基于有扰认证信道的信息理论安全密钥协商
|
摘要
实现无条件安全的关键就在于安全密钥协商协议的设计。现在通常的做法是通信双方使用有扰信道或量子信道建立无条件安全模型,然后在公开认证信道上交互信息进行密钥协商,通信双方把协商之后的安全的密钥作为双方共享的密钥使用一次一密体制进行保密通信。
在这一研究领域,本文的主要研究成果如下:
1.提出了一种新的信息理论安全信道模型。在该模型中,通信双方使用虚拟的二元对称信道来控制窃听方接收信道的误比特率,而且使用该模型也不存在信息接收同步的问题。
2.提出了一个新的信息协调协议。该协议即使在最坏的情况下也要比已有的信息协调协议的效率高而且泄漏的信息量也较少。
Information-theoretically secure secret-key agreement is the key to make perfect security. The models of unconditional security from quantum channels and noisy channels are two typical methods now. Once the secret-key has been agreed over a public channel, one can use the key to encrypt messages by using one time pad. The main work in this thesis is as follows:
1) A new information-theoretically seure channel model is proposed. In the new model, the legitimate partners can control the error bit rate of the eavesdropper's channel by adjusting their virtual binary symmetric channels. When our new model is implemented, the problem of receiving synchronization of the partners will not occur.
2) A new information reconciliation protcol is presented. The efficiency of our new protocol is much higher than those of all known information reconciliation protocols even under the worst case, and simultaneously, its information leakage is relatively small.
在这一研究领域,本文的主要研究成果如下:
1.提出了一种新的信息理论安全信道模型。在该模型中,通信双方使用虚拟的二元对称信道来控制窃听方接收信道的误比特率,而且使用该模型也不存在信息接收同步的问题。
2.提出了一个新的信息协调协议。该协议即使在最坏的情况下也要比已有的信息协调协议的效率高而且泄漏的信息量也较少。
Information-theoretically secure secret-key agreement is the key to make perfect security. The models of unconditional security from quantum channels and noisy channels are two typical methods now. Once the secret-key has been agreed over a public channel, one can use the key to encrypt messages by using one time pad. The main work in this thesis is as follows:
1) A new information-theoretically seure channel model is proposed. In the new model, the legitimate partners can control the error bit rate of the eavesdropper's channel by adjusting their virtual binary symmetric channels. When our new model is implemented, the problem of receiving synchronization of the partners will not occur.
2) A new information reconciliation protcol is presented. The efficiency of our new protocol is much higher than those of all known information reconciliation protocols even under the worst case, and simultaneously, its information leakage is relatively small.
引文
[1] C.E. Shannon, Communication theory of secrecy systems, Bell System Technical Journal, 1949, Vol.28, pp.656-715.
[2] W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Transaction on Information Theory 22, 1976, No.6, pp.644-654.
[3] R.L. Rivest, A. Shamir, and L. M. Adleman, A method for obtaining digital signature and public key cryptosystems, Communications of the ACM, 1978, Vol.21, No.2, pp120-126.
[4] R.C. Merkle, and M. Hellman, Hiding information and signatures in trapdoor knapsacks, IEEE Transactions on Information Theory, 1978, Vol.24, No.5, pp.525-530.
[5] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logrithms, IEEE Transactions on Information Theory, 1985, Vol. 31, pp. 469-472.
[6] V. S. Miller, Use of elliptic curves in cryptography, Advances in Cryptology—CRYPTO' 85 Proceedings, 1986, Springer-Verlag, pp.417-426.
[7] A.K. Lenstra and E. R. Verheul, The XTR public key system, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, LNCS 1880, 2000, pp. 1-19.
[8] M. Ajtai and C. Dwork, A public key cryptosystem with worst-case/average-case equivalence, In Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, 1997, pp. 284-293.
[9] Oded Goldreich, Shaft Goldwasser, and Shai Halevi, Public-key cryptosystems from lattice reduction problems. In Burton S. Kaliski, Jr., editor, Advances in Cryptology-Crypto' 97, Vol. 1294 of Lecture Notes in Computer Science, Springer-Verlag, 1997, pp. 112-131.
[10] J. Hoffstein, J. Pipher and J.H. Silverman, NTRU: A New High Speed Public Key Cryptosystem, in Proc. of Algorithm Number Theory (ANTS Ⅲ), LNCS 1423, Springer-Verlag, 1998, pp. 267-288.
[11] K.H. Ko, S.J. Lee, J.H. Cheon, J.W. Han, J.S. Kang, and C. Park, New Public-key Cryptosystem Using Braid Groups, Proc. Crypto 2000, LNCS 1880 Springer-Verlag, 2000, pp. 166-183,.
[12] A. Salomaa, Public-key cryptosystems, EATCS Monographs on theoretical computer science, Vol.23, Springer-Verlag, 1990.
[13] 胡予濮,张玉清,肖国镇,对称密码学,北京,机械工业出版社,2002。
[14] A. Shamir, A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem, IEEE Trans. on Information Theory, 1984, Vol. IT-30, No.5, pp.699-704.
[15] A.K. Lenstra, H. W. Lenstra, and L. Lováisz, Factoring polynomials with rational coefficients, Springger Mathematische Annalen, 1982, Band 261, pp. 515-534.
[16] A. M. Odlyzko, The Rise and Fall of Knapsack Cryptosystems, Cryptology and Computational Number Theory, Proceedings of Symposia in Applied Mathematics, 1990, vol. 42, pp.75-88.
[17] Ming Kin Lai, Knapsack Cryptosystems: The Past and the Future, available at http://www.ics.uci.edu/~mingl/knapsack.html.
[18] 王育民,刘建伟,通信网的安全——理论与技术,西安,西安电子科技大学出版社,2000。
[19] Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, Handbook of applied cryptography, CRC Press, Boca Taton, FL, 1997.
[20] 陈原,可证明安全性及其在公钥密码体制上的应用,西安电子科技大学硕士论文,2003。
[21] Claude E. Shannon, A mathematical theory of Communication, Bell System Technical Journal, 1948, Vol.27, pp.379-423.
[22] 王育民,梁传甲,信息与编码理论,西北电讯工程学院出版社,1996。
[23] Thomas M. Cover, and Joy A. Thomas, Elements of information theory, Wiley series in telecommunications, 1992.
[24] Stefan Wolf, Unconditional Security in Cryptography, Lectures on data security: modern cryptology in theory and pratice, Lecture Notes in Computer Science, Springer-verlag, 1998,Vol. 1561, pp.217-250.
[25] R. W. Yeung, A new outlook on Shannon's information measures, IEEE Transactions on Information Theory, 1991, Vol. 37, No. 3, pp. 466-474.
[26] Alfréd Rényi, On measures of entropy and information, Proc. 4th Berkeley Symposium on Mathematical Statistics and Probability(Berkeley), vol. 1, Univ. of Calif. Press, 1961, pp.547-561.
[27] Alfréd Rényi, Probability theory, Nonth-Holland, Amsterdam, 1970.
[28] Ueli. Maurer and Stefan Wolf, The intrinsic conditional mutual information and prefect secrecy, Tech. Report 268, Department of Computer Science, ETH Zürich, 1997.
[29] Christian Cachin and Ueli Maurer, Linking information reconciliation and privacy amplification, Journal of Cryptology, 1997, Vol. 10, no.2, pp.97-110.
[30] Christian Cachin, Entropy measures and unconditional security in cryptography, For the degree of doctor of technical science, Swiss Federal Institute of Technology Zurich, 1997.
[31] J. Lawrence Carter and Mark N. Wegman, Universal classes of hash functions, Journal of Computer and System Sciences, 1979, Vol. 18, pp. 143-154.
[32] C.H.Bennett, G.Brassard, Claude Crépeau and U.M. Maurer, Generalized privacy amplification, IEEE Transactions on Information Theory, 1995, Vol. 41, No.6, pp.1915-1923.
[33] D.T.Stinson, Universal hashing and authentication codes, advances in Cryptology- CRYPTO'91, Lecture Notes in Computer Science, Spring-Verlag, 1992, Vol.576, pp.74-85.
[34] 张建中,肖国镇,胡予濮,用有限域上迹函数构造E-ASU Hash函数,西安电子科技大学学报,1999,Vol.26,No.4,pp.411-415。
[35] A. D. Wyner, The Wire-tap Channel, Bell System Technical Journal, 1975, Vol. 54, No. 8, pp. 1355-1387.
[36] J.L. Massey, A Simplified Treatment of Wyner's Wire-tap Channel, Proceedings of the 21st Annual Allerton Conference of Communication, Control, and Computing, Monticello, IL, 1983, pp. 268-276.
[37] L.H. Ozarow, and A. D. Wyner, Wire-tap channel Ⅱ, BLTJ, December 1984, Vol. 63, pp. 2135-2157.
[38] I. Csiszár, and J. Krner, Broadcast Channels with Confidential Messages, IEEE Transactions on Information Theory, 1978, Vol. 22, No. 6, pp. 339-348.
[39] C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, and J. Smolin, Experimental Quantum Cryptography, Journal of Cryptology, 1992, Vol. 5, No. 1, pp. 3-28.
[40] Ueli M.Maurer, Secret Key Agreement by Public Discussion From Common information, IEEE Transactions on Information Theory, 1993, Vol.39, No.3, pp. 733-742.
[41] Wang Baocang, Yang Bo, Secret Key Agreement by Public Discussion Not Based on Common Information, in preparation.
[42] Liu Shengli, Information-Theoretic Secret Key Agreement, Universiteitsdrukkerij Technishche Universiteit Eindhoven, 2002.
[43] Liu Shengli, Research on Information-theoretic Security in Cryptography. For the degree of Doctor of Philosophy in Cryptography, TN911, No. 10701, 1999.
[44] Gilles Brassard and Claude Crépeau, 25 years of quantum cryptography, SIGACT News, 1996, Vol. 27, No.3, pp. 13-24.
[45] A. Muller, H. Zbinden, and N. Gisin, Underwater quantum coding, Nature 378(1995), 449.
[46] W.T.Buttler, R.J.Hughes, P.G.Kwiat, etc., Free-space quantum-key distribution, Physical Review A, 1998, Vol.57, No.4, 57(4), 2379(4).
[47] C.H.Bennett and G.Brassard, Quantum Cryptography: Public key distribution and coin tossing, in Proc. IEEE Int. Conf. Computer, Systems and Signal Proceeding (Bangalore, India), 1984, pp. 175-179.
[48] G. Brassard, Cryptology column-Quantum cryptography: A bibliography, Sigact News, vol.24, no.3, 1993, pp.16-20.
[49] 戴葵等,量子信息技术引论,长沙,国防科技大学出版社,2001。
[50] 胡予濮,杨波,张玉清,完善保密方案中的优先退化协议,电子学报,Vol.30,No.4,2002,pp.533-535。
[51] 秦兴成,杨波,苏晓龙,华翔,一种新的优先提取/退化协议,通信技术,No.4,2002,pp.69-71。
[52] 秦兴成,信息理论安全密钥协商,西安电子科技大学硕士论文,2003。
[53] Claude Crépeau and Joe Kilian, Achieving oblivious transfer using weakened security assumptions, Proc. 29th IEEE Symposium on Foundation of Computer Science(FOCS), 1989.
[54] U.M. Maurer. Protocols for Secret Key Agreement Based on Common Information. Advances in Cryptology-CRYPTO'92, Lecture Notes in Computer Science, Springer Verlag, Vol. 740, 1993, pp.461-470.
[55] M.J.Gander and U.M.Maurer. On the Secret Key Rate of Binary Random Variables. Proceedings IEEE 1994 International Symposium on Information Theory, 1994, pp.351.
[56] Gilles Brassard and Louis Salvail, Secret-key Reconciliation by Public Discussion, Advances in Cryptology---EUROCRYPT'93(Tor Helleseth, ed.), Lecture Notes in Computer Science, vol.765, Springer-Verlag, 1994, pp.410-423.
[57] 王保仓,杨波,一种新的信息协调协议,已投《电子学报》。
[58] T. Sugimoto and K. Yamazaki, A study on secret key reconciliation protocol "Cascade ", Trans. of the IEICE, Vol.E83-A, No. 10, 2000, pp. 1987-1991.
[59] K. Yamazaki and T. Sugimoto, On secret reconciliation protocol- modification of "Cascade" protocol, International Symposium on Information Theory and its applications, Honolulu, Hawaii, Nov 5-8, 2000, pp.223-226.
[60] Joel Friedman, on the bit extraction problem, available at http://www.math.ubc.ca/~jf/pubs/web_stuff/focsbits2.pdf
[61] R. Brunner, C. Cachin, U. Maurer, and C. Vonasch, Demonstration system for secret key agreement by public discussion, available at http://www.inf.ethz.ch/department/TI/um/.
[62] M. van Dijk, and H. van Tilborg, the art of distilling, in Proceedings of ITW'98, 1998, pp. 158-159.
[63] S. Liu, H. van Tilborg, and M. van Dijk, A practical for asdvantage distillation and information reconciliation, manuscript, 2002.
[64] S. Liu, and H. van Tilborg, Optimizing secret key reconciliation protocol Cascade, manuscript, 2002.
[65] 王保仓,杨波,一种新的信息协调协议,西安电子科技大学第二届学术年会论文集,2003,pp.1-220-1-223。
[66] C.H.Bennett, G.Brassard, J.M. Robert: Privacy Amplification by Public Discussion. SIAM J Comput. 17, 1988, pp.210-229.
[67] Ueli. Maurer and Stefan Wolf, Privacy amplification secure against active adversaries, Advances in Cryptology-CRYPTO'97, Lecture Notes in Computer Science, Springer Verlag, Vol. 1294, 1997, pp.307-321.
[68] L. Trevisan, Construction of Extractors Using Pseudorandom Generators, Proc. of the 31st Symposium on Theory of Computing (STOC), ACM, 1999, pp.141-148.
[69] 杨波,尹伟谊,基于Rényi熵和提取器的无条件安全秘密钥提取,通信学报,Vol.23 No.12,2002,pp.23-29。
[70] 刘胜利,王育民,边信息对Rényi熵的影响,通信学报,Vol.21 No.5,2000,pp.76-80。
[71] 刘胜利,王育民,公开协商所提取的无条件安全秘密钥长度,西安电子科技大学学报,Vol.26,No.4,1999,pp.436-439。
[72] 杨波,张彤,王育民,基于平滑熵的防主动攻击的无条件安全秘密钥的提取,电子学报,Vol.29,No.10,2001,pp.1349-1351。
[73] 杨波,张彤,王育民,基于平滑熵的无条件安全秘密钥的提取,电子学报,Vol.29,No.7,2001,pp.1-3。
[74] 杨波,马华,基于平滑熵的无条件安全秘密钥协商时的密钥速率,通信学报,Vol.23,No.5,2002,pp.45-50。
[75] 刘胜利,王育民,无条件安全密钥的提取,电子学报,Vol.27,No.10,1999, pp.128-130。
[76] 刘胜利,王育民,无条件安全密钥协商中认证问题的研究,计算机学报,Vol.22,No.11,1999,pp.1184-1188。
[77] 刘胜利,马文平,王育民,一种利用无条件认证实现的强保密增强协议,计算机学报,Vol.23,No.3,2000,pp.237-241。
[78] Liu Shengli, and Wang Yumin, Privacy amplification against active attacks with strong robustness, Electronics Letters, Vol. 35, No. 9, 1999, pp.712-713.
[79] U. Maurer, Information-theoretically secure secret-key agreement by not uthenticated public discussion, Advances in Cryptology-EUROCRYPT'97, Lecture Notes in Computer Science, Springer-Verlag, Vol. 1666, 1999, pp. 47-64.
[80] S. Liu, and Y. Wang, An authentication scheme over non-authentic public channel in information-theoretic secret-key agreement, AAECC-13 Symposium, Honolulu, Hawaii, USA, Nov. 14-19, Springer-Verlag, 1999, pp. 294-301.
[81] Ueli Maurer and Stefan Wolf, Information-Theoretic Key Agreement:From Weak to Strong Secrecy for Free, EUROCRYPT 2000, LNCS 1807, Springer-Verlag, 2000, pp. 351-368.
[82] 刘胜利,田建波,王育民,一种防主动攻击保密增强的实现,电子学报,Vol.27,No.11,1999,pp.138-140。
[83] U. M. Maurer, The strong secret key rate of discrete random triples, Communication and Cryptography-Two Sides of One Tapestry, Kluwer Academic Publishers, 1994, pp. 271-285.
[2] W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Transaction on Information Theory 22, 1976, No.6, pp.644-654.
[3] R.L. Rivest, A. Shamir, and L. M. Adleman, A method for obtaining digital signature and public key cryptosystems, Communications of the ACM, 1978, Vol.21, No.2, pp120-126.
[4] R.C. Merkle, and M. Hellman, Hiding information and signatures in trapdoor knapsacks, IEEE Transactions on Information Theory, 1978, Vol.24, No.5, pp.525-530.
[5] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logrithms, IEEE Transactions on Information Theory, 1985, Vol. 31, pp. 469-472.
[6] V. S. Miller, Use of elliptic curves in cryptography, Advances in Cryptology—CRYPTO' 85 Proceedings, 1986, Springer-Verlag, pp.417-426.
[7] A.K. Lenstra and E. R. Verheul, The XTR public key system, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, LNCS 1880, 2000, pp. 1-19.
[8] M. Ajtai and C. Dwork, A public key cryptosystem with worst-case/average-case equivalence, In Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, 1997, pp. 284-293.
[9] Oded Goldreich, Shaft Goldwasser, and Shai Halevi, Public-key cryptosystems from lattice reduction problems. In Burton S. Kaliski, Jr., editor, Advances in Cryptology-Crypto' 97, Vol. 1294 of Lecture Notes in Computer Science, Springer-Verlag, 1997, pp. 112-131.
[10] J. Hoffstein, J. Pipher and J.H. Silverman, NTRU: A New High Speed Public Key Cryptosystem, in Proc. of Algorithm Number Theory (ANTS Ⅲ), LNCS 1423, Springer-Verlag, 1998, pp. 267-288.
[11] K.H. Ko, S.J. Lee, J.H. Cheon, J.W. Han, J.S. Kang, and C. Park, New Public-key Cryptosystem Using Braid Groups, Proc. Crypto 2000, LNCS 1880 Springer-Verlag, 2000, pp. 166-183,.
[12] A. Salomaa, Public-key cryptosystems, EATCS Monographs on theoretical computer science, Vol.23, Springer-Verlag, 1990.
[13] 胡予濮,张玉清,肖国镇,对称密码学,北京,机械工业出版社,2002。
[14] A. Shamir, A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem, IEEE Trans. on Information Theory, 1984, Vol. IT-30, No.5, pp.699-704.
[15] A.K. Lenstra, H. W. Lenstra, and L. Lováisz, Factoring polynomials with rational coefficients, Springger Mathematische Annalen, 1982, Band 261, pp. 515-534.
[16] A. M. Odlyzko, The Rise and Fall of Knapsack Cryptosystems, Cryptology and Computational Number Theory, Proceedings of Symposia in Applied Mathematics, 1990, vol. 42, pp.75-88.
[17] Ming Kin Lai, Knapsack Cryptosystems: The Past and the Future, available at http://www.ics.uci.edu/~mingl/knapsack.html.
[18] 王育民,刘建伟,通信网的安全——理论与技术,西安,西安电子科技大学出版社,2000。
[19] Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, Handbook of applied cryptography, CRC Press, Boca Taton, FL, 1997.
[20] 陈原,可证明安全性及其在公钥密码体制上的应用,西安电子科技大学硕士论文,2003。
[21] Claude E. Shannon, A mathematical theory of Communication, Bell System Technical Journal, 1948, Vol.27, pp.379-423.
[22] 王育民,梁传甲,信息与编码理论,西北电讯工程学院出版社,1996。
[23] Thomas M. Cover, and Joy A. Thomas, Elements of information theory, Wiley series in telecommunications, 1992.
[24] Stefan Wolf, Unconditional Security in Cryptography, Lectures on data security: modern cryptology in theory and pratice, Lecture Notes in Computer Science, Springer-verlag, 1998,Vol. 1561, pp.217-250.
[25] R. W. Yeung, A new outlook on Shannon's information measures, IEEE Transactions on Information Theory, 1991, Vol. 37, No. 3, pp. 466-474.
[26] Alfréd Rényi, On measures of entropy and information, Proc. 4th Berkeley Symposium on Mathematical Statistics and Probability(Berkeley), vol. 1, Univ. of Calif. Press, 1961, pp.547-561.
[27] Alfréd Rényi, Probability theory, Nonth-Holland, Amsterdam, 1970.
[28] Ueli. Maurer and Stefan Wolf, The intrinsic conditional mutual information and prefect secrecy, Tech. Report 268, Department of Computer Science, ETH Zürich, 1997.
[29] Christian Cachin and Ueli Maurer, Linking information reconciliation and privacy amplification, Journal of Cryptology, 1997, Vol. 10, no.2, pp.97-110.
[30] Christian Cachin, Entropy measures and unconditional security in cryptography, For the degree of doctor of technical science, Swiss Federal Institute of Technology Zurich, 1997.
[31] J. Lawrence Carter and Mark N. Wegman, Universal classes of hash functions, Journal of Computer and System Sciences, 1979, Vol. 18, pp. 143-154.
[32] C.H.Bennett, G.Brassard, Claude Crépeau and U.M. Maurer, Generalized privacy amplification, IEEE Transactions on Information Theory, 1995, Vol. 41, No.6, pp.1915-1923.
[33] D.T.Stinson, Universal hashing and authentication codes, advances in Cryptology- CRYPTO'91, Lecture Notes in Computer Science, Spring-Verlag, 1992, Vol.576, pp.74-85.
[34] 张建中,肖国镇,胡予濮,用有限域上迹函数构造E-ASU Hash函数,西安电子科技大学学报,1999,Vol.26,No.4,pp.411-415。
[35] A. D. Wyner, The Wire-tap Channel, Bell System Technical Journal, 1975, Vol. 54, No. 8, pp. 1355-1387.
[36] J.L. Massey, A Simplified Treatment of Wyner's Wire-tap Channel, Proceedings of the 21st Annual Allerton Conference of Communication, Control, and Computing, Monticello, IL, 1983, pp. 268-276.
[37] L.H. Ozarow, and A. D. Wyner, Wire-tap channel Ⅱ, BLTJ, December 1984, Vol. 63, pp. 2135-2157.
[38] I. Csiszár, and J. Krner, Broadcast Channels with Confidential Messages, IEEE Transactions on Information Theory, 1978, Vol. 22, No. 6, pp. 339-348.
[39] C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, and J. Smolin, Experimental Quantum Cryptography, Journal of Cryptology, 1992, Vol. 5, No. 1, pp. 3-28.
[40] Ueli M.Maurer, Secret Key Agreement by Public Discussion From Common information, IEEE Transactions on Information Theory, 1993, Vol.39, No.3, pp. 733-742.
[41] Wang Baocang, Yang Bo, Secret Key Agreement by Public Discussion Not Based on Common Information, in preparation.
[42] Liu Shengli, Information-Theoretic Secret Key Agreement, Universiteitsdrukkerij Technishche Universiteit Eindhoven, 2002.
[43] Liu Shengli, Research on Information-theoretic Security in Cryptography. For the degree of Doctor of Philosophy in Cryptography, TN911, No. 10701, 1999.
[44] Gilles Brassard and Claude Crépeau, 25 years of quantum cryptography, SIGACT News, 1996, Vol. 27, No.3, pp. 13-24.
[45] A. Muller, H. Zbinden, and N. Gisin, Underwater quantum coding, Nature 378(1995), 449.
[46] W.T.Buttler, R.J.Hughes, P.G.Kwiat, etc., Free-space quantum-key distribution, Physical Review A, 1998, Vol.57, No.4, 57(4), 2379(4).
[47] C.H.Bennett and G.Brassard, Quantum Cryptography: Public key distribution and coin tossing, in Proc. IEEE Int. Conf. Computer, Systems and Signal Proceeding (Bangalore, India), 1984, pp. 175-179.
[48] G. Brassard, Cryptology column-Quantum cryptography: A bibliography, Sigact News, vol.24, no.3, 1993, pp.16-20.
[49] 戴葵等,量子信息技术引论,长沙,国防科技大学出版社,2001。
[50] 胡予濮,杨波,张玉清,完善保密方案中的优先退化协议,电子学报,Vol.30,No.4,2002,pp.533-535。
[51] 秦兴成,杨波,苏晓龙,华翔,一种新的优先提取/退化协议,通信技术,No.4,2002,pp.69-71。
[52] 秦兴成,信息理论安全密钥协商,西安电子科技大学硕士论文,2003。
[53] Claude Crépeau and Joe Kilian, Achieving oblivious transfer using weakened security assumptions, Proc. 29th IEEE Symposium on Foundation of Computer Science(FOCS), 1989.
[54] U.M. Maurer. Protocols for Secret Key Agreement Based on Common Information. Advances in Cryptology-CRYPTO'92, Lecture Notes in Computer Science, Springer Verlag, Vol. 740, 1993, pp.461-470.
[55] M.J.Gander and U.M.Maurer. On the Secret Key Rate of Binary Random Variables. Proceedings IEEE 1994 International Symposium on Information Theory, 1994, pp.351.
[56] Gilles Brassard and Louis Salvail, Secret-key Reconciliation by Public Discussion, Advances in Cryptology---EUROCRYPT'93(Tor Helleseth, ed.), Lecture Notes in Computer Science, vol.765, Springer-Verlag, 1994, pp.410-423.
[57] 王保仓,杨波,一种新的信息协调协议,已投《电子学报》。
[58] T. Sugimoto and K. Yamazaki, A study on secret key reconciliation protocol "Cascade ", Trans. of the IEICE, Vol.E83-A, No. 10, 2000, pp. 1987-1991.
[59] K. Yamazaki and T. Sugimoto, On secret reconciliation protocol- modification of "Cascade" protocol, International Symposium on Information Theory and its applications, Honolulu, Hawaii, Nov 5-8, 2000, pp.223-226.
[60] Joel Friedman, on the bit extraction problem, available at http://www.math.ubc.ca/~jf/pubs/web_stuff/focsbits2.pdf
[61] R. Brunner, C. Cachin, U. Maurer, and C. Vonasch, Demonstration system for secret key agreement by public discussion, available at http://www.inf.ethz.ch/department/TI/um/.
[62] M. van Dijk, and H. van Tilborg, the art of distilling, in Proceedings of ITW'98, 1998, pp. 158-159.
[63] S. Liu, H. van Tilborg, and M. van Dijk, A practical for asdvantage distillation and information reconciliation, manuscript, 2002.
[64] S. Liu, and H. van Tilborg, Optimizing secret key reconciliation protocol Cascade, manuscript, 2002.
[65] 王保仓,杨波,一种新的信息协调协议,西安电子科技大学第二届学术年会论文集,2003,pp.1-220-1-223。
[66] C.H.Bennett, G.Brassard, J.M. Robert: Privacy Amplification by Public Discussion. SIAM J Comput. 17, 1988, pp.210-229.
[67] Ueli. Maurer and Stefan Wolf, Privacy amplification secure against active adversaries, Advances in Cryptology-CRYPTO'97, Lecture Notes in Computer Science, Springer Verlag, Vol. 1294, 1997, pp.307-321.
[68] L. Trevisan, Construction of Extractors Using Pseudorandom Generators, Proc. of the 31st Symposium on Theory of Computing (STOC), ACM, 1999, pp.141-148.
[69] 杨波,尹伟谊,基于Rényi熵和提取器的无条件安全秘密钥提取,通信学报,Vol.23 No.12,2002,pp.23-29。
[70] 刘胜利,王育民,边信息对Rényi熵的影响,通信学报,Vol.21 No.5,2000,pp.76-80。
[71] 刘胜利,王育民,公开协商所提取的无条件安全秘密钥长度,西安电子科技大学学报,Vol.26,No.4,1999,pp.436-439。
[72] 杨波,张彤,王育民,基于平滑熵的防主动攻击的无条件安全秘密钥的提取,电子学报,Vol.29,No.10,2001,pp.1349-1351。
[73] 杨波,张彤,王育民,基于平滑熵的无条件安全秘密钥的提取,电子学报,Vol.29,No.7,2001,pp.1-3。
[74] 杨波,马华,基于平滑熵的无条件安全秘密钥协商时的密钥速率,通信学报,Vol.23,No.5,2002,pp.45-50。
[75] 刘胜利,王育民,无条件安全密钥的提取,电子学报,Vol.27,No.10,1999, pp.128-130。
[76] 刘胜利,王育民,无条件安全密钥协商中认证问题的研究,计算机学报,Vol.22,No.11,1999,pp.1184-1188。
[77] 刘胜利,马文平,王育民,一种利用无条件认证实现的强保密增强协议,计算机学报,Vol.23,No.3,2000,pp.237-241。
[78] Liu Shengli, and Wang Yumin, Privacy amplification against active attacks with strong robustness, Electronics Letters, Vol. 35, No. 9, 1999, pp.712-713.
[79] U. Maurer, Information-theoretically secure secret-key agreement by not uthenticated public discussion, Advances in Cryptology-EUROCRYPT'97, Lecture Notes in Computer Science, Springer-Verlag, Vol. 1666, 1999, pp. 47-64.
[80] S. Liu, and Y. Wang, An authentication scheme over non-authentic public channel in information-theoretic secret-key agreement, AAECC-13 Symposium, Honolulu, Hawaii, USA, Nov. 14-19, Springer-Verlag, 1999, pp. 294-301.
[81] Ueli Maurer and Stefan Wolf, Information-Theoretic Key Agreement:From Weak to Strong Secrecy for Free, EUROCRYPT 2000, LNCS 1807, Springer-Verlag, 2000, pp. 351-368.
[82] 刘胜利,田建波,王育民,一种防主动攻击保密增强的实现,电子学报,Vol.27,No.11,1999,pp.138-140。
[83] U. M. Maurer, The strong secret key rate of discrete random triples, Communication and Cryptography-Two Sides of One Tapestry, Kluwer Academic Publishers, 1994, pp. 271-285.