基于同源的抗量子群密鑰交換協(xié)議
信息技術(shù)與網(wǎng)絡(luò)安全 5期
樊雪君1,王 龍1,徐 秀2,宋寧寧1,范 晶1,王 怡1
(1.華北計(jì)算機(jī)系統(tǒng)工程研究所,北京100083;2.中國(guó)信息通信研究院,北京100191)
摘要: 面對(duì)越來(lái)越多的基于群成員協(xié)同操作的需求,群密鑰交換協(xié)議在近期的研究中受到了廣泛的關(guān)注。基于同源的密碼協(xié)議是抗量子密碼中的重要組成部分,因此文章主要關(guān)注基于同源的群密鑰交換協(xié)議。針對(duì)超奇異同源的困難問(wèn)題,提出了兩個(gè)2輪的基于超奇異同源的群密鑰交換協(xié)議,均是針對(duì)Burmester-Desmedt(BD)協(xié)議的優(yōu)化。此外,為了證明協(xié)議的安全性,分別針對(duì)兩個(gè)優(yōu)化版本的群密鑰交換協(xié)議給出了安全性證明。通過(guò)與現(xiàn)有的協(xié)議進(jìn)行比較,可發(fā)現(xiàn)所提出的兩個(gè)協(xié)議在通信量和計(jì)算復(fù)雜度上都有所降低。
中圖分類號(hào): TP309.7
文獻(xiàn)標(biāo)識(shí)碼: A
DOI: 10.19358/j.issn.2096-5133.2022.05.001
引用格式: 樊雪君,王龍,徐秀,等. 基于同源的抗量子群密鑰交換協(xié)議[J].信息技術(shù)與網(wǎng)絡(luò)安全,2022,41(5):1-8.
文獻(xiàn)標(biāo)識(shí)碼: A
DOI: 10.19358/j.issn.2096-5133.2022.05.001
引用格式: 樊雪君,王龍,徐秀,等. 基于同源的抗量子群密鑰交換協(xié)議[J].信息技術(shù)與網(wǎng)絡(luò)安全,2022,41(5):1-8.
Group key exchange protocols from supersingular isogenies
Fan Xuejun1,Wang Long1,Xu Xiu2,Song Ningning1,F(xiàn)an Jing1,Wang Yi1
(1.National Computer System Engineering Research Institute of China,Beijing 100083,China; 2.China Academy of Information and Communication Technology,Beijing 100191,China)
Abstract: Group key exchange(GKE) protocols get much attention in current research with increasing applicability in numerous group-oriented and collaborative applications. Isogeny-based cryptosystem is one of the significant components of post-quantum cryptography, so this paper mainly considers the group key exchange protocol based on isogeny. In this paper, we propose two schemes on supersingular isogenies. They all have two rounds. They are optimizations of Burmester-
Desmedt(BD) protocol without authentication. We give formal proofs for their security. We also give a comparison of our methods and these existing GKE protocols. Compared with the existing protocols,the results show that our methods are more efficient in the view of communication and computation time.
Key words : post quantum;supersingular isogeny;SIDH;key exchange protocol
0 引言
基于同源的密碼協(xié)議是抗量子密碼中的重要組成部分,它依賴于計(jì)算給定橢圓曲線之間同源的困難性,該困難問(wèn)題在量子算法攻擊下的時(shí)間復(fù)雜度是(亞)指數(shù)級(jí)別的。目前基于同源的密鑰交換協(xié)議有三類:OIDH(基于常曲線同源的密鑰交換協(xié)議)、SIDH(基于超奇異同源的密鑰交換協(xié)議)和CSIDH(基于可交換的超奇異同源的密鑰交換協(xié)議)。相比于其他抗量子密碼協(xié)議,基于同源的密碼體制的優(yōu)勢(shì)是密鑰長(zhǎng)度短,劣勢(shì)是協(xié)議效率低。本文主要考慮了基于同源的群密鑰交換協(xié)議,從調(diào)整協(xié)議的模型的角度來(lái)討論基于同源的密鑰交換協(xié)議的加速。
本文詳細(xì)內(nèi)容請(qǐng)下載:http://m.jysgc.com/resource/share/2000004240
作者信息:
樊雪君1,王 龍1,徐 秀2,宋寧寧1,范 晶1,王 怡1
(1.華北計(jì)算機(jī)系統(tǒng)工程研究所,北京100083;2.中國(guó)信息通信研究院,北京100191)
此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。