基于量子密钥的签名协议的研究
|
摘要
密码技术是信息安全领域的核心技术,在当今社会的许多领域都有着广泛的商业应用前景。而量子密码术是密码学技术的较新的研究课题,它的发展对推动密码学理论发展起了积极的作用。量子密码术是一种实现秘密通信的新方法,它利用单光子的量子性质,借助量子密钥分配协议可实现数据传输的可证性安全。
本文介绍了作者在量子密码学领域里的工作,这些工作主要包括对量子密码理论、量子密钥分配和量子数字签名的研究,以及量子密码技术的实际应用。量子密码具有无条件安全的特性(即不会遭受拥有足够时间和计算机能力的窃听者攻击的危险),而在实际通信发生之前,不需要交换私钥。本文首先描述了量子密码学的最近研究进展及其理论基础,接着介绍了量子密钥分配以及在它之上的窃听攻击。
在对量子密钥分配进行讨论之后,本文研究了量子数字签名的问题。根据所描述的量子单向函数,本文给出了一种基于量子物理的基本原理基础之上的安全性的量子数字签名,同时说明了在使用一种密钥分配的条件下,它是无条件安全的。这个协议也为在量子世界中引入传统的公钥密码技术提供了一个模型。
最后,本文介绍了量子密码技术实际应用的两个方面,一个是密码攻击方面的应用,另一个则是讨论了量子理论在通信、安全等信息技术方面的一些实际应用。
Cryptology is the kernel technology in the field of information security, it has extensive commercial prospect in many fields. Quantum cryptology is one of the nearest study tasks in cryptology technology, its development do active promotion to the progress of cryptology theory. Quantum cryptology is a new method for secret communications. This new method utilizes the quantum nature of single photons. Data can be transferred with a proven security via the protocols of quantum key distribution.
Work done by author is introduced in this thesis. This work includes research on quantum cryptography theories, quantum key distribution and quantum digital signature together with application of quantum cryptography. It is unconditionally secure (i.e. secure against a spy who has sufficient time and computer power), and needless of any private key exchange before the actual communication. In this paper, we firstly describe the recent research progress and the theory basis of quantum cryptography, then introduce Quantum Key Distribution(QKD) and eavesdropping attacks on the QKD.
After discussed the problem of QKD, we focus on Quantum Digital Signature. According to the described Quantum One-way Function, a quantum digital signature scheme whose security is based on fundamental principles of quantum physics is given and that the signature scheme is absolutely secure using one method of key distribution is shown. The protocol provides a model for importing the ideas of classical public key cryptography into the quantum world.
Finally, the two aspects of the practical application of the quantum technology is introduced in this paper. One is application in the cryptanalysis, the other is some practical applications of quantum theory in information technology such as communication, security and etc.
本文介绍了作者在量子密码学领域里的工作,这些工作主要包括对量子密码理论、量子密钥分配和量子数字签名的研究,以及量子密码技术的实际应用。量子密码具有无条件安全的特性(即不会遭受拥有足够时间和计算机能力的窃听者攻击的危险),而在实际通信发生之前,不需要交换私钥。本文首先描述了量子密码学的最近研究进展及其理论基础,接着介绍了量子密钥分配以及在它之上的窃听攻击。
在对量子密钥分配进行讨论之后,本文研究了量子数字签名的问题。根据所描述的量子单向函数,本文给出了一种基于量子物理的基本原理基础之上的安全性的量子数字签名,同时说明了在使用一种密钥分配的条件下,它是无条件安全的。这个协议也为在量子世界中引入传统的公钥密码技术提供了一个模型。
最后,本文介绍了量子密码技术实际应用的两个方面,一个是密码攻击方面的应用,另一个则是讨论了量子理论在通信、安全等信息技术方面的一些实际应用。
Cryptology is the kernel technology in the field of information security, it has extensive commercial prospect in many fields. Quantum cryptology is one of the nearest study tasks in cryptology technology, its development do active promotion to the progress of cryptology theory. Quantum cryptology is a new method for secret communications. This new method utilizes the quantum nature of single photons. Data can be transferred with a proven security via the protocols of quantum key distribution.
Work done by author is introduced in this thesis. This work includes research on quantum cryptography theories, quantum key distribution and quantum digital signature together with application of quantum cryptography. It is unconditionally secure (i.e. secure against a spy who has sufficient time and computer power), and needless of any private key exchange before the actual communication. In this paper, we firstly describe the recent research progress and the theory basis of quantum cryptography, then introduce Quantum Key Distribution(QKD) and eavesdropping attacks on the QKD.
After discussed the problem of QKD, we focus on Quantum Digital Signature. According to the described Quantum One-way Function, a quantum digital signature scheme whose security is based on fundamental principles of quantum physics is given and that the signature scheme is absolutely secure using one method of key distribution is shown. The protocol provides a model for importing the ideas of classical public key cryptography into the quantum world.
Finally, the two aspects of the practical application of the quantum technology is introduced in this paper. One is application in the cryptanalysis, the other is some practical applications of quantum theory in information technology such as communication, security and etc.
引文
[1] 赵战生, 冯登国,等. 信息安全技术浅谈. 北京:科学出版社,1999
[2] 戴葵,宋辉,等. 量子信息技术引论. 湖南:国防科技大学出版社,2001
[3] Bruce Schneier 著,吴世忠,祝世雄,张文政,等译. 应用密码学 协议、算法与c源程序. 北京:机械工业出版社, 2000
[4] Wiesner S. Conjugate coding. Sigact News, 1983, 15(1):78~88.
[5] Bennett C H, Bessette F, Brassard G, Salvail L, Smolin J. Experimental quantum cryptography. Journal of Cryptology, 1992,5(1):3~28.
[6] Brassard G, Crepeau C, Jozsa R, Langlois D. A quantum bit commitment scheme provably unbreakable by both parties. Proceedings of the 34th IEEE Symposium on Foundations of Computer Science, November 1993, pp. 362~371.
[7] 朱文余,孙琦,四川大学数学学院组编. 计算机密码应用基础. 北京:科学出版社,2000
[8] (德)F.L.Bauer 著, 吴世忠,宋晓龙,李守鹏,译. 密码编码和密码分析原理与方法. 北京:机械工业出版社,2001.
[9] 闵嗣鹤,严士健. 初等数论(第二版) . 北京:高等教育出版社,1982.
[10] 盛德成,编著. 抽象代数. 北京:科学出版社,2001.
[11] 于寅,著. 近代数学基础. 湖北:华中理工大学出版社,1998.
[12] 冯克勤,著. 代数数论. 北京:科学出版社,2000.
[13] 李传锋 郭光灿, 量子信息研究进展, 物理学进展, 2001, 20(4):407~431.
[14] 赵志 冯芒 詹明生, 量子算法与量子计算实验, 物理学进展, 2001, 21(2):183~215.
[15] Einstein A, Podolsky B and Rosen N. Can Quantum-mechanical description of physical reality be considered complete?. Phys. Rev., 1935, vol. 47, pp. 777~780, Reprinted in Quantum theory and measurement, J. A. Wheeler and W. Z. Zurek, eds., Princeton University Press, 1983.
[16] Milburn G J. 费曼处理器(郭光灿等译) . 江西:江西教育出版社,1999,49~55.
[17] Wootters W K, Zurek W. A single quantum cannot be done. Nature, 1982, 299(28):802~803.
[18] D' Ariano G M, Yuen H P. Impossible of measuring the wave function of a single quantum system. Phy. Rev. Lett., 1996, 76(16):2832~2835.
[19] Barnum H, Caves M. et al. Noncommuting mixed states cannot be broadcast. Phys. Rev. Lett., 1996, 76(15):2818~2821.
[20] Koashi M, Inoto N. No-cloning theorem of entangled states. Phys. Rev. Lett., 1998, 81(9):4264~4267
[21]Goldwater Sharon Quantum cryptography and privacy amplification. http://www.ai.sri.com/~goldwate/quantum.html
[22] Gottesman Daniel, Lo Hoi-Kwong. From quantum cheating to quantum security. Physics Today(online), http://www.physicstoday.org/pt/vol-53/iss-11/p22.html.
[23] R. L. Rivest et al., Comm. ACM 21(February), 120(1978).
[24] 聂元铭,丘平. 网络信息安全技术. 北京:科学出版社,2001.
[25] F. B. Wrixon, "Codes and Ciphers", (Prentice Hall, NY 1992).
[26] G. J. Simmons ed., "Contemporary Cryptography,"(IEEE Press, Piscataway, 1992).
[27] C.H. Bennett et al., J. Crypt.5, 3(1992).
[28] M. N. Wegman and J. L. Carter, J. Comp. Syst. Sci. 22, 265(1981).
[29] J. F. Clauser, Phys. Rev. D9, 853(1974); P. Grangier et al., Europhys. Lett. 1, 173(1986); F. M. Piphin, Adv. At. Mol. Phys. 14, 281(1978); E. H. Wichmann, "Quantum Physics," pp. 164(McGraw-Hill, New York, 1971).
[30] W. K. Wooters and W. H. Zurek, Nature 299, 802(1982); D. Dieks, Phys. Lett. 92A, 271(1982); P. W. Milonni and M. L. Hardies, Phys. Lett. 92A, 321(1982); L. Mandel, Nature 304,188(1983).
[31] A. K. Ekert et al., Phys. Rev. A50, 1047(1994); S. M. Barnett and S. J. D. Phoenix, Phys. Rev. A48, R5(1993); S. J. D. Phoenix, Phys. Rev. A48, 96(1993); M. J. Werner and G. J. Milburn, Phys. Rev. A47, 639(1993).
[32] A. M. Gleason, J. Math. Mech. (Indiana U. Math. J. )6,885(1957);J. S. Bell, Rev. Mod. Phys. 38, 447(1966) reprinted in "Speakable and Unspeakable in Quantum Mechanics," (CUP, Cambridge, 1987); S. Kochen and E. P. Specker, J. Math. Mech. (Indiana U. Math. J.)17,59(1967).
[33] L. Lamport, Constructing digital signatures from one-way function, Technical Report SRI-CSL-98, SRI International, Oct 1979.
[34] Nielsen, M.A., and Chuang , I.L. Quantum Computation and Quantum Information. Cambridge University Press, Cambridge, UK, 2000.
[35] Holevo, A. S. Problems in the mathematical theory of quantum Communicaion Channels. Rep. Math. Phys. 12(2)(1977), 273-278.
[36] Buhrman, H., Cleve, R., Watrous, J., And De Wolf, R. Quantum fingerprinting. Phys. Rev. Lett. 87(2001), 167902.
[37] Chaum, D., And Roijakkers, S. Unconditionally Secure Digital Signatures. Lecture Notes in Computer Science 537(1991), 206-214.
[38] Crepeau,, C., Efficient cryptographic protocols based on noisy channels. In Advances in Crytology:Proceedings Of Eurocrypt'97(Berlin, 1997), Springer-Verlag, PP.306-317.
[39] Crepeau,, C., And Kilian, J.Weakening Security assumptions and oblivious transfer. In Lecture Notes in Computer Science: Advances in Cryptology: Proceedings of Crypto'88(Berlin,1990), S.Goldwasser, Ed., Vol. 403, Springer-Verlag, PP.2-7.
[40] C. H. Bennett, G. Brassard, and A.K. Ekert, "Quantum Cryptography", Scientific American,v.267, n.4, Oct 1992, pp.50-57.
[41] G.Brassard, "Quantum Cryptography: A Bibliography", SIGACT News, v.24, n.3, Oct 1993, pp.16-20.
[42] R. L. Rivest, A. Sharmir, and L. Adleman. "A method for obtaining digital signatures and public key cryptosystems". Communications of the ACM, 21:120-126, 1978.
[43] 李克洪,王大玲,董晓梅. 实用密码学与计算机数据安全. 沈阳:东北大学出版社,1997.
[44] A. J. Menezes, P.C. van Oorschot, and S.A. Vanstone. "Handbook of Applied Cryptography". CRC Press, 1996.
[45] 崔屹. 数字图象处理技术及应用. 北京:电子工业出版社,1997.
[46] Th. Beth. On the computational complexity of the general discrete Fourier transform. Theoretical Computer Science, 51:331-339, 1987.
[47] R.Beals. Quantum computation of Fourier transforms over the symmetric groups. In Proc. STOC 97, El Paso, Texas, 1997.
[48] C. Coppersmith. An Approximate Fourier Transform Useful for Quantum Factoring. Technical Report RC 19642, IBM Research Division,1994.
[2] 戴葵,宋辉,等. 量子信息技术引论. 湖南:国防科技大学出版社,2001
[3] Bruce Schneier 著,吴世忠,祝世雄,张文政,等译. 应用密码学 协议、算法与c源程序. 北京:机械工业出版社, 2000
[4] Wiesner S. Conjugate coding. Sigact News, 1983, 15(1):78~88.
[5] Bennett C H, Bessette F, Brassard G, Salvail L, Smolin J. Experimental quantum cryptography. Journal of Cryptology, 1992,5(1):3~28.
[6] Brassard G, Crepeau C, Jozsa R, Langlois D. A quantum bit commitment scheme provably unbreakable by both parties. Proceedings of the 34th IEEE Symposium on Foundations of Computer Science, November 1993, pp. 362~371.
[7] 朱文余,孙琦,四川大学数学学院组编. 计算机密码应用基础. 北京:科学出版社,2000
[8] (德)F.L.Bauer 著, 吴世忠,宋晓龙,李守鹏,译. 密码编码和密码分析原理与方法. 北京:机械工业出版社,2001.
[9] 闵嗣鹤,严士健. 初等数论(第二版) . 北京:高等教育出版社,1982.
[10] 盛德成,编著. 抽象代数. 北京:科学出版社,2001.
[11] 于寅,著. 近代数学基础. 湖北:华中理工大学出版社,1998.
[12] 冯克勤,著. 代数数论. 北京:科学出版社,2000.
[13] 李传锋 郭光灿, 量子信息研究进展, 物理学进展, 2001, 20(4):407~431.
[14] 赵志 冯芒 詹明生, 量子算法与量子计算实验, 物理学进展, 2001, 21(2):183~215.
[15] Einstein A, Podolsky B and Rosen N. Can Quantum-mechanical description of physical reality be considered complete?. Phys. Rev., 1935, vol. 47, pp. 777~780, Reprinted in Quantum theory and measurement, J. A. Wheeler and W. Z. Zurek, eds., Princeton University Press, 1983.
[16] Milburn G J. 费曼处理器(郭光灿等译) . 江西:江西教育出版社,1999,49~55.
[17] Wootters W K, Zurek W. A single quantum cannot be done. Nature, 1982, 299(28):802~803.
[18] D' Ariano G M, Yuen H P. Impossible of measuring the wave function of a single quantum system. Phy. Rev. Lett., 1996, 76(16):2832~2835.
[19] Barnum H, Caves M. et al. Noncommuting mixed states cannot be broadcast. Phys. Rev. Lett., 1996, 76(15):2818~2821.
[20] Koashi M, Inoto N. No-cloning theorem of entangled states. Phys. Rev. Lett., 1998, 81(9):4264~4267
[21]Goldwater Sharon Quantum cryptography and privacy amplification. http://www.ai.sri.com/~goldwate/quantum.html
[22] Gottesman Daniel, Lo Hoi-Kwong. From quantum cheating to quantum security. Physics Today(online), http://www.physicstoday.org/pt/vol-53/iss-11/p22.html.
[23] R. L. Rivest et al., Comm. ACM 21(February), 120(1978).
[24] 聂元铭,丘平. 网络信息安全技术. 北京:科学出版社,2001.
[25] F. B. Wrixon, "Codes and Ciphers", (Prentice Hall, NY 1992).
[26] G. J. Simmons ed., "Contemporary Cryptography,"(IEEE Press, Piscataway, 1992).
[27] C.H. Bennett et al., J. Crypt.5, 3(1992).
[28] M. N. Wegman and J. L. Carter, J. Comp. Syst. Sci. 22, 265(1981).
[29] J. F. Clauser, Phys. Rev. D9, 853(1974); P. Grangier et al., Europhys. Lett. 1, 173(1986); F. M. Piphin, Adv. At. Mol. Phys. 14, 281(1978); E. H. Wichmann, "Quantum Physics," pp. 164(McGraw-Hill, New York, 1971).
[30] W. K. Wooters and W. H. Zurek, Nature 299, 802(1982); D. Dieks, Phys. Lett. 92A, 271(1982); P. W. Milonni and M. L. Hardies, Phys. Lett. 92A, 321(1982); L. Mandel, Nature 304,188(1983).
[31] A. K. Ekert et al., Phys. Rev. A50, 1047(1994); S. M. Barnett and S. J. D. Phoenix, Phys. Rev. A48, R5(1993); S. J. D. Phoenix, Phys. Rev. A48, 96(1993); M. J. Werner and G. J. Milburn, Phys. Rev. A47, 639(1993).
[32] A. M. Gleason, J. Math. Mech. (Indiana U. Math. J. )6,885(1957);J. S. Bell, Rev. Mod. Phys. 38, 447(1966) reprinted in "Speakable and Unspeakable in Quantum Mechanics," (CUP, Cambridge, 1987); S. Kochen and E. P. Specker, J. Math. Mech. (Indiana U. Math. J.)17,59(1967).
[33] L. Lamport, Constructing digital signatures from one-way function, Technical Report SRI-CSL-98, SRI International, Oct 1979.
[34] Nielsen, M.A., and Chuang , I.L. Quantum Computation and Quantum Information. Cambridge University Press, Cambridge, UK, 2000.
[35] Holevo, A. S. Problems in the mathematical theory of quantum Communicaion Channels. Rep. Math. Phys. 12(2)(1977), 273-278.
[36] Buhrman, H., Cleve, R., Watrous, J., And De Wolf, R. Quantum fingerprinting. Phys. Rev. Lett. 87(2001), 167902.
[37] Chaum, D., And Roijakkers, S. Unconditionally Secure Digital Signatures. Lecture Notes in Computer Science 537(1991), 206-214.
[38] Crepeau,, C., Efficient cryptographic protocols based on noisy channels. In Advances in Crytology:Proceedings Of Eurocrypt'97(Berlin, 1997), Springer-Verlag, PP.306-317.
[39] Crepeau,, C., And Kilian, J.Weakening Security assumptions and oblivious transfer. In Lecture Notes in Computer Science: Advances in Cryptology: Proceedings of Crypto'88(Berlin,1990), S.Goldwasser, Ed., Vol. 403, Springer-Verlag, PP.2-7.
[40] C. H. Bennett, G. Brassard, and A.K. Ekert, "Quantum Cryptography", Scientific American,v.267, n.4, Oct 1992, pp.50-57.
[41] G.Brassard, "Quantum Cryptography: A Bibliography", SIGACT News, v.24, n.3, Oct 1993, pp.16-20.
[42] R. L. Rivest, A. Sharmir, and L. Adleman. "A method for obtaining digital signatures and public key cryptosystems". Communications of the ACM, 21:120-126, 1978.
[43] 李克洪,王大玲,董晓梅. 实用密码学与计算机数据安全. 沈阳:东北大学出版社,1997.
[44] A. J. Menezes, P.C. van Oorschot, and S.A. Vanstone. "Handbook of Applied Cryptography". CRC Press, 1996.
[45] 崔屹. 数字图象处理技术及应用. 北京:电子工业出版社,1997.
[46] Th. Beth. On the computational complexity of the general discrete Fourier transform. Theoretical Computer Science, 51:331-339, 1987.
[47] R.Beals. Quantum computation of Fourier transforms over the symmetric groups. In Proc. STOC 97, El Paso, Texas, 1997.
[48] C. Coppersmith. An Approximate Fourier Transform Useful for Quantum Factoring. Technical Report RC 19642, IBM Research Division,1994.