信息网络安全 ›› 2021, Vol. 21 ›› Issue (6): 80-88.doi: 10.3969/j.issn.1671-1122.2021.06.010

• 技术研究 • 上一篇    下一篇

基于密钥封装机制的RLWE型认证密钥交换协议

王超1,2, 韩益亮1,2(), 段晓巍1,2, 李鱼1,2   

  1. 1. 武警工程大学密码工程学院,西安 710086
    2. 武警部队密码与信息安全保密重点实验室,西安 710086
  • 收稿日期:2020-12-01 出版日期:2021-06-10 发布日期:2021-07-01
  • 通讯作者: 韩益亮 E-mail:hanyil@163.com
  • 作者简介:王超(1997—),男,山东,硕士研究生,主要研究方向为抗量子密码|韩益亮(1977—),男,甘肃,教授,博士,主要研究方向为信息安全、抗量子密码|段晓巍(1997—),男,山东,硕士研究生,主要研究方向为抗量子密码|李鱼(1995—),男,重庆,博士研究生,主要研究方向为抗量子密码
  • 基金资助:
    国家自然科学基金(61572521);陕西省自然科学基础研究计划(2021-JM252);武警工程大学科研创新团队科学基金(KYTD201805)

RLWE-type Authentication Key Exchange Protocol Based on Key Encapsulation Mechanism

WANG Chao1,2, HAN Yiliang1,2(), DUAN Xiaowei1,2, LI Yu1,2   

  1. 1. College of Cryptographic Engineering, Engineering University of PAP, Xi’an 710086, China;
    2. Key Laboratory of PAP for Cryptology and Information Security, Xi’an 710086, China;
  • Received:2020-12-01 Online:2021-06-10 Published:2021-07-01
  • Contact: HAN Yiliang E-mail:hanyil@163.com

摘要:

当前,基于格理论构造密钥交换协议已成为密钥交换领域的研究前沿,设计安全性更强、密钥和密文规模以及通信开销更小的高效密钥交换协议,是格基密钥交换领域的重难点问题。文章基于紧凑型RLWE公钥加密方案与NewHope-Simple中的密文压缩和NTT转换技术,结合FO转换机制,提出一种主动安全的KEM方案,采用隐性认证和身份标识认证的方式,构造出一种在标准eCK模型下可证明安全的认证密钥交换协议。与NewHope-Simple协议相比,协议安全性由被动安全提升为主动安全;与现有的基于密钥封装机制的密钥交换协议相比,该协议中的密钥封装机制有效降低了密文尺寸和通信开销。通过分析可得,文章所提协议是一个紧凑高效、主动安全的基于密钥封装机制的抗量子认证密钥交换协议。

关键词: RLWE, FO转换, 加密机制, 认证密钥交换, 标准eCK模型

Abstract:

At present, constructing key exchange protocol based on lattice theory has become the research frontier in the field of key exchange. Designing efficient key exchange protocol with stronger security, smaller size of key and ciphertext and communication overhead is an important and difficult problem in the field of lattice key exchange.Based on the compact RLWE public key encryption scheme and the ciphertext compression and NTT conversion technology in NewHope-Simple, and combined with FO conversion mechanism, an active secure KEM scheme is proposed. Using the implicit authentication and identity authentication methods, an authenticated key exchange protocol which can prove secure under the standard eCK model is constructed. In terms of protocol security, the proposed protocol improves from passive security to active security compared with NewHope-Simple protocol. In terms of ciphertext size and communication overhead, compared with the existing key exchange protocols based on key encapsulation mechanism, the key encapsulation mechanism in this protocol effectively reduces the ciphertext size and communication overhead through analysis, which is a compact, efficient and active secure anti-quantum authentication key exchange protocol based on key encapsulation mechanism.

Key words: RLWE, FO conversion, encryption mechanism, authentication key exchange, standard eCK model

中图分类号: