基于格密码理论的装备保障信息网络身份认证方案
|
摘要
针对当前装备保障信息网络身份认证方案无法抵抗正在崛起的量子计算机攻击及认证效率较低的问题,基于新的格密码理论,提出了装备保障信息网络在量子计算环境下安全且快速的身份认证方案。该方案采用理想格结构生成方案的主密钥,将装备身份信息输入到原像抽样函数中得出装备身份信息对应的认证密钥,利用无陷门的采样技术产生出装备的认证信息。结果表明:该方案在理想小整数解问题困难性假设的条件下,达到了适应性选择身份和选择消息攻击下的不可伪造性安全;在保证安全的前提下,该方案在达到相同的安全等级水平时在认证速率和验证速率方面均高于传统基于RSA和ECC的认证方案。
The current equipment support information network is threatened by the quantum computer. The current identity authentication schemes for equipment support information network cannot resistant quantum computer attack, and the efficiency of these schemes is low. The first identity authentication scheme which is secure under the quantum computer environment for equipment support information network from lattice-based new cryptographic assumption is presented. Firstly, the master keys are generated from ideal lattice. Secondly, the authentication key is generated using preimage sampleable functions with the equipment identity information. Thirdly, the authentication information of the equipment is produced by non-trap door sampling technique. The scheme achieves existential unforgeability against adaptive chosen identity and message under the small integer solution assumption. Compared with the traditional schemes such as RSA and ECC authentication schemes, our scheme has higher authentication and verify efficiency at the same level of security.
The current equipment support information network is threatened by the quantum computer. The current identity authentication schemes for equipment support information network cannot resistant quantum computer attack, and the efficiency of these schemes is low. The first identity authentication scheme which is secure under the quantum computer environment for equipment support information network from lattice-based new cryptographic assumption is presented. Firstly, the master keys are generated from ideal lattice. Secondly, the authentication key is generated using preimage sampleable functions with the equipment identity information. Thirdly, the authentication information of the equipment is produced by non-trap door sampling technique. The scheme achieves existential unforgeability against adaptive chosen identity and message under the small integer solution assumption. Compared with the traditional schemes such as RSA and ECC authentication schemes, our scheme has higher authentication and verify efficiency at the same level of security.
引文
[1] 杨学强,黄俊. 装备保障信息化建设概论[M].北京:国防工业出版社,2011:145-146. YANG X Q, HUANG J. Introduction of Equipment Support Informatization Construction[M]. Beijing: National Defense Industry Press, 2011:145-146. (in Chinese)
[2] 卢昱,晏杰,陈立云,等. 装备保障信息网络身份认证体系研究[J]. 指挥与控制学报,2016,2(2):134-138. LU Y, YAN J, CHEN L Y. et al. The Identity Authentication Architecture for Equipment Support Information Network[J]. Journal of Command and Control, 2016, 2(2):134-138. (in Chinese)
[3] 晏杰,卢昱,陈立云,等. 基于“北斗”的战场移动装备域间身份认证方法[J]. 电讯技术,2014,54(12):1683-1687. YAN J, LU Y, CHEN L Y. et al. Beidou-Based Inter-Domain Identity Authentication for Mobile Equipment in Battlefield[J]. Telecommunication Engineering, 2014,54(12):1683-1687. (in Chinese)
[4] GROVER L K. Quantum Mechanics Helps in Searching for a Needle in a Haystack[J]. Physical Review Letters, 1997,79(2):325-328.
[5] SHOR P W. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer[J]. SIAM Journal on Computing, 1997,26(5):1484-1509.
[6] 张焕国,毛少武,吴万青,等. 量子计算复杂性理论综述[J]. 计算机学报,2016,12(29):2404-2428. ZHANG H G, MAO S W, WU W Q, et al. Overview of Quantum Computation Complexity Theory[J]. Chinese Journal of Computers, 2016,12(29):2404-2428. (in Chinese)
[7] PEIKERT C. A Decade of Lattice Cryptography [J]. Foundations and Trends in Theoretical Computer Science, 2016,10(4):283-424.
[8] ATTAI M. Generating Hard Instances of Lattice Problems(Extended Abstract)[C]//In 28th ACM STOC, ACM Press, 1996: 99-108.
[9] ODED R, On Lattices, Learning with Errors, Random Linear Codes, and Cryptography[C]//Proceedings of the 37th Annual ACM Symposium on Theory of Computing, STOC 2005. ACM Press, 2005:84-93.
[10] 张建航. 快速格公钥密码方案的研究[D]. 西安:西安电子科技大学,2012:50-51. ZHANG J H. Research on Efficient Lattice-Based Public Key Cryptosystems[D].Xi’an: Xidian University, 2012:50-51. (in Chinese)
[11] ALWEN J. PEIKERT C. Generating Shorter Bases for Hard Random Lattices. Theory of Computing Systems[C]//In STACS 2009. 48(3):535-553.
[12] GENTRY C, PEIKERT C, VAIKUNTANATHAN V. Trapdoors for Hard Lattices and New Cryptographic Constructions[C]//In STOC 2008: 197-206.
[13] LYUBASHEVSKY V. Lattice Signatures without Trapdoors[C]//EUROCRYPT2012: 735-755.
[14] PEIKERT C, ROSEN A. Efficient Collision-resistant Hashing from Worst-Case Assumptions Cyclic Lattices[R].ECCC Report TR05-158,2006: 145-166.
[15] ATTAI M. Generating Hard Instances of the Short Basis Problem[C]//In ICALP, 1999: 1-9.
[16] HOFFSTEIN J, PIPHER J, SILVERMAN J H, NTRU: A Ring-Based Public Key Cryptosystem[M]//Proceedings of the 3rd International Symposium (ANTS-III), LNCS 1423, 1998:267-288.
[17] 陈鲁生. 现代密码学[M].北京:科学出版社,2000:69-71. CHEN L S. Modern Cryptography[M].Beijing: Science Press,2000: 69-71.(in Chinese)
[2] 卢昱,晏杰,陈立云,等. 装备保障信息网络身份认证体系研究[J]. 指挥与控制学报,2016,2(2):134-138. LU Y, YAN J, CHEN L Y. et al. The Identity Authentication Architecture for Equipment Support Information Network[J]. Journal of Command and Control, 2016, 2(2):134-138. (in Chinese)
[3] 晏杰,卢昱,陈立云,等. 基于“北斗”的战场移动装备域间身份认证方法[J]. 电讯技术,2014,54(12):1683-1687. YAN J, LU Y, CHEN L Y. et al. Beidou-Based Inter-Domain Identity Authentication for Mobile Equipment in Battlefield[J]. Telecommunication Engineering, 2014,54(12):1683-1687. (in Chinese)
[4] GROVER L K. Quantum Mechanics Helps in Searching for a Needle in a Haystack[J]. Physical Review Letters, 1997,79(2):325-328.
[5] SHOR P W. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer[J]. SIAM Journal on Computing, 1997,26(5):1484-1509.
[6] 张焕国,毛少武,吴万青,等. 量子计算复杂性理论综述[J]. 计算机学报,2016,12(29):2404-2428. ZHANG H G, MAO S W, WU W Q, et al. Overview of Quantum Computation Complexity Theory[J]. Chinese Journal of Computers, 2016,12(29):2404-2428. (in Chinese)
[7] PEIKERT C. A Decade of Lattice Cryptography [J]. Foundations and Trends in Theoretical Computer Science, 2016,10(4):283-424.
[8] ATTAI M. Generating Hard Instances of Lattice Problems(Extended Abstract)[C]//In 28th ACM STOC, ACM Press, 1996: 99-108.
[9] ODED R, On Lattices, Learning with Errors, Random Linear Codes, and Cryptography[C]//Proceedings of the 37th Annual ACM Symposium on Theory of Computing, STOC 2005. ACM Press, 2005:84-93.
[10] 张建航. 快速格公钥密码方案的研究[D]. 西安:西安电子科技大学,2012:50-51. ZHANG J H. Research on Efficient Lattice-Based Public Key Cryptosystems[D].Xi’an: Xidian University, 2012:50-51. (in Chinese)
[11] ALWEN J. PEIKERT C. Generating Shorter Bases for Hard Random Lattices. Theory of Computing Systems[C]//In STACS 2009. 48(3):535-553.
[12] GENTRY C, PEIKERT C, VAIKUNTANATHAN V. Trapdoors for Hard Lattices and New Cryptographic Constructions[C]//In STOC 2008: 197-206.
[13] LYUBASHEVSKY V. Lattice Signatures without Trapdoors[C]//EUROCRYPT2012: 735-755.
[14] PEIKERT C, ROSEN A. Efficient Collision-resistant Hashing from Worst-Case Assumptions Cyclic Lattices[R].ECCC Report TR05-158,2006: 145-166.
[15] ATTAI M. Generating Hard Instances of the Short Basis Problem[C]//In ICALP, 1999: 1-9.
[16] HOFFSTEIN J, PIPHER J, SILVERMAN J H, NTRU: A Ring-Based Public Key Cryptosystem[M]//Proceedings of the 3rd International Symposium (ANTS-III), LNCS 1423, 1998:267-288.
[17] 陈鲁生. 现代密码学[M].北京:科学出版社,2000:69-71. CHEN L S. Modern Cryptography[M].Beijing: Science Press,2000: 69-71.(in Chinese)