信息网络安全 ›› 2015, Vol. 15 ›› Issue (7): 41-50.doi: 10.3969/j.issn.1671-1122.2015.07.007

• • 上一篇    下一篇

基于Binary LWE的全同态加密方案研究

王志刚1(), 马春光2, 史晓倩1   

  1. 1. 哈尔滨工程大学计算机科学与技术学院,黑龙江哈尔滨 150001
    2. 哈尔滨工程大学国家保密学院,黑龙江哈尔滨 150001
  • 收稿日期:2015-06-08 出版日期:2015-07-01 发布日期:2015-07-28
  • 作者简介:

    作者简介: 王志刚(1992-),男,新疆,硕士研究生,主要研究方向:信息与网络安全、机器学习;马春光(1974-),男,黑龙江,教授,博士,主要研究方向:密码学、信息安全、传感网与物联网、网络编码;史晓倩(1990-),女,黑龙江,硕士研究生,主要研究方向:信息与网络安全、密码学。

  • 基金资助:
    黑龙江省自然科学基金[F201229]

Research on Full Homomorphic Encryption Scheme Based on Binary LWE

WANG Zhi-gang1(), MA Chun-guang2, SHI Xiao-qian1   

  1. 1. College of Computer Science and Technology, Harbin Engineering University, Harbin Heilongjiang 150001, China
    2. College of National Secrecy, Harbin Engineering University, Harbin Heilongjiang 150001, China
  • Received:2015-06-08 Online:2015-07-01 Published:2015-07-28

摘要:

文章主要构造了一个基于Binary LWE的全同态加密方案,它是一种具有较短密钥尺寸和较小密文规模的全同态加密方案。全同态加密方案的密钥尺寸和密文规模过大、效率过低是阻碍全同态加密应用于实际的主要问题。文章对基础加密方案的关键技术进行了改进,之前的方案都是均匀随机选取一些集合加到LWE的一些随机选取的样本上,而文章所提出的方案则是将一些高斯错误加到从高斯分布中选取的一些LWE的样本上,这样就使得LWE的样本数从2nlogq降低到n+1,方案的私钥直接从{0,1}n集合中选取,不再使用二进制分解算法,并利用密钥转换技术,使得方案中的密文在经过张量乘法运算后的密文规模不会迅速膨胀,密钥尺寸较小。最后将方案安全性规约到搜索Binary LWE困难问题假设上,并给出安全性证明。

关键词: 全同态加密, Binary LWE, 密钥尺寸, 密文规模

Abstract:

The paper constructs a fully homomorphic encryption method based on Binary LWE with a shorter secret key and smaller cipher text. The main obstacle when doing implementation of the fully homomorphic encryption method is that the size of secret key and the scale of the cipher text are too big and that its efficiency is too low. This article improved the key technology of the basic encrypting method. In the previous methods, some collections chosen uniformly and randomly are added to LWE’s random samples. However, the method this article proposes will add some Gausian Error to the LWE samples chosen from Gausian Distribution. This will decrease the sample size of LWE from 2nlogq to n+1. And the private key of this method will be chosen directly from the set {0,1}n instead of the Binary decomposition algorithm. This method will adopt the key conversion technology to avoid the rapid expansion of the scale of the cipher text after tensor multiplication, and meanwhile get a smaller size of secret key. In the end, the article will attribute the security of the method to the assumptions of difficult problems when searching Binary LWE and then give a security proof.

Key words: fully homomorphic encryption, Binary LWE, size of secret keys, scale of cipher text

中图分类号: