云环境下基于代理重签名的跨域身份认证方案
|
摘要
云计算是当前发展十分迅速的战略性新兴产业,但云计算面临着诸多关键性的安全问题,并且已经成为制约其发展的重要因素,其中身份认证问题首当其冲.身份认证是云计算安全的基础,为用户和云服务提供商的身份提供保证,阻止非法用户进入云系统,限制非法用户访问云资源.当前各类云服务已开始呈现出整合趋势,越来越多的云服务需要与其它异域的云服务互联,云服务提供商利用跨域身份认证机制来识别异域用户身份.目前大部分云计算平台采用用户名/口令组合认证,但这种认证方式存在两个主要的弊端:一是安全系数低,很容易被截取和监听;二是如果不同平台使用统一的用户名和密码,很容易造成用户身份信息的泄露.PKI(Public Key Infrastructure)为云计算环境下身份认证问题的解决提供了可行途径,是目前公认的保障网络社会安全的最佳体系,能在开放的网络环境中提供身份认证服务,确定信息网络空间中身份的唯一性、真实性和合法性,保护网络空间中各种主体的安全利益,已经广泛应用于电子商务、电子政务、网上银行等领域.但现有的基于PKI的跨域身份认证技术在可实施性、可扩展性、灵活性、互操作性和证书验证等方面都存在严重的不足,它在对可扩展性、动态性、开放性等方面都有较高要求的云计算环境中难以得到应用.针对现有基于PKI的跨域身份认证机制存在信任路径长、证书验证效率低、域间信任路径构建复杂等问题,利用代理重签名技术提出了一种云环境下的跨域身份认证方案,实现用户与云服务提供商之间的双向身份认证.用户与云服务提供商基于数字证书的合法性和认证消息的有效性完成双方身份的真实性鉴别,并在认证过程中协商了会话密钥;"口令+密钥"的双因子认证过程,进一步增强了跨域身份认证系统的安全性;通过半可信代理者直接建立域间的信任关系,避免了复杂的证书路径构建和验证过程,减少了信任路径长度.基于计算性Diffie-Hellman问题和哈希函数的抗碰撞性,在标准模型下对新方案的强不可伪造性和完备性进行了证明.分析结果表明,文中的跨域身份认证方案具有匿名性、会话密钥的前/后向安全性、匿名的可控性等性质,并能抵抗重放攻击和替换攻击;在保留PKI技术优势的同时,简化了交互认证过程,提高了跨域身份认证效率,其性能更适用于大规模的云计算环境.
Cloud computing is an emerging strategic industry that is currently experiencing extremely rapid development.However,cloud computing faces a number of critical security issues,which are the dominant factors restricting its growth.Identity authentication problem is the most serious of these security issues.In addition,identity authentication is the foundation of cloud computing security,which ensures the identities of users and cloud service providers,restricts the entry of unauthorized users from entering cloud systems and accessing cloud resources.At present,various cloud services are beginning to exhibit a trend of integration,in which an increasing number of cloud services become interconnected with cloud services in other trusted domains.Hence,cloud service providers require the implementation of cross-domain identity authentication mechanisms to authenticate the identities of users from other trusted domains.Most of the existing cloud computing platforms adopt the authentication mechanism of username/password combination,but there are two main disadvantages in this type of authentication method.One is the weak security performance,which is easily intercepted and monitored.Another is that if the user uses the same username and password on different platforms,then it is easy to cause disclosure of the user's identity information.Public key infrastructure(PKI) offers a feasible solution to address identity authentication problem in cloud computing environment.Moreover,PKI can provide identity authentication services,and it is well accepted as the current best mechanism to ensure security of open network environment.The main purpose of PKI is to confirm the exclusive,authenticity and the validity of each user identity information and to protect the security interests of various entities in cyberspace.Thus,PKI has been widely implemented in e commerce,e-government,e-banking,and other fields.However,the existing PKI-based cross-domain authentication mechanism has serious deficiencies in its implementation,scalability,flexibility,interoperability and certificate validation,so it is difficult to be applied in cloud computing environment with high requirements such as extensibility,dynamics and openness.Specifically,the existing PKI-based cross-domain authentication mechanism has many problems such as long trust path,low efficiency of certificate verification,and complex inter-domain trust path construction.Therefore,a cross-domain authentication scheme in the cloud environment,which uses proxy re-signature technology,was proposed to realize bidirectional authentication between the user and cloud provider in this paper.Based on the legitimacy of the digital certificate and validity of the authentication message,the user and cloud provider can complete the authentication of identities of both parties and negotiate the session key during the authentication process.Furthermore,the dual-factor authentication process of"password+key"enhances the security of the cross-domain authentication system.In addition,the complicated certificate path construction and verification process could be avoided,and the length of the trust path can be reduced through direct establishment of an inter-domain relationship using a semi-trusted agent.The strong unforgeability and completeness of the proposed scheme are proved in the standard model based on the computational Diffie-Hellman problem and the collision-resistance property of hash function.Analysis results show that the proposed cross-domain authentication scheme has properties of anonymity,forward/backward security of session key,and controllability of anonymity,and it can resist replay and replacement attacks.Besides retaining the advantages of PKI technology,this scheme also simplifies the interactive authentication process and improves the efficiency of cross-domain authentication at the same time,and its performance is more suitable for large-scale cloud environment.
Cloud computing is an emerging strategic industry that is currently experiencing extremely rapid development.However,cloud computing faces a number of critical security issues,which are the dominant factors restricting its growth.Identity authentication problem is the most serious of these security issues.In addition,identity authentication is the foundation of cloud computing security,which ensures the identities of users and cloud service providers,restricts the entry of unauthorized users from entering cloud systems and accessing cloud resources.At present,various cloud services are beginning to exhibit a trend of integration,in which an increasing number of cloud services become interconnected with cloud services in other trusted domains.Hence,cloud service providers require the implementation of cross-domain identity authentication mechanisms to authenticate the identities of users from other trusted domains.Most of the existing cloud computing platforms adopt the authentication mechanism of username/password combination,but there are two main disadvantages in this type of authentication method.One is the weak security performance,which is easily intercepted and monitored.Another is that if the user uses the same username and password on different platforms,then it is easy to cause disclosure of the user's identity information.Public key infrastructure(PKI) offers a feasible solution to address identity authentication problem in cloud computing environment.Moreover,PKI can provide identity authentication services,and it is well accepted as the current best mechanism to ensure security of open network environment.The main purpose of PKI is to confirm the exclusive,authenticity and the validity of each user identity information and to protect the security interests of various entities in cyberspace.Thus,PKI has been widely implemented in e commerce,e-government,e-banking,and other fields.However,the existing PKI-based cross-domain authentication mechanism has serious deficiencies in its implementation,scalability,flexibility,interoperability and certificate validation,so it is difficult to be applied in cloud computing environment with high requirements such as extensibility,dynamics and openness.Specifically,the existing PKI-based cross-domain authentication mechanism has many problems such as long trust path,low efficiency of certificate verification,and complex inter-domain trust path construction.Therefore,a cross-domain authentication scheme in the cloud environment,which uses proxy re-signature technology,was proposed to realize bidirectional authentication between the user and cloud provider in this paper.Based on the legitimacy of the digital certificate and validity of the authentication message,the user and cloud provider can complete the authentication of identities of both parties and negotiate the session key during the authentication process.Furthermore,the dual-factor authentication process of"password+key"enhances the security of the cross-domain authentication system.In addition,the complicated certificate path construction and verification process could be avoided,and the length of the trust path can be reduced through direct establishment of an inter-domain relationship using a semi-trusted agent.The strong unforgeability and completeness of the proposed scheme are proved in the standard model based on the computational Diffie-Hellman problem and the collision-resistance property of hash function.Analysis results show that the proposed cross-domain authentication scheme has properties of anonymity,forward/backward security of session key,and controllability of anonymity,and it can resist replay and replacement attacks.Besides retaining the advantages of PKI technology,this scheme also simplifies the interactive authentication process and improves the efficiency of cross-domain authentication at the same time,and its performance is more suitable for large-scale cloud environment.
引文
[1]Feng Deng-Guo,Zhang Min,Zhang Yan,et al.Study on cloud computing security.Journal of Software,2011,22(1):71-83(in Chinese)(冯登国,张敏,张妍等.云计算安全研究.软件学报,2011,22(1):71-83)
[2]Zhang Yu-Qing,Wang Xiao-Fei,Liu Xue-Feng,et al.Survey on cloud computing security.Journal of Software,2016,27(6):1328-1348(in Chinese)(张玉清,王晓菲,刘雪峰等.云计算环境安全综述.软件学报,2016,27(6):1328-1348)
[3]He Song.Design and Implementation of Multi-Domain Unified Authentication and Authorization System Based on PKI[M.S.dissertation].Beijing University of Posts and Telecommunications,Beijing,2013(in Chinese)(合松.基于PKI的多域统一认证与授权系统设计与实现[硕士学位论文].北京邮电大学,北京,2012)
[4]Yassin A A,Jin H,Ibrahim A,et al.Cloud authentication based on anonymous one-time password//Proceedings of the International Conference on Ubiquitous Information Technologies and Applications,Da Nang,Vietnam,2013:423-431
[5]Ding Lin-Hua,Wang Jiu-Ru,Wang Xiao-Jie.Research on unified authentication model based on the kerberos and SAML//Proceedings of the 2015International Conference on Advances in Mechanical Engineering and Industrial Informatics.Zhengzhou,China,2015:1053-1058
[6]Lin Jing-Qiang,Jing Ji-Wu,Zhang Qiong-Lu,et al.Recent advances in PKI technologies.Journal of Cryptologic Research,2015,2(6):487-496(in Chinese)(林璟锵,荆继武,张琼露等.PKI技术的近年研究综述.密码学报,2015,2(6):487-496)
[7]Chen P L,Yang J H,Lin C I.ID-based user authentication scheme for cloud computing.Journal of Electronic Science and Technology,2013,11(2):221-224
[8]Blaze M,Bleumer G,Struss M.Divertible protocols and atomic proxy cryptography//Proceedings of the EUROCRYPT’98.Helsinki,Finland,1998:127-144
[9]Sun Shang-Bo.Research on Trust Model and Certificate Path Construction Method of PKI[M.S.dissertation].Shenyang Aerospace University,Shenyang 2011(in Chinese)(孙尚波.PKI信任模型与证书路径构造方法研究[硕士学位论文].沈阳航空航天大学.沈阳,2011)
[10]Massimiliano P,Smith S.Finding the PKI needles in the Internet haystack.Journal of Computer Security,2010,18(3):397-420
[11]Ye Wei-Wei,Ou Qing-Yu,Bai Xiao-Wu.Research on authentication scheme of cryptographic service system based on service architecture.Netinfo Security,2016,12(5):37-43(in Chinese)(叶伟伟,欧庆于,柏小武.基于服务架构的密码服务系统认证方案研究.信息网络安全,2016,12(5):37-43)
[12]Schulman A,Levin D,Spring N.Revcast:Fast,private certificate revocation over FM radio//Proceedings of the ACM Conference on Computer and Communications Security.Scottsdale,Arizona,USA,2014:799-810
[13]He Bin.Improvement and Research on Mechanism of Certificate Revocation Based on PKI[M.S.dissertation].Shanghai Jiao Tong University,Shanghai 2015(in Chinese)(何斌.PKI中证书撤销机制的改进与研究[硕士学位论文].上海交通大学,上海,2015)
[14]Zhang Yan.Design of Cross-Domain Authentication System for Multiple Security Element Based on PKI[M.S.dissertation].Taiyuan University of Technology,Taiyuan,2015(in Chinese)(张岩.基于PKI的多安全要素跨域身份认证系统设计[硕士学位论文].太原理工大学,太原,2015)
[15]Yang Li,Ma Jian-Feng,Jiang Qi.Direct anonymous attestation scheme in cross trusted domain for wireless mobile networks.Journal of Software,2012,23(5):1260-1271(in Chinese)(杨力,马建峰,姜奇.无线移动网络跨可信域的直接匿名证明方案.软件学报,2012,23(5):1260-1271)
[16]Chen L,Morrissey P,Smart N P.Pairings in trusted computing//Proceedings of the Pairing-Based Cryptography.London,UK,2008:1-17
[17]Zhou Yan-Wei,Yang Bo,Wu Zhen-Qiang,et al.Direct anonymous authentication scheme in cross-domain based on identity.Chinese Science:Information Science,2014,44(9):1102-1120(in Chinese)(周彦伟,杨波,吴振强等.基于身份的跨域直接匿名认证机制.中国科学:信息科学,2014,44(9):1102-1120)
[18]Wang Zhong-Hua,Han Zhen,Liu Ji-Qiang,et al.IDauthentication scheme based on PTPM and certificateless public key cryptography in cloud environment.Journal of Software,2016,27(6):1523-1537(in Chinese)(王中华,韩臻,刘吉强等.云环境下基于PTPM和无证书公钥的身份认证方案.软件学报,2016,27(6):1523-1537)
[19]Zhang M,Zhang Y.Certificateless anonymous user authentication protocol for cloud computing//Proceedings of the 2015International Conference on Intelligent Transportation,Big Data and Smart City.Halong Bay,Vietnam,2015:200-203
[20]Dong Z M,Zhang L,Li J T.Security enhanced anonymous remote user authentication and key agreement for cloud computing//Proceedings of IEEE 17th International Conference on Computational Science and Engineering.Chengdu,China,2014:1746-1751
[21]Ateniese G,Hohenberger S.Proxy re-signatures:New definitions,algorithms,and applications//Proceedings of the12th ACM CCS.Alexandria,USA,2005:310-319
[22]Huang Ping,Yang Xiao-Dong,Li Yan,et al.Identity-based proxy re-signature scheme without bilinear pairing.Journal of Computer Applications,2015,35(6):1678-1682(in Chinese)(黄萍,杨小东,李燕等.无双线性对的基于身份代理重签名方案.计算机应用,2015,35(6):1678-1682)
[23]Shao J,Wei G,Ling Y,et al.Unidirectional identity-based proxy re-signature//Proceedings of the IEEE International Conference on Communications.Kyoto,Japan,2011:1-5
[24]Paterson K G,Schuldt J C N.Efficient identity-based signatures secure in the standard model.Lecture Notes in Computer Science,2006,4058:207-222
[25]Shao J,Cao Z,Wang L,et al.Proxy re-signature schemes without random oracles//Proceedings of the INDO-CRYPT2007.Chennai,India,2007:197-209
[26]Kim K,Yie I,Lim S.Remark on Shao et al’s bidirectional proxy re-signature scheme in Indocrypt’07.International Journal of Network Security,2009,8(3):308-311
[27]Yang X,Gao G,Wang C.On-line/off-line threshold proxy re-signature scheme through the simulation approach.Applied Mathematics&Information Sciences,2015,9(6):3251-3261
[28]Tian Miao-Miao.Identity-based proxy re-signatures from lattices.Information Processing Letters,2015,115(4):462-467
[29]Yang X,Li C,Li Y,et al.Divisible on-line/off-line proxy re-signature.Applied Mathematics&Information Sciences,2015,9(2):759-767
[30]Wang Z,Lu W.Server-aided verification proxy re-signature//Proceedings of the Trust,Security and Privacy in Computing and Communications.Melbourne,Australia,2013:1704-1707
[31]Yang Xiao-Dong,Li Ya-Nan,Gao Guo-Juan,et al.Severaided verification proxy re-signature scheme in the standard model.Journal of Electronics&Information Technology,2016,38(5):1151-1157(in Chinese)(杨小东,李亚楠,高国娟等.标准模型下的服务器辅助验证代理重签名方案.电子与信息学报,2016,38(5):1151-1157)
[32]Chow S S M,Phan R C W.Proxy re-signatures in the standard model//Proceedings of the International Conference on Information Security.Taipei,China,2008:260-276
[33]Vivek S S,Selvi S S D,Balasubramanian G,et al.Strongly unforgeable proxy re-signature schemes in the standard model.IACR Cryptology ePrint Archive,2012,80:1-23
[34]Tsai T T,Tseng Y M,Huang S S.Efficient strongly unforgeable ID-based signature without random oracles.Informatica,2014,25(3):505-521
[35]Dan B,Shen E,Waters B.Strongly unforgeable signatures based on computational Diffie-Hellman//Proceedings of the International Conference on Theory and Practice of PublicKey Cryptography.New York,USA,2006:229-240
[36]Bellare M.New proofs for NMAC and HMAC:Security without collision-resistance//Proceedings of the Advances in Cryptology-CRYPTO 2006.Santa Barbara,USA,2006:602-619
[37]Shor P W.Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer.SIAM Journal on Computing,1996,41(2):1484-1509
[2]Zhang Yu-Qing,Wang Xiao-Fei,Liu Xue-Feng,et al.Survey on cloud computing security.Journal of Software,2016,27(6):1328-1348(in Chinese)(张玉清,王晓菲,刘雪峰等.云计算环境安全综述.软件学报,2016,27(6):1328-1348)
[3]He Song.Design and Implementation of Multi-Domain Unified Authentication and Authorization System Based on PKI[M.S.dissertation].Beijing University of Posts and Telecommunications,Beijing,2013(in Chinese)(合松.基于PKI的多域统一认证与授权系统设计与实现[硕士学位论文].北京邮电大学,北京,2012)
[4]Yassin A A,Jin H,Ibrahim A,et al.Cloud authentication based on anonymous one-time password//Proceedings of the International Conference on Ubiquitous Information Technologies and Applications,Da Nang,Vietnam,2013:423-431
[5]Ding Lin-Hua,Wang Jiu-Ru,Wang Xiao-Jie.Research on unified authentication model based on the kerberos and SAML//Proceedings of the 2015International Conference on Advances in Mechanical Engineering and Industrial Informatics.Zhengzhou,China,2015:1053-1058
[6]Lin Jing-Qiang,Jing Ji-Wu,Zhang Qiong-Lu,et al.Recent advances in PKI technologies.Journal of Cryptologic Research,2015,2(6):487-496(in Chinese)(林璟锵,荆继武,张琼露等.PKI技术的近年研究综述.密码学报,2015,2(6):487-496)
[7]Chen P L,Yang J H,Lin C I.ID-based user authentication scheme for cloud computing.Journal of Electronic Science and Technology,2013,11(2):221-224
[8]Blaze M,Bleumer G,Struss M.Divertible protocols and atomic proxy cryptography//Proceedings of the EUROCRYPT’98.Helsinki,Finland,1998:127-144
[9]Sun Shang-Bo.Research on Trust Model and Certificate Path Construction Method of PKI[M.S.dissertation].Shenyang Aerospace University,Shenyang 2011(in Chinese)(孙尚波.PKI信任模型与证书路径构造方法研究[硕士学位论文].沈阳航空航天大学.沈阳,2011)
[10]Massimiliano P,Smith S.Finding the PKI needles in the Internet haystack.Journal of Computer Security,2010,18(3):397-420
[11]Ye Wei-Wei,Ou Qing-Yu,Bai Xiao-Wu.Research on authentication scheme of cryptographic service system based on service architecture.Netinfo Security,2016,12(5):37-43(in Chinese)(叶伟伟,欧庆于,柏小武.基于服务架构的密码服务系统认证方案研究.信息网络安全,2016,12(5):37-43)
[12]Schulman A,Levin D,Spring N.Revcast:Fast,private certificate revocation over FM radio//Proceedings of the ACM Conference on Computer and Communications Security.Scottsdale,Arizona,USA,2014:799-810
[13]He Bin.Improvement and Research on Mechanism of Certificate Revocation Based on PKI[M.S.dissertation].Shanghai Jiao Tong University,Shanghai 2015(in Chinese)(何斌.PKI中证书撤销机制的改进与研究[硕士学位论文].上海交通大学,上海,2015)
[14]Zhang Yan.Design of Cross-Domain Authentication System for Multiple Security Element Based on PKI[M.S.dissertation].Taiyuan University of Technology,Taiyuan,2015(in Chinese)(张岩.基于PKI的多安全要素跨域身份认证系统设计[硕士学位论文].太原理工大学,太原,2015)
[15]Yang Li,Ma Jian-Feng,Jiang Qi.Direct anonymous attestation scheme in cross trusted domain for wireless mobile networks.Journal of Software,2012,23(5):1260-1271(in Chinese)(杨力,马建峰,姜奇.无线移动网络跨可信域的直接匿名证明方案.软件学报,2012,23(5):1260-1271)
[16]Chen L,Morrissey P,Smart N P.Pairings in trusted computing//Proceedings of the Pairing-Based Cryptography.London,UK,2008:1-17
[17]Zhou Yan-Wei,Yang Bo,Wu Zhen-Qiang,et al.Direct anonymous authentication scheme in cross-domain based on identity.Chinese Science:Information Science,2014,44(9):1102-1120(in Chinese)(周彦伟,杨波,吴振强等.基于身份的跨域直接匿名认证机制.中国科学:信息科学,2014,44(9):1102-1120)
[18]Wang Zhong-Hua,Han Zhen,Liu Ji-Qiang,et al.IDauthentication scheme based on PTPM and certificateless public key cryptography in cloud environment.Journal of Software,2016,27(6):1523-1537(in Chinese)(王中华,韩臻,刘吉强等.云环境下基于PTPM和无证书公钥的身份认证方案.软件学报,2016,27(6):1523-1537)
[19]Zhang M,Zhang Y.Certificateless anonymous user authentication protocol for cloud computing//Proceedings of the 2015International Conference on Intelligent Transportation,Big Data and Smart City.Halong Bay,Vietnam,2015:200-203
[20]Dong Z M,Zhang L,Li J T.Security enhanced anonymous remote user authentication and key agreement for cloud computing//Proceedings of IEEE 17th International Conference on Computational Science and Engineering.Chengdu,China,2014:1746-1751
[21]Ateniese G,Hohenberger S.Proxy re-signatures:New definitions,algorithms,and applications//Proceedings of the12th ACM CCS.Alexandria,USA,2005:310-319
[22]Huang Ping,Yang Xiao-Dong,Li Yan,et al.Identity-based proxy re-signature scheme without bilinear pairing.Journal of Computer Applications,2015,35(6):1678-1682(in Chinese)(黄萍,杨小东,李燕等.无双线性对的基于身份代理重签名方案.计算机应用,2015,35(6):1678-1682)
[23]Shao J,Wei G,Ling Y,et al.Unidirectional identity-based proxy re-signature//Proceedings of the IEEE International Conference on Communications.Kyoto,Japan,2011:1-5
[24]Paterson K G,Schuldt J C N.Efficient identity-based signatures secure in the standard model.Lecture Notes in Computer Science,2006,4058:207-222
[25]Shao J,Cao Z,Wang L,et al.Proxy re-signature schemes without random oracles//Proceedings of the INDO-CRYPT2007.Chennai,India,2007:197-209
[26]Kim K,Yie I,Lim S.Remark on Shao et al’s bidirectional proxy re-signature scheme in Indocrypt’07.International Journal of Network Security,2009,8(3):308-311
[27]Yang X,Gao G,Wang C.On-line/off-line threshold proxy re-signature scheme through the simulation approach.Applied Mathematics&Information Sciences,2015,9(6):3251-3261
[28]Tian Miao-Miao.Identity-based proxy re-signatures from lattices.Information Processing Letters,2015,115(4):462-467
[29]Yang X,Li C,Li Y,et al.Divisible on-line/off-line proxy re-signature.Applied Mathematics&Information Sciences,2015,9(2):759-767
[30]Wang Z,Lu W.Server-aided verification proxy re-signature//Proceedings of the Trust,Security and Privacy in Computing and Communications.Melbourne,Australia,2013:1704-1707
[31]Yang Xiao-Dong,Li Ya-Nan,Gao Guo-Juan,et al.Severaided verification proxy re-signature scheme in the standard model.Journal of Electronics&Information Technology,2016,38(5):1151-1157(in Chinese)(杨小东,李亚楠,高国娟等.标准模型下的服务器辅助验证代理重签名方案.电子与信息学报,2016,38(5):1151-1157)
[32]Chow S S M,Phan R C W.Proxy re-signatures in the standard model//Proceedings of the International Conference on Information Security.Taipei,China,2008:260-276
[33]Vivek S S,Selvi S S D,Balasubramanian G,et al.Strongly unforgeable proxy re-signature schemes in the standard model.IACR Cryptology ePrint Archive,2012,80:1-23
[34]Tsai T T,Tseng Y M,Huang S S.Efficient strongly unforgeable ID-based signature without random oracles.Informatica,2014,25(3):505-521
[35]Dan B,Shen E,Waters B.Strongly unforgeable signatures based on computational Diffie-Hellman//Proceedings of the International Conference on Theory and Practice of PublicKey Cryptography.New York,USA,2006:229-240
[36]Bellare M.New proofs for NMAC and HMAC:Security without collision-resistance//Proceedings of the Advances in Cryptology-CRYPTO 2006.Santa Barbara,USA,2006:602-619
[37]Shor P W.Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer.SIAM Journal on Computing,1996,41(2):1484-1509