基于密钥封装机制的RLWE型认证密钥交换协议

doi:10.3969/j.issn.1671-1122.2021.06.010

信息网络安全 ›› 2021, Vol. 21 ›› Issue (6): 80-88.doi: 10.3969/j.issn.1671-1122.2021.06.010

基于密钥封装机制的RLWE型认证密钥交换协议

王超¹^,², 韩益亮¹^,²(), 段晓巍¹^,², 李鱼¹^,²

1. 武警工程大学密码工程学院,西安 710086
2. 武警部队密码与信息安全保密重点实验室,西安 710086

收稿日期:2020-12-01 出版日期:2021-06-10 发布日期:2021-07-01
通讯作者: 韩益亮 E-mail:hanyil@163.com
作者简介:王超（1997—）,男,山东,硕士研究生,主要研究方向为抗量子密码|韩益亮（1977—）,男,甘肃,教授,博士,主要研究方向为信息安全、抗量子密码|段晓巍（1997—）,男,山东,硕士研究生,主要研究方向为抗量子密码|李鱼（1995—）,男,重庆,博士研究生,主要研究方向为抗量子密码
基金资助:
国家自然科学基金(61572521);陕西省自然科学基础研究计划(2021-JM252);武警工程大学科研创新团队科学基金(KYTD201805)

RLWE-type Authentication Key Exchange Protocol Based on Key Encapsulation Mechanism

WANG Chao¹^,², HAN Yiliang¹^,²(), DUAN Xiaowei¹^,², LI Yu¹^,²

1. College of Cryptographic Engineering, Engineering University of PAP, Xi’an 710086, China;
2. Key Laboratory of PAP for Cryptology and Information Security, Xi’an 710086, China;

Received:2020-12-01 Online:2021-06-10 Published:2021-07-01
Contact: HAN Yiliang E-mail:hanyil@163.com

摘要/Abstract

摘要：

当前,基于格理论构造密钥交换协议已成为密钥交换领域的研究前沿,设计安全性更强、密钥和密文规模以及通信开销更小的高效密钥交换协议,是格基密钥交换领域的重难点问题。文章基于紧凑型RLWE公钥加密方案与NewHope-Simple中的密文压缩和NTT转换技术,结合FO转换机制,提出一种主动安全的KEM方案,采用隐性认证和身份标识认证的方式,构造出一种在标准eCK模型下可证明安全的认证密钥交换协议。与NewHope-Simple协议相比,协议安全性由被动安全提升为主动安全;与现有的基于密钥封装机制的密钥交换协议相比,该协议中的密钥封装机制有效降低了密文尺寸和通信开销。通过分析可得,文章所提协议是一个紧凑高效、主动安全的基于密钥封装机制的抗量子认证密钥交换协议。

关键词: RLWE, FO转换, 加密机制, 认证密钥交换, 标准eCK模型

Abstract:

At present, constructing key exchange protocol based on lattice theory has become the research frontier in the field of key exchange. Designing efficient key exchange protocol with stronger security, smaller size of key and ciphertext and communication overhead is an important and difficult problem in the field of lattice key exchange.Based on the compact RLWE public key encryption scheme and the ciphertext compression and NTT conversion technology in NewHope-Simple, and combined with FO conversion mechanism, an active secure KEM scheme is proposed. Using the implicit authentication and identity authentication methods, an authenticated key exchange protocol which can prove secure under the standard eCK model is constructed. In terms of protocol security, the proposed protocol improves from passive security to active security compared with NewHope-Simple protocol. In terms of ciphertext size and communication overhead, compared with the existing key exchange protocols based on key encapsulation mechanism, the key encapsulation mechanism in this protocol effectively reduces the ciphertext size and communication overhead through analysis, which is a compact, efficient and active secure anti-quantum authentication key exchange protocol based on key encapsulation mechanism.

Key words: RLWE, FO conversion, encryption mechanism, authentication key exchange, standard eCK model

中图分类号:

TP309

王超, 韩益亮, 段晓巍, 李鱼. 基于密钥封装机制的RLWE型认证密钥交换协议[J]. 信息网络安全, 2021, 21(6): 80-88.

WANG Chao, HAN Yiliang, DUAN Xiaowei, LI Yu. RLWE-type Authentication Key Exchange Protocol Based on Key Encapsulation Mechanism[J]. Netinfo Security, 2021, 21(6): 80-88.

图/表 4

图1

表1

表2

表3

参考文献 21

[1]	SHOR P. Polynomial-time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer[J]. Siam Review, 1999,41(2):303-332. doi: 10.1137/S0036144598347011 URL
[2]	AJTAI M, DWORK C. A Public-key Cryptosystem with Worst-case/Average-case Equivalence[C]// ACM. 29rd Annual ACM Symposium on the Theory of Computing, May 4-6, 1997, El Paso, Texas, USA. New York: ACM, 1997: 284-293.
[3]	CHEN L, JORDAN S, LIU YK, et al. Report on Post-quantum Cryptography[R]. USA: National Institute of Standards and Technology, NISTIR 8105, 2016.
[4]	PEIKERT C. A Decade of Lattice Cryptography[J]. Foundations & Trends in Theoretical Computer Science, 2016,10(4):283-424.
[5]	HAN Yiliang, WANG Zhong. Anti-quantum Cryptography Scheme Based on Multivariate and LRPC Codes[J]. Netinfo Security, 2019,19(8):36-43.
	韩益亮, 王众. 基于多变量和LRPC码的抗量子密码方案研究[J]. 信息网络安全, 2019,19(8):36-43.
[6]	REGEV O. On Lattices, Learning with Errors, Random Linear Codes, and Cryptography[C]// ACM. 37rd Annual ACM Symposium on the Theory of Computing, May 22-24, 2005, Baltimore, MD, USA. New York: ACM, 2005: 84-93.
[7]	ALKIM E, BARRETO P S L M, BINDEL N, et al. The Lattice-based Digital Signature SchemeqTESLA[C]// Springer. 18rd International Conference on Applied Cryptography and Network Security, October 19-22, 2020, Rome, Italy. Cham: Springer, 2020: 441-460.
[8]	GAO Xinwei, DING Jintai, SARASWATHY R V, et al. Comparison Analysis and Efficient Implementation of Reconciliation-based RLWE Key Exchange Protocol[J]. International Journal of High Performance Computing and Networking, 2019,13(2):141-152. doi: 10.1504/IJHPCN.2019.097505 URL
[9]	CHEN Hao, DAI Wei, KIM M, et al. Efficient Multi-key Homomorphic Encryption with Packed Ciphertexts with Application to Oblivious Neural Network Inference[C]// ACM. 26rd ACM SIGSAC Conference on Computer and Communications Security, November 11-15, 2019, London, UK. New York: ACM, 2019: 395-412.
[10]	LYUBASHEVSKY V, PEIKERT C, REGEV O. On Ideal Lattices and Learning with Errors over Rings[C]// Springer. 29rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 30-June 3, 2010, Riviera, French. Berlin: Springer, 2010: 1-23.
[11]	BOS J W, DUCAS L, KILTZ E, et al. CRYSTALS-kyber: A CCA-secure Module-lattice-based KEM[C]//IEEE. 3rd IEEE European Symposium on Security and Privacy, April 24-26, 2018, London, UK. Piscataway, NJ: IEEE Press, 2018: 353-367.
[12]	LANGLOIS A, DAMIEN STEHLÉ. Worst-case to Average-case Reductions for Module Lattices[J]. Designs, Codes and Cryptography, 2015,75(3):565-599. doi: 10.1007/s10623-014-9938-4 URL
[13]	DING Jintai, XIE Xiang, LIN Xiaodong. A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem[J]. IACR Cryptology ePrint Archive, 2012,2012(1):688-703.
[14]	PEIKERT C. Lattice Cryptography for the Internet [C]//Springer. 6rd International Workshop, Post-quantum Cryptography, October 1-3, 2014, Waterloo, ON, Canada. Berlin: Springer, 2014: 197-219.
[15]	BOS J W, COSTELLO C, NAEHRIG M, et al. Post-quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem [C]//IEEE. 2015 IEEE Symposium on Security and Privacy, May 17-21, 2015, San Jose, CA, USA. Piscataway: IEEE, 2015: 553-570.
[16]	ALKIM E, DUCAS L, POPPELMANN T, et al. Post-quantum Key Exchange: A New Hope [C]//USENIX. 25rd USENIX Security Symposium, August 10-12, 2016, Austin, TX. Berkeley: USENIX, 2016: 327-343.
[17]	ALKIM E, DUCAS L, POPPELMANN T, et al. NewHope without Reconciliation[J]. IACR Cryptology ePrint Archive, 2016,2016(1):1157-1166.
[18]	LI Zichen, XIE Ting, ZHANG Juanmei, et al. Post Quantum Authenticated Key Exchange Protocol Based on Ring Learning with Errors Problem[J]. Journal of Computer Research and Development, 2019,56(12):2694-2701.
	李子臣, 谢婷, 张卷美, 等. 基于RLWE的后量子认证密钥交换协议[J]. 计算机研究与发展, 2019,56(12):2694-2701.
[19]	YANG Yatao, HAN Xinguang, HUANG Jierun, et al. Bidirectional Authentication Key Agreement Protocol Supporting Identity’s Privacy Preservation Based on RLWE[J]. Journal on Communications, 2019,40(11):180-186.
	杨亚涛, 韩新光, 黄洁润, 等. 基于RLWE支持身份隐私保护的双向认证密钥协商协议[J]. 通信学报, 2019,40(11):180-186.
[20]	HÖVELMANNS K, KILTZ E, SCHÄGE S, et al. Generic Authenticated Key Exchange in the Quantum Random Oracle Model[C]// Springer. 23rd IACR International Conference on Public-key Cryptography, May 4-7, 2020, Edinburah, UK. Berlin: Springer, 2020: 389-422.
[21]	DENNIS H, KATHRIN H, EIKE K. A Modular Analysis of the Fujisaki-okamoto Transformation[C]// Springer. 15rd Theory of Cryptography Conference, November 12-15, 2017, Baltimore, USA. Berlin: Springer, 2017: 341-371.

协议	$n$	$q$	困难问题	安全性	安全模型
CRYSTALS-Kyber	256	7681	MLWE	主动安全	CK
文献[18]协议	1024	12289	RLWE	主动安全	eCK
NewHope-Simple	1024	12289	RLWE	被动安全	RO
本文协议	1024	12289	RLWE	主动安全	eCK

方案	封装密钥/B	解装密钥/B	密文量/B	通信量/B
NewHope-Simple	1824	1792	2176	4000
文献[18]方案	1451	3200	1579	3030
本文方案	1824	3776	896	2720

方案	维度$n$	${{d}_{u}}$	${{d}_{v}}$	密文量/B
CRYSTALS-Kyber	256	11	3	1184
本文方案	256	11	3	480

基于密钥封装机制的RLWE型认证密钥交换协议

RLWE-type Authentication Key Exchange Protocol Based on Key Encapsulation Mechanism

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 21

相关文章 4

编辑推荐

Metrics

本文评价

[1]	李鱼, 韩益亮, 李喆, 朱率率. 基于LWE的抗量子认证密钥交换协议[J]. 信息网络安全, 2020, 20(10): 92-99.
[2]	王景中;凌晨. 基于节点认证的物联网感知层信息安全传输机制的研究[J]. , 2014, 14(2): 0-0.
[3]	. 基于节点认证的物联网感知层信息安全传输机制的研究[J]. , 2014, 14(2): 53-.
[4]	王燕;陈燕俐;曹晓梅;杨庚. 无线网络中一种新型密钥管理[J]. , 2009, 9(11): 0-0.