BGN scheme with good homomorphism and the GHV scheme for binary matrix encryption, LWE is embedded into the encryption algorithm. A BGN class encryption scheme for p-element matrix encryption is designed and proved to be CPA secure. The second is the multi-bit Ibe scheme based on LWE. Based on the study of ABB scheme of single bit encryption, this paper modifies the encryption scheme, proposes a multi-bit encryption scheme, and proves that INDr-sID-CPA is secure under the standard model. Thirdly, this paper proposes an improved NTRU class digital signature scheme and designs two provable secure public key cryptosystems based on R-LWE difficulties. One is the improved NTRU digital signature scheme, which does not reduce the security of the new scheme, and at the same time increases the computational complexity compared with the NTRUSign and NSS schemes; the other is the NTRU class digital signature scheme based on R-LWE. Based on the improved NTRU digital signature scheme, R-LWE is embedded into the signature algorithm, and the new scheme is proved to be EUF-ACMA secure. An encryption scheme for multi-bit strings is designed based on the Chinese residue theorem. Finally, the IND-CCA security proof is given. Finally, this paper constructs PIR protocol based on LWE and TPC protocol based on R-LWE. Firstly, we use the homomorphism of BGN class CPA secure public key cryptosystem based on LWE to construct a practical application scenario of PIR protocol; secondly, we use R-LWE based public key cryptosystem to improve the security of PIR protocol. It is used to construct the application scenario of two-party security comparison protocol, and a simulation example is used to prove that the new scheme is secure in the semi-honest model and can be extended to secure multi-party security comparison protocol.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TN918.4
[Abstract]:Lattice-based public key cryptosystem is regarded as one of the most promising post-quantum cryptography because of its simple and efficient linear operation, anti-quantum attack and flexible structure. At present, the assumption of LWE and SIS is the most practical lattice problem in constructing latticed public key cryptography. With the development of provable security theory, the defect of cryptographic algorithm or protocol which depends on conjecture design and repeatedly mending the loophole is solved, and the difficulty of cracking cryptographic algorithm or protocol is reduced to solving the problem of "minimal primitive". Thus, the security of the scheme can be guaranteed reliably. The main work of this paper is as follows: firstly, this paper expounds the lattice LWE and provable security theory. The relationship among them and the necessity of constructing cryptographic scheme are given. The basic definition, model and proof methodology of provable security model are described. And three attack analysis methods for LWE to avoid this vulnerability when designing the scheme. Secondly, this paper designs two provable secure public key encryption schemes based on LWE problem. The first is the BGN encryption scheme based on LWE. Combining the original BGN scheme with good homomorphism and the GHV scheme for binary matrix encryption, LWE is embedded into the encryption algorithm. A BGN class encryption scheme for p-element matrix encryption is designed and proved to be CPA secure. The second is the multi-bit Ibe scheme based on LWE. Based on the study of ABB scheme of single bit encryption, this paper modifies the encryption scheme, proposes a multi-bit encryption scheme, and proves that INDr-sID-CPA is secure under the standard model. Thirdly, this paper proposes an improved NTRU class digital signature scheme and designs two provable secure public key cryptosystems based on R-LWE difficulties. One is the improved NTRU digital signature scheme, which does not reduce the security of the new scheme, and at the same time increases the computational complexity compared with the NTRUSign and NSS schemes; the other is the NTRU class digital signature scheme based on R-LWE. Based on the improved NTRU digital signature scheme, R-LWE is embedded into the signature algorithm, and the new scheme is proved to be EUF-ACMA secure. An encryption scheme for multi-bit strings is designed based on the Chinese residue theorem. Finally, the IND-CCA security proof is given. Finally, this paper constructs PIR protocol based on LWE and TPC protocol based on R-LWE. Firstly, we use the homomorphism of BGN class CPA secure public key cryptosystem based on LWE to construct a practical application scenario of PIR protocol; secondly, we use R-LWE based public key cryptosystem to improve the security of PIR protocol. It is used to construct the application scenario of two-party security comparison protocol, and a simulation example is used to prove that the new scheme is secure in the semi-honest model and can be extended to secure multi-party security comparison protocol.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TN918.4
【参考文献】
相关期刊论文 前1条
1 张如丰;马春波;敖s,
本文编号:2124617
本文链接:https://www.wllwen.com/kejilunwen/wltx/2124617.html
