ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (10): 2187-2192.doi: 10.7544/issn1000-1239.2017.20170477

• 信息安全 • 上一篇    下一篇

RAKA:一种新的基于Ring-LWE的认证密钥协商协议

杨亚涛1,3,张亚泽1,3,李子臣2,张峰娟1,3,刘博雅1   

  1. 1(北京电子科技学院通信工程系 北京 100070); 2(北京印刷学院教务处 北京 102600); 3(西安电子科技大学通信工程学院 西安 710071) (yy2008@163.com)
  • 出版日期: 2017-10-01
  • 基金资助: 
    国家自然科学基金项目(61370188);“十三五”国家密码发展基金项目(MMJJ20170110);中央高校基本科研业务费专项资金项目(328201523)

RAKA: New Authenticated Key Agreement Protocol Based on Ring-LWE

Yang Yatao1,3, Zhang Yaze1,3, Li Zichen2, Zhang Fengjuan1,3, Liu Boya1   

  1. 1(Department of Communication Engineering, Beijing Electronic Science & Technology Institute, Beijing 100070); 2(Office of Educational Administration, Beijing Institute of Graphic Communication, Beijing 102600); 3(School of Communication Engineering, Xidian University, Xi’an 710071)
  • Online: 2017-10-01

摘要: 后量子时代,基于格理论的公钥密码被认为是最有前途的抵抗量子计算机攻击的公钥密码体制.然而,相对于格上公钥加密体制和数字签名方案的快速发展,基于格上困难问题的密钥协商协议成果却较少.因此,现阶段如何构建格上安全的密钥协商协议是密码学领域具有挑战性的问题之一.针对上述问题,基于环上带错误学习问题困难假设,采用调和技术构造了一种新的认证密钥协商协议RAKA(authenticated key agreement protocol based on reconciliation technique),该方案采用格上陷门函数技术提供了单向认证功能,并且在Ring-LWE假设下证明是安全的.与现有的基于LWE的密钥协商协议相比,该方案的共享会话密钥减小为2nlogq,效率更高;同时,由于该方案的安全性是基于格上困难问题,因此可以抵抗量子攻击.

关键词: 格理论, 认证密钥协商, 调和技术, 环上错误学习问题, 抗量子攻击

Abstract: During the post quantum era, public key cryptosystem based on Lattice is considered to be the most promising cryptosystem to resist quantum computer attack. Comparing to the rapid development of public key encryption and digital signature schemes based on Lattice, the key agreement protocols rarely appeared in the research papers. Therefore, how to construct the secure key agreement protocol is one of the most challenging problems. To solve this problem above, a secure key agreement protocol RAKA based on reconciliation technique and ring learning with errors (Ring-LWE) is designed. The proposed scheme is provably secure under the Ring-LWE assumption and can provide authentication by using the Lattice-based trapdoor function. Compared with current key agreement schemes based on LWE, this scheme is more efficient and the shared key size is reduced to 2nlogq. Moreover, this scheme can resist quantum attack because of the hard assumption on Lattice.

Key words: Lattice, authenticated key agreement (AKA), reconciliation technique, ring learning with errors (Ring-LWE), resist quantum attacks

中图分类号: