基于AES和ECC的混合密码体制研究及应用
|
摘要
随着电子商务的广泛应用,网络信息安全变得越来越重要,而网络信息安全的核心在于密码技术。椭圆曲线密码体制是一种公钥密码体制,相对于以往基于有限域上离散对数问题或大整数分解问题的传统公钥算法,椭圆曲线密码算法具有安全性高、速度快、密钥短、实现时所需占用资源少的特点。另一方面,最新的对称算法AES具有简洁、高效、安全性高等优点,是对称密码体制中的一个相当好的标准。
本文通过对现有数据加密体制的分析,提出了一种将AES算法和椭圆曲线密码(ECC)体制相结合的混合数据加密体制,从而更为高效地实现了网络通信系统中的信息加密、数字签名和身份验证,解决了密码体制中速度和安全性不能兼顾的问题。文章首先在对目前信息安全的现状和数据加密技术的基本概念及数学模型作了简单综述的基础上,研究分析了各种数据加密技术的思想、加解密流程,给出了对称密码、公钥密码体系的数学背景及其特点;其次,针对数据加密方法的特点,提出了基于AES与ECC的混合密码体制,并就这两种算法的数学原理、算法实现、安全性能等方面进行了详细的讨论;同时还给出基于AES与ECC的混合密码体制的工作原理;最后对AES和ECC的混合密码体制运用于西南交通信息网安全电子邮件的服务系统中的实现方案进行了论述。从而使ECC密码体制密钥短,计算开销少,带宽要求低、运算速度快的优点和AES算法的安全性能高的优势充分的发挥,有效的解决了电子邮件的机密性、身份鉴别、完整性和不可否认性。
Along with the electronic commerce widespread application, the networkinformation security changes more and more importantly, but the network informationsecurity core lies in the password technology. Elliptic Curve Cryptography (ECC)systems which is a public-key systems is characterized by higher safety property,faster speed, shorter key Lengths and fewer computational resources forimplementation thanother former traditional public-key algorithms based on thediscrete logarithm infinite fields or the great integer factorization problem. On theother hand, the Advanced Encryption Standard is a good symmetry cryptosystemwith its advantages of simplicity, high efficiency and security.
The present data encryption systems are analyzed in the dissertation to proposethe mixed cryptosystem based on the AES and Elliptic Curve Cryptography, whichwill actualize encryption of data, digital signature and identification with highefficiency in Internet communication, and solve the problem of antinomy of speed andsecurity in cryptosystem. First, this dissertation researches and analyzes on thethought, the method and ecology and field of application of many kinds of dataencryption technology show the mathematical description to symmetry cryptogramand public key cryptogram and its characteristics based on briefly on the currentsituation of the information security and the basic notion as well as mathematicalmodel of data Encryption technology; Secondly, the mixed cryptosystem based onAES and ECC is build forward in according with the characteristic of the encryptionmethod of the data the detailed discussion is hold on two mathematical principles,algorithm realization, safe performance, etc. At the same time its work flow is alsogiven; Finally, the plan which is applied to the security email system of SouthwestTraffic Network is elaborated.The advantages of the ECC cryptosystem such asshort-key, low expenses, low request of the band, the quick speed of calculation andthe high superiority of AES algorithm effectively solute the problem of theconfidentiality, the personal identification, the integrity and the Non-repudiation ofEmail.
本文通过对现有数据加密体制的分析,提出了一种将AES算法和椭圆曲线密码(ECC)体制相结合的混合数据加密体制,从而更为高效地实现了网络通信系统中的信息加密、数字签名和身份验证,解决了密码体制中速度和安全性不能兼顾的问题。文章首先在对目前信息安全的现状和数据加密技术的基本概念及数学模型作了简单综述的基础上,研究分析了各种数据加密技术的思想、加解密流程,给出了对称密码、公钥密码体系的数学背景及其特点;其次,针对数据加密方法的特点,提出了基于AES与ECC的混合密码体制,并就这两种算法的数学原理、算法实现、安全性能等方面进行了详细的讨论;同时还给出基于AES与ECC的混合密码体制的工作原理;最后对AES和ECC的混合密码体制运用于西南交通信息网安全电子邮件的服务系统中的实现方案进行了论述。从而使ECC密码体制密钥短,计算开销少,带宽要求低、运算速度快的优点和AES算法的安全性能高的优势充分的发挥,有效的解决了电子邮件的机密性、身份鉴别、完整性和不可否认性。
Along with the electronic commerce widespread application, the networkinformation security changes more and more importantly, but the network informationsecurity core lies in the password technology. Elliptic Curve Cryptography (ECC)systems which is a public-key systems is characterized by higher safety property,faster speed, shorter key Lengths and fewer computational resources forimplementation thanother former traditional public-key algorithms based on thediscrete logarithm infinite fields or the great integer factorization problem. On theother hand, the Advanced Encryption Standard is a good symmetry cryptosystemwith its advantages of simplicity, high efficiency and security.
The present data encryption systems are analyzed in the dissertation to proposethe mixed cryptosystem based on the AES and Elliptic Curve Cryptography, whichwill actualize encryption of data, digital signature and identification with highefficiency in Internet communication, and solve the problem of antinomy of speed andsecurity in cryptosystem. First, this dissertation researches and analyzes on thethought, the method and ecology and field of application of many kinds of dataencryption technology show the mathematical description to symmetry cryptogramand public key cryptogram and its characteristics based on briefly on the currentsituation of the information security and the basic notion as well as mathematicalmodel of data Encryption technology; Secondly, the mixed cryptosystem based onAES and ECC is build forward in according with the characteristic of the encryptionmethod of the data the detailed discussion is hold on two mathematical principles,algorithm realization, safe performance, etc. At the same time its work flow is alsogiven; Finally, the plan which is applied to the security email system of SouthwestTraffic Network is elaborated.The advantages of the ECC cryptosystem such asshort-key, low expenses, low request of the band, the quick speed of calculation andthe high superiority of AES algorithm effectively solute the problem of theconfidentiality, the personal identification, the integrity and the Non-repudiation ofEmail.
引文
[1] Darrel Hankerson,Alfred Menezes,Scott Vanstone等著,张焕国 等译.椭圆曲线密码学导论[M]北京:电子工业出版社,2005.8
[2] 刘志凌.电子商务核心理论与技术实现[M]北京:国防工业出版社2001.7
[3] Bruce Schneier著,吴志忠,祝世雄,张文政 等译 应用密码学——协议、算法与C源程序[M]北京:机械工业出版社2000.1
[4] Randall K.Nichols主编,吴志忠,郭涛,宋晓龙 等译.ICSA密码学指南[M]北京:机械工业出版社2004.5
[5] 邓安文.密码学——加密演算法[M]北京:中国水利水电出版社2006.3
[6] Richard Spillman著,叶阮健,曹英,张长富 译.经典密码学与现代密码学[M]北京:清华大学出版社2005.7
[7] 曾贵华.量子密码学[M]北京:科学出版社2006.6
[8] 罗斌.Visual C++.NET精彩编程实例集锦[M]北京:中国水利水电出版2006.1
[9] 胡涛.Visual C++.NET编程技术体验[M]北京:电子工业出版社2003.7
[10] 周玉洁,冯登国.公开密钥密码算法及其快速实现[M]北京:国防工业出版社2002.9
[11] 杨义先,钮心忻.应用密码学[M]北京:北京邮电大学出版社2005.6
[12] Niels Ferguson,Bruce Schneier著,张振锋,徐静,李红达 译.密码学实践[M]2005.8
[13] Alfred J.Menezes,Paul C.van Oorschot,Scott A.Vanstone著,胡磊,王鹏 等译.应用密码学手册[M]北京:电子工业出版社2005.6
[14] 杨义先,孙伟,钮心忻.现代密码新理论[M]北京:科学出版社2002.8
[15] Wenbo Mao著,王继林,伍前红等译,王育民,姜正涛 审校.现代密码不理论与实践[M]北京:电子子业出版社2004.7
[16] 牛少彰.信息安全概论[M]北京:北京邮电大学出版社2004.4
[17] 章照止.现代密码学基础[M]北京:北京邮电大学出版社2004.4
[18] 陈恭亮.信息安全数学基础[M]北京:清华大学出版社2004.6
[19] 熊全淹.近世代数[M]武汉:武汉大学出版社2004.1
[20] 柯召,孙琦.数论讲义(第二版)上、下册[M]北京:高等教育出版社2004.5
[21] 张方国 王常杰 王育民 基于椭圆曲线的数字签名与盲签名[J]通信学报VoL.22 No.8 August.2001
[22] 张方国 王常杰 王育民GF(p)上安全椭圆曲线及其基点的选取[J]电子与信息学报VoL.24 No.3 Mar.2002
[23] 刘胜利 郑东 王育民 域GF(2″)上安全椭圆曲线及其基点的选取[J]电子科学学报VoL.22 No.5 Sept.2000
[24] 林霞 朱艳琴 椭圆曲线密码体制在SET协议中的应用[J]微机发展VoL.15 No.2Feb.2005
[25] 张金山 用分布式并行算法选取GF(p)上椭圆曲线的基点 [J]计算机仿真VoL.4 No.21 Apr.2004
[26] 邱慧敏 杨义先 胡正名 一种基于椭圆曲线密码机制的用户认证方案设计[J]计算机工程与应用VoL.41 No.3 Apr.2005
[27] 邹永辉 严亚俊 马文平 椭圆曲线密码体制的实现及发展现状简介[J]计算机时代 2005
[28] 张焕国,谭中平.计算机安全保密技术的发展[J].交通与计算机,1996,1:10-14.
[29] 张庆胜,叶震,椭圆曲线加密算法在PKI中的应用[J].计算机工程与设计 2004.9
[30] 张龙军,沈钧毅,赵霖,适于构建密码体制的椭圆曲线上的快速点加算法研究计算机工程与应用 2000(6).28-30
[31] Standard Specifications for Public Key Cryptography, IEEE 1363/D13[S].
[32] Alfred J. Menezes,Paul C. van Oorschot.Handbook of APPLIED CRYPTOGRAPHY [M] American: Scott A. Vanstone,2001.
[33] R.J.McEliece,Finite Fields for Computer Scientists and Engineers, Kluwer Academic Publishers, 1987.
[34] YongJe Choil,HoWon Kim,MooSeop Kiml.lmplementation of Elliptic Curve Cryptographic Coprocessorover GF(2163) for ECC protocols. Electronics and Telecommunications Research Institute: 1-2.
[35] Darrel Hankerson, Julio Lopez Hernandez, AlfredMenezes.Software Implementation of Elliptic Curve Cryptography over Binary Fields. CHES, 2000: 1-24.
[36] N. Koblitz.Elliptic curve cryptosystems. Mathematics of Computation, 1987,48: 203-209.
[37] V.S. Miller.Use of elliptic curve in cryptography.Advances in Cryptology - Proceedings of CRYPTO'85, Springer Verlag Lecture Notes in Computer Science,1986,218:417-426.
[38] Richard Schroeppel, Hilarie Orman, Sean O'Malley.Fast Key Exchange with Elliptic Curve Systems. Tucson, AZ: University of Arizona, Computer Sciences Department, 1995, 03.
[39] A. Menezes, T. Okamoto and S. Vanstone.Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transactions on Information Theory, 1993,volume 39, pages 1639-1646.
[40] R.Schoof, Elliptic curves over finite fields and the commutation of squareroots rood p.Math.Comp. 1985,44: 483-494.
[41] Beth T, Schaefer F.Non supersingular elliptic curves for public key cryptosystems. Advances in Cryptology-EUROCRYPT'91, Berlin: Springer-Verlag, 1992,317-327.
[42] Miller V. use of elliptic curve in crypotography[A].proceddings of CRYPTO'85[c].New York.Springer Verlag, 1985.
[43] I. Semaev.Evaluation of discrete logarithm on some elliptic curves.Mathematics of Computation.
[44] N. Smart. Announcement of an attack on the ECDLP for anomalous elliptic curves,1997.
[45] T. Satoh and K. Araki.Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves.preprint, 1997.
[46] H. Ruck.On the discrete logarithm in the divisor class group of curves.preprint, 1997.
[47] Shanks.D.Five number theoretical algorithms.Proc,2nd Manitoba Conference on Numerical Math,(Congresses Numerantium Ⅶ,Univ.Manitoba Winnipeg), 1972: 353-356.
[48] S. Pohlig and M. Hellman.An improved algorithm for computing logarithms over GF(p) and its cryptographic significance.IEEE Transactions on Information Theory,1978,volume 24, pages 106-110.
[49] J. Pollard. Monte Carlo methods for index computation mod p.Mathematics of Computation, 1978, volume 32, pages 918-924.
[50] P. van Oorschot and M. Wiener. parallel collision search with cryptanalytic applications.Journal of Cryptology. An earlier version appeared in the Proceedings of the 2nd ACM Conference on Computer and Communications Security, Fairfax, Virginia, November 2-4, 1994, pages 210-218.
[51] Certicom Corp.REMARKS ON SECURITY OF THE ELLIPTIC CURVE CRYPTOSYSTEM. part of The Elliptic Curve Cryptosystem,A Certicom Whitepaper.
[52] Silverman.J.The Xedni Calculus and the Elliptic Curve Descrete Logarithm Problem.Design,Codes,and Cryptography.
[53] Jacobson.M,Koblitz.N,Silverman.J,ect.Analysis of the Xedni Calculus Attack.Technique Report,CACR-University of waterloo, 1999.
[54] REMARKS ON THE SECURITY OF THE ELLIPTIC CURVE CRYPTOSYSTEM,A Certicom Whitepeper, Certicom Corp, 1997.
[55] T Satoh.The canonical lift of an ordinary elliptic curve over a finite field and its point counting [J]. Ramanujan Mathematical Society,2000,15: 247-270.
[56] M Fouquet, P Gaudry, R Harley.An extention Satoh' algorithm and its implementa [J]. Ramanujan Mathematical Society,2000,15: 281-318.
[57] http://www.shamus.ie
[58] http://www.certicom.com
[59] http://www.microsoft.com/china/
[60] http://www.isical.ac.in/~malapati_r/sites.html, Indian Statistical Institute (ISI)网站.
[61] Koblitz N. Elliptic curve Cryptosystems.Mathematics of Computation, 1987, 48(177)203209
[2] 刘志凌.电子商务核心理论与技术实现[M]北京:国防工业出版社2001.7
[3] Bruce Schneier著,吴志忠,祝世雄,张文政 等译 应用密码学——协议、算法与C源程序[M]北京:机械工业出版社2000.1
[4] Randall K.Nichols主编,吴志忠,郭涛,宋晓龙 等译.ICSA密码学指南[M]北京:机械工业出版社2004.5
[5] 邓安文.密码学——加密演算法[M]北京:中国水利水电出版社2006.3
[6] Richard Spillman著,叶阮健,曹英,张长富 译.经典密码学与现代密码学[M]北京:清华大学出版社2005.7
[7] 曾贵华.量子密码学[M]北京:科学出版社2006.6
[8] 罗斌.Visual C++.NET精彩编程实例集锦[M]北京:中国水利水电出版2006.1
[9] 胡涛.Visual C++.NET编程技术体验[M]北京:电子工业出版社2003.7
[10] 周玉洁,冯登国.公开密钥密码算法及其快速实现[M]北京:国防工业出版社2002.9
[11] 杨义先,钮心忻.应用密码学[M]北京:北京邮电大学出版社2005.6
[12] Niels Ferguson,Bruce Schneier著,张振锋,徐静,李红达 译.密码学实践[M]2005.8
[13] Alfred J.Menezes,Paul C.van Oorschot,Scott A.Vanstone著,胡磊,王鹏 等译.应用密码学手册[M]北京:电子工业出版社2005.6
[14] 杨义先,孙伟,钮心忻.现代密码新理论[M]北京:科学出版社2002.8
[15] Wenbo Mao著,王继林,伍前红等译,王育民,姜正涛 审校.现代密码不理论与实践[M]北京:电子子业出版社2004.7
[16] 牛少彰.信息安全概论[M]北京:北京邮电大学出版社2004.4
[17] 章照止.现代密码学基础[M]北京:北京邮电大学出版社2004.4
[18] 陈恭亮.信息安全数学基础[M]北京:清华大学出版社2004.6
[19] 熊全淹.近世代数[M]武汉:武汉大学出版社2004.1
[20] 柯召,孙琦.数论讲义(第二版)上、下册[M]北京:高等教育出版社2004.5
[21] 张方国 王常杰 王育民 基于椭圆曲线的数字签名与盲签名[J]通信学报VoL.22 No.8 August.2001
[22] 张方国 王常杰 王育民GF(p)上安全椭圆曲线及其基点的选取[J]电子与信息学报VoL.24 No.3 Mar.2002
[23] 刘胜利 郑东 王育民 域GF(2″)上安全椭圆曲线及其基点的选取[J]电子科学学报VoL.22 No.5 Sept.2000
[24] 林霞 朱艳琴 椭圆曲线密码体制在SET协议中的应用[J]微机发展VoL.15 No.2Feb.2005
[25] 张金山 用分布式并行算法选取GF(p)上椭圆曲线的基点 [J]计算机仿真VoL.4 No.21 Apr.2004
[26] 邱慧敏 杨义先 胡正名 一种基于椭圆曲线密码机制的用户认证方案设计[J]计算机工程与应用VoL.41 No.3 Apr.2005
[27] 邹永辉 严亚俊 马文平 椭圆曲线密码体制的实现及发展现状简介[J]计算机时代 2005
[28] 张焕国,谭中平.计算机安全保密技术的发展[J].交通与计算机,1996,1:10-14.
[29] 张庆胜,叶震,椭圆曲线加密算法在PKI中的应用[J].计算机工程与设计 2004.9
[30] 张龙军,沈钧毅,赵霖,适于构建密码体制的椭圆曲线上的快速点加算法研究计算机工程与应用 2000(6).28-30
[31] Standard Specifications for Public Key Cryptography, IEEE 1363/D13[S].
[32] Alfred J. Menezes,Paul C. van Oorschot.Handbook of APPLIED CRYPTOGRAPHY [M] American: Scott A. Vanstone,2001.
[33] R.J.McEliece,Finite Fields for Computer Scientists and Engineers, Kluwer Academic Publishers, 1987.
[34] YongJe Choil,HoWon Kim,MooSeop Kiml.lmplementation of Elliptic Curve Cryptographic Coprocessorover GF(2163) for ECC protocols. Electronics and Telecommunications Research Institute: 1-2.
[35] Darrel Hankerson, Julio Lopez Hernandez, AlfredMenezes.Software Implementation of Elliptic Curve Cryptography over Binary Fields. CHES, 2000: 1-24.
[36] N. Koblitz.Elliptic curve cryptosystems. Mathematics of Computation, 1987,48: 203-209.
[37] V.S. Miller.Use of elliptic curve in cryptography.Advances in Cryptology - Proceedings of CRYPTO'85, Springer Verlag Lecture Notes in Computer Science,1986,218:417-426.
[38] Richard Schroeppel, Hilarie Orman, Sean O'Malley.Fast Key Exchange with Elliptic Curve Systems. Tucson, AZ: University of Arizona, Computer Sciences Department, 1995, 03.
[39] A. Menezes, T. Okamoto and S. Vanstone.Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transactions on Information Theory, 1993,volume 39, pages 1639-1646.
[40] R.Schoof, Elliptic curves over finite fields and the commutation of squareroots rood p.Math.Comp. 1985,44: 483-494.
[41] Beth T, Schaefer F.Non supersingular elliptic curves for public key cryptosystems. Advances in Cryptology-EUROCRYPT'91, Berlin: Springer-Verlag, 1992,317-327.
[42] Miller V. use of elliptic curve in crypotography[A].proceddings of CRYPTO'85[c].New York.Springer Verlag, 1985.
[43] I. Semaev.Evaluation of discrete logarithm on some elliptic curves.Mathematics of Computation.
[44] N. Smart. Announcement of an attack on the ECDLP for anomalous elliptic curves,1997.
[45] T. Satoh and K. Araki.Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves.preprint, 1997.
[46] H. Ruck.On the discrete logarithm in the divisor class group of curves.preprint, 1997.
[47] Shanks.D.Five number theoretical algorithms.Proc,2nd Manitoba Conference on Numerical Math,(Congresses Numerantium Ⅶ,Univ.Manitoba Winnipeg), 1972: 353-356.
[48] S. Pohlig and M. Hellman.An improved algorithm for computing logarithms over GF(p) and its cryptographic significance.IEEE Transactions on Information Theory,1978,volume 24, pages 106-110.
[49] J. Pollard. Monte Carlo methods for index computation mod p.Mathematics of Computation, 1978, volume 32, pages 918-924.
[50] P. van Oorschot and M. Wiener. parallel collision search with cryptanalytic applications.Journal of Cryptology. An earlier version appeared in the Proceedings of the 2nd ACM Conference on Computer and Communications Security, Fairfax, Virginia, November 2-4, 1994, pages 210-218.
[51] Certicom Corp.REMARKS ON SECURITY OF THE ELLIPTIC CURVE CRYPTOSYSTEM. part of The Elliptic Curve Cryptosystem,A Certicom Whitepaper.
[52] Silverman.J.The Xedni Calculus and the Elliptic Curve Descrete Logarithm Problem.Design,Codes,and Cryptography.
[53] Jacobson.M,Koblitz.N,Silverman.J,ect.Analysis of the Xedni Calculus Attack.Technique Report,CACR-University of waterloo, 1999.
[54] REMARKS ON THE SECURITY OF THE ELLIPTIC CURVE CRYPTOSYSTEM,A Certicom Whitepeper, Certicom Corp, 1997.
[55] T Satoh.The canonical lift of an ordinary elliptic curve over a finite field and its point counting [J]. Ramanujan Mathematical Society,2000,15: 247-270.
[56] M Fouquet, P Gaudry, R Harley.An extention Satoh' algorithm and its implementa [J]. Ramanujan Mathematical Society,2000,15: 281-318.
[57] http://www.shamus.ie
[58] http://www.certicom.com
[59] http://www.microsoft.com/china/
[60] http://www.isical.ac.in/~malapati_r/sites.html, Indian Statistical Institute (ISI)网站.
[61] Koblitz N. Elliptic curve Cryptosystems.Mathematics of Computation, 1987, 48(177)203209