基于编码的后量子公钥密码学若干问题研究
|
摘要
后量子密码学是一个有重要意义的挑战性问题,对于未来量子计算机出现后,保证Internet中的信息安全将起关键作用。本文依托研究后量子密码学的重要意义,主要探讨和研究了基于编码的后量子公钥密码学中的一些问题,并重点对纠错码的结构,基于编码的后量子公钥加密方案的构造方法、安全性证明和基于编码的后量子数字签名算法的构造进行了研究,取得的研究成果和创新如下:
1、有限链环Fqd+uFqd+…+upa-1Fqd(upa=0)上重根循环码:为了进一步强调有限链环上重根循环码在编码理论与密码学中的重要性,本文对当d=1,q=p(p为素数),并令pa=k时,环R=Fqd+uFqd+…+upa-1Fqd(upa=0)上的重根循环码及其对偶码进行了深入研究。通过使用环R=Fqd+uFqd+…+upa-1Fqd,(upa=0)中的基本概念,给出了伽罗瓦环GR(uk,m)以及其扩环Suk(m,ω)的性质。在此基础上,利用GR(uk,m)中扰码的定义和性质,首先证明了环S=Fpm[ω]/<ωps-1>的理想为Torj(C),接着证明了扩环Suk(m,ω)中的理想的多项式表示为C=,最后通过离散傅里叶变换得到环R=Fp[u]/上长为psn循环码的多项式表示和其对偶码的结构,为寻找基于线性码和格的后量子数字签名更优方案打下基础。
2、构造了基于纠错码的公钥加密方案:基于F度量,构造了基于最大F距离码新的McEliece和Niederreiter公钥加密方案。在所构造的新方案中,合法接收者通过引入一个随机矩阵X作为附加私钥,并把X加入到原始公钥中,从而产生了一个新的公钥,使该密码系统能够有效抗击敌手想通过已知的公钥获得私钥的攻击。另外通过对现有可行攻击方法的分析,说明了基于最大F距离码新的McEliece和Niederreiter公钥加密方案是安全可行的。此外,本章还给出了最大F离码的快速译码方法。
3、构造了可证明安全的基于纠错码的公钥加密体制:通过对原始的Niederreiter和F-Niederreiter公钥加密方案攻击方法的分析,提出原始的Niederreiter公钥加密算法和F-Niederreiter公钥加密算法是单向的命题。基于此命题,利用纠错码理论,构造了在随机预言模型下可证明安全的Niederreiter和F-Niederreiter公钥加密方案。
4、利用纠错码构造基于无证书的数字签名方案:为了构造一种具有特殊性质的后量子数字签名方案,首先对无证书密码体制进行了研究。通过对原始的无证书加密方案顺序的改变,利用双线性映射构造了一个有效的可以抵抗恶意私钥中心的无证书加密方案。在方案中,加密过程只需一次幂运算,解密过程仅需一个对运算,与已有的方案相比具有很高的效率。方案安全性基于计算Diffie-Hellman司题和P-双线性Diffie-Hellman Inversion司题,并在随机预言模型下对用该方法所构造的方案的安全性给予了证明;最后利用无证书密码体制构造了具有特殊性质的后量子数字签名方案——基于纠错码的无证书数字签名方案。
Post-Quantum Cryptography is a challenging research topic with an important significance because it will play a central role in ensuring information security in the internet if large quantum computers are built. Based on the significance of the research topic, this thesis mainly investigates several issues in one family of public key cryptosystems that have the potential to resist quantum computers: the code-based post-quantum public key cryptography. We focus on studying the structure of error-correcting code, as well as the methods to construct code-based post-quantum public key encryption scheme, provable security post-quantum public key encryption scheme, and code-based post-quantum signature scheme. The main contributions of the thesis can be enumerated as follows:
1. We study repeated-root cyclic codes over Fqd +uFqd +…upa-1Fqd(upa = 0) for length N=psn. To further strengthen the significance of application of repeated-root cyclic code over finite chain ring in the coding theory and cryptology, the structure of cyclic codes and dual codes with length psn, (n prime to p) over the ring Fqd + uFqd+…+upa-1Fqd (upa = 0) are thoroughly studied, when d=1, q=p and p =k, that is, the structure of cyclic codes and dual codes (N=psn) over R=Fp[u]/. Based on the basic concepts of Fqd +uFqd+…+upa-1Fqd (upa = 0 ), some major properties of Galois ring GR(uk,m) and its extension ring Suk(m,ω) are given. Using the definition and properties of torsion code of the ring GR(uk ,m), it is first proved that Torj(c) is an ideal of S = Fpm [ω]/<ωps-1>, then it is proved that C= is the polynomial representation of the corresponding ideals over Suk(m,ω) . Finally, an isomorphismγbetween R[X]/ and a direct sum⊕h∈I Suk(mh,ω) can be obtained using discrete Fourier transform. The generator polynomial representation of the corresponding ideals over R=Fp[u]/ is calculated via the inverse isomorphism ofγ, moreover, the structure of dual code is also obtained using discrete Fourier transform. This research is helpful to find the better post-quantum digital signature schemes based on error correcting codes and lattice.
2. We show how to construct code-based public key encryption schemes. In terms of F -metric, a new modification of the McEliece and Niederreiter public key cryptosystem based on maximum F-distance codes are proposed. The legal party chooses a random matrix as an extra secret key and adds it to the original public key to produce a new modified public key, which makes this cryptosystem effective makes these cryptosystem are effective for resisting the attack based on getting private keys from known public keys. Moreover, attacks on such a system are also investigated; it is shown that the McEliece and Niederreiter public key cryptosystem based on maximum F-distance codes is secure and feasibile. Moreover, the fast decoding method of maximum F-distance codes is presented in this chapter.
3 We show how to construct provable security code-based public-key encryption schemes. By means of reviewing currently known attacks to original Niederreiter public-key encryption schemes and the F-Niederreiter that constructed in chapter 4, we come up with the assumptions that F-Niederreiter and Niederreiter public-key encryption schemes are one-way function. Then, two new F-Niederreiter and one new Niederreiter public-key encryption schemes under the assumption are proposed, and these new public-key encryption schemes can be proven, in the random oracle model, to be security.
4. We present how to construct a certificateless digital signature scheme using error correcting codes. To construct a post-quantum digital signature scheme with special proterty, the thesis first deeply study certificateless public key encryption scheme.By adjusting the steps of original certificateless public key encryption scheme (CL-PKE), an efficient certificateless public key encryption scheme against malicious key generation center (KGC) using bilinear maps is put forward. The encryption algotithm only need one power computation and the decryption only need one paring computation. The scheme is more efficient than other exiting scheme. Additionally, the security reach chosen-ciphertext secure in the random oracle model assuming the CDH and p-BDHI problem is difficult. Then, we use certificateless public key cryptography to construct a code-based post-quantum digital signature scheme.
1、有限链环Fqd+uFqd+…+upa-1Fqd(upa=0)上重根循环码:为了进一步强调有限链环上重根循环码在编码理论与密码学中的重要性,本文对当d=1,q=p(p为素数),并令pa=k时,环R=Fqd+uFqd+…+upa-1Fqd(upa=0)上的重根循环码及其对偶码进行了深入研究。通过使用环R=Fqd+uFqd+…+upa-1Fqd,(upa=0)中的基本概念,给出了伽罗瓦环GR(uk,m)以及其扩环Suk(m,ω)的性质。在此基础上,利用GR(uk,m)中扰码的定义和性质,首先证明了环S=Fpm[ω]/<ωps-1>的理想为Torj(C),接着证明了扩环Suk(m,ω)中的理想的多项式表示为C=
2、构造了基于纠错码的公钥加密方案:基于F度量,构造了基于最大F距离码新的McEliece和Niederreiter公钥加密方案。在所构造的新方案中,合法接收者通过引入一个随机矩阵X作为附加私钥,并把X加入到原始公钥中,从而产生了一个新的公钥,使该密码系统能够有效抗击敌手想通过已知的公钥获得私钥的攻击。另外通过对现有可行攻击方法的分析,说明了基于最大F距离码新的McEliece和Niederreiter公钥加密方案是安全可行的。此外,本章还给出了最大F离码的快速译码方法。
3、构造了可证明安全的基于纠错码的公钥加密体制:通过对原始的Niederreiter和F-Niederreiter公钥加密方案攻击方法的分析,提出原始的Niederreiter公钥加密算法和F-Niederreiter公钥加密算法是单向的命题。基于此命题,利用纠错码理论,构造了在随机预言模型下可证明安全的Niederreiter和F-Niederreiter公钥加密方案。
4、利用纠错码构造基于无证书的数字签名方案:为了构造一种具有特殊性质的后量子数字签名方案,首先对无证书密码体制进行了研究。通过对原始的无证书加密方案顺序的改变,利用双线性映射构造了一个有效的可以抵抗恶意私钥中心的无证书加密方案。在方案中,加密过程只需一次幂运算,解密过程仅需一个对运算,与已有的方案相比具有很高的效率。方案安全性基于计算Diffie-Hellman司题和P-双线性Diffie-Hellman Inversion司题,并在随机预言模型下对用该方法所构造的方案的安全性给予了证明;最后利用无证书密码体制构造了具有特殊性质的后量子数字签名方案——基于纠错码的无证书数字签名方案。
Post-Quantum Cryptography is a challenging research topic with an important significance because it will play a central role in ensuring information security in the internet if large quantum computers are built. Based on the significance of the research topic, this thesis mainly investigates several issues in one family of public key cryptosystems that have the potential to resist quantum computers: the code-based post-quantum public key cryptography. We focus on studying the structure of error-correcting code, as well as the methods to construct code-based post-quantum public key encryption scheme, provable security post-quantum public key encryption scheme, and code-based post-quantum signature scheme. The main contributions of the thesis can be enumerated as follows:
1. We study repeated-root cyclic codes over Fqd +uFqd +…upa-1Fqd(upa = 0) for length N=psn. To further strengthen the significance of application of repeated-root cyclic code over finite chain ring in the coding theory and cryptology, the structure of cyclic codes and dual codes with length psn, (n prime to p) over the ring Fqd + uFqd+…+upa-1Fqd (upa = 0) are thoroughly studied, when d=1, q=p and p =k, that is, the structure of cyclic codes and dual codes (N=psn) over R=Fp[u]/
2. We show how to construct code-based public key encryption schemes. In terms of F -metric, a new modification of the McEliece and Niederreiter public key cryptosystem based on maximum F-distance codes are proposed. The legal party chooses a random matrix as an extra secret key and adds it to the original public key to produce a new modified public key, which makes this cryptosystem effective makes these cryptosystem are effective for resisting the attack based on getting private keys from known public keys. Moreover, attacks on such a system are also investigated; it is shown that the McEliece and Niederreiter public key cryptosystem based on maximum F-distance codes is secure and feasibile. Moreover, the fast decoding method of maximum F-distance codes is presented in this chapter.
3 We show how to construct provable security code-based public-key encryption schemes. By means of reviewing currently known attacks to original Niederreiter public-key encryption schemes and the F-Niederreiter that constructed in chapter 4, we come up with the assumptions that F-Niederreiter and Niederreiter public-key encryption schemes are one-way function. Then, two new F-Niederreiter and one new Niederreiter public-key encryption schemes under the assumption are proposed, and these new public-key encryption schemes can be proven, in the random oracle model, to be security.
4. We present how to construct a certificateless digital signature scheme using error correcting codes. To construct a post-quantum digital signature scheme with special proterty, the thesis first deeply study certificateless public key encryption scheme.By adjusting the steps of original certificateless public key encryption scheme (CL-PKE), an efficient certificateless public key encryption scheme against malicious key generation center (KGC) using bilinear maps is put forward. The encryption algotithm only need one power computation and the decryption only need one paring computation. The scheme is more efficient than other exiting scheme. Additionally, the security reach chosen-ciphertext secure in the random oracle model assuming the CDH and p-BDHI problem is difficult. Then, we use certificateless public key cryptography to construct a code-based post-quantum digital signature scheme.
引文
[1]Diffie, W, Hellman, M. New direction in cryptography. IEEE Transactions on Information Theory,1976,22(6):644-654
[2]Rivest R L, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystem. Communication of the ACM,1978,21(2):120-126
[3]Shor P W. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Journal on Computer,1997,26:1484-1509
[4]胡磊,王鹏等译.应用密码学手册.北京:电子工业出版社,2005
[5]Bernstein, Daniel J, Buchmann, Johannes A. Post-Quantum Cryptography. Springer, Heidelberg,2009
[6]McEliece, Robert J. A Public-key Cryptosystem Based on Algebraic Coding Theory. Technical report, Jet Propulsion Lab. DSN Progress Reprot,1978:42-44
[7]Hoffstein J, Pipher J, Silverman J H. NTRU:a ring based public key cryptosystem. In Proceedings of ANTS-III, LNCS,1998,1423:267-288
[8]Jintai Ding, Jason E G, Dieter S S. Multivariate Public Key Cryptosystems. Springer, Heidelberg,2006
[9]Shannon C E. A mathematical theory of communication. Bell System Technical Journal, 1948,27:379-423
[10]Girault M. Self-Certified public keys[J]. Proceedings of the EUROCRYPT91, LNCS, 1991,547:490-497.
[11]Al-Riyami S, Paterson K. Certificateless public key cryptography [J].Proceedings of Asiacrypt2003,Springer-Verlag,2003:452-473.
[12]Al-Riyami S, Paterson K. CBE from CL -PKE:A Generic Construction and Efficient Schemes[J]. PKC 2005, LNCS,2005,3386:398-415.
[13]Libert B. On constructing certificateless cryptosystems from identity base Encryption [J]. PKC 2006, LNCS,2006,3958:474-490.
[14]Thomas W. Hungerford. Algrbra. New York:Springer,12edition,2003
[15]林东岱.代数与基础与有限域.北京:高等教育出版社,2006
[16]Mac Williams F J, Sloane N J A. The theory of error-correcting codes. North-Holland Publishing Company,1977
[17]Berlekamp E, McEliece R, Tilborg H van. On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory,1978,24(3):384-386
[18]Jacques Stern. Anew identification scheme based on syndrome decoding. Advances in Cryptology-CRYPTO'93, Lecture Notes in Computer Science,1994,773:13-21
[19]杜伟章,王新梅.编码理论与密码学.中国密码学发展报告2009,北京:电子工业出版社,2010:293-352
[20]Gabidulin E M. Public-key cryptosystems based on linear codes.1995
[21]Zhe-Xian Wan. Quaternary codes. Singapore, World Scientific,1997
[22]A. R. Hammons, P. V. Kumar, A. R. Calderbank, N. J. A Sloane, P. Sole. The Z4-linearity of Kerdock, Preparata, Goethals, and related codes. IEEE Trans. Inform.Theory,1994,40(2):301-319
[23]Pramod Kanwar, Sergio R.Lopea-Permouth. Cyclic codes over the integers modulo pm. Finite fields and their application.1997,3:334-352
[24]Steven T Dougherty, T. Aaron Gulliver, John Wong. Self-dual codes over Zg and Z9. Des. Codes Crypt,2006,41:235-249
[25]A. Bonnecaze, P. Udaya. Cyclic codes and self-dual codes over F2+uF2.IEEE Trans. Inform. Theory,1999,45:1250-1255
[26]S. T. Dougherty, P. Gaborit, M. Harada. Type II codes over F2+uF2. IEEE Trans. Inform. Theory,1999,45:32-45
[27]P.Gaborit. Mass formulas for self-dual codes over Z4 and Fg+uFq rings. IEEE Trans. Inform. Theory,1996,.45:1594-1600
[28]T. Aaron Gulliver, Masaaki Harada. Construction of Optimal Type IV Self-Dual Codes Over F2+uF2. IEEE Trans. Inform. Theory,1999,45:2520-2521
[29]P. Udaya, A. Bonnecaze. Decoding of cyclic codes over F2+uF2.IEEE Trans. Inf. Theory,1999,45:2148-2157
[30]S. Ling, P. Sole, Duadic codes over F2+uF2. Applicable Algebra in Engineering, Communication and Computing,2001,12:365-379
[31]S. Ling, P. Sole. Type Ⅱ codes over F4+uF4. European J. Combin.,2001,12,983-997.
[32]K. Betsumiya, S. Ling, Fidel R, Nemenzo, Type II codes over F2m+uF2m. Discrete Mathematics,2004,275:43-65
[33]余海峰,关于环F2+uF2上线性码的研究.合肥工业大学:理学院,2005
[34]Jian Fa Qian, L.Zhang,Z. Yin, Type Ⅱ codes over F2+uF2+u2F2. Proceeding of 2006 IEEE Information Theory Workshop,2006:21-23
[35]Qian J F, Zhang L N, Zhu S X. Constacyclic and cyclic codes over F2+uF2+u2F2, IEICE Trans. Fundamentals,2006, E89-A:1863-1865
[36]Wu B, Zhu S X, Trace codes over Galois extensions of ring F2+uF2, Journal of Electronics & Information Technology,29(12),2007,pp.2989-2901.
[37]Udaya P, Siddiqi M U. Optimal large linear complexity frequency hopping patterns derived from polynomials residue class rings, IEEE Trans. Inform.Theory,1998,44:1492-1503
[38]Qian J F, Zhang L N, Zhu S X. Cyclic codes over Fp+uFp+…+uk-1Fp, IEICE Trans. Fundamentals,2005, E88-A:795-797
[39]Shi M J, Zhu S X. Constacyclic codes over the ring Fq+uFq+…+us-1Fq, Journal of University of Science and Technology of China,2009,39(6):583-587
[40]Graham H N, Ana Salagean. On the structure of linear and cyclic codes over a finite chain ring. Appl. Algebra Engng. Comm. Comput.,2000,10:489-506
[41]J.H. Van Lint. Repeated-root cyclic codes. IEEE Trans. Inform. Theory,1991,37 (2): 343-345
[42]Castagnoli G, Massey J L, Schooeller P A, Seemann N.von. On repeated-root cyclic codes. IEEE Transactions on Information Theory.1991,37:337-342
[43]Blackford T. Cyclic codes over Z4 of oddly even length, Discrete Applied Math,2003, 128:27-46
[44]Dougherty S T, Ling S. Cyclic codes over Z4 of even length. Design Codes Cryptogr., 2006,39:127-153
[45]Salagea Ana. Reapeated-root cyclic and negacyclic codes over a finite chain ring. Discrete Appl. Math.2006,154(2):413-419
[46]Abualrub T, Oehmke T. On the generator of Z4 cyclic codes. IEEE Trans. On Information Theory.2003,49(9):2126-2133
[47]李平,朱士信.环F2+uF2上长为2e的循环码.电子与信息学报.2007,29(5):1124-1127
[48]李平,朱士信.环F2+uF2上长为2e的(1+u)-循环码,大学数学.2007,32(1):85-88
[49]Shi Xin Zhu, Xiao Shan Kai. Dual and self-dual negacyclic codes of length over Z2a. Discrete Mathematics.2009,309:2382-2391
[50]Shi Xin Zhu, Xiao Shan Kai. A class of constacyclic codes over Zpm. Finite Fields and their application.2010:1-12
[51]Xiao Shan Kai,Shi Xin Zhu. On the distances of cyclic codes of length 2e over Z4. Discrete Mathematics.2010,310:12-20
[52]San Ling, Hardld Niederreiter, Patrick Sole. On the Algebraic Structure of Quasi-cyclic Codes Ⅳ:Reapeated roots. Design, Codes and Cryptography,2006,38: 337-361
[53]Zhu S X, Ling P, Wu B. A class of repeated-root constacyclic codes over the ring Fq+uFq+…+uk-1Fq. Journal of Electronics & Information Technology,2008, 30(6):1394-1396
[54]H. Niederreiter. Knapsack-type cryptosystems and algebraic coding theory. Problems of Control and Information Theory,1986,15(2):159-166
[55]E.M.Gabidulin. Theory of codes with maximum rank distance. Problems of Information Transmission,1985,21(1):1-12
[56]Ernst M. Gabidulin, A. V. Paramonov, O. V. Tretjakov. Ideals over a non-commutative ring and their applications to cryptography. Advances in Cryptology-EUROCRYPT'91, Lecture Notes in Computer Science,1991,547:482-489
[57]王新梅.M公钥的推广及通过有扰信道时的性能分析.电子学报,1986,14(4):84-90
[58]王新梅,李元兴,武传坤McEliece公钥体制的修正.电子学报,1994,22(4):90-92
[59]Pierre Loidreau. Strengthening McEliece Cryptosystem. Advances in Cryptology-ASIACRYPT 2000, Lecture Notes in Computer Science,2000,1976:585-598
[60]Hung-Min Sun. Enhancing the security of the McEliece public-key cryptosystem. Journal of Information Science and Engineering,2000,16(6):799-812
[61]Thierry P.Berger, Pierre Loidreau. How to Mask the Structure of Codes for a Cryptographic Use, Designs, Codes and Cryptography,2005,35(1):63-79
[62]Thierry Berger, Pierre-Louis Cayrel, Philippe Gaborit, Ayoub Otmani. Reducing key length of the McEliece cryptosystem. Cryptology-AFRICACRYPT 2009, Lecture Notes in Computer Science,5580:77-97
[63]T.P.Berger, P.Loidreau. A Niederreiter version of the GPT public-key cryptosystem. In International Workshop on Algebraic and Combinatorial Coding theory, ACCT-7, Bansko, Bulgarie, June 2000:72-77
[64]E.M.Gabidulin, A.V. Ourivski, B. Honary, B.Ammar. Reducible rank codes and their applications to cryptography. IEEE Transactions on Information Theory,2003, 49(12):3289-3293
[65]A.V.Ourivski, E. M. Gabidulin. Column scrambler for the GPT cryptosystem. Discrete Applied Mathematics,2003,128(1) (May):207-221
[66]P. J. Lee, E.F.Brickell. An observation on the security of McEliece's public-key cryptosystem. Lecture Notes in Computer Science on Advances in Cryptology EUROCRYPT88,1988,275-280
[67]Carlisle M A, Henk M. Security-related comments regarding McEliece's public-key cryptosystem. IEEE Transactions on Information Theory,1989,35(2):454-455
[68]Florent Chabaud. On the security of some cryptosystems based on error-correcting codes. Advances in Cryptology-EUROCRYPT'94, Lecture Notes in Computer Science,1995, (950):131-139
[69]Thomas A Berson. Failure of the McEliece public-key cryptosystem under message-resend and related-message attack. Advances in Cryptology-CRYPTO'97, Lecture Notes In Computer Science,1997,1294:213-220
[70]Anne Canteaut, Nicolas Sendrier. Cryptanalysis of the Original McEliece Cryptosystem. Advances in Cryptology-ASIACRYPT'98, Lecture Notes in Computer Science,1998,(1514):187-199
[71]SUN H M. Improving the security of the McEliece public-key cryptosystem. ASIACRYPT98,1998:200-213
[72]Chris Hall, Ian Goldberg, Bruce Schneier. Reaction Attacks against Several Public-Key Cryptosystem. Information and Communication Security, Lecture Notes in Computer Science,2004,1726:2-12
[73]Pierre Loidreau, Nicolas Sendrier. Weak keys in the McEliece public-key cryptosystem. IEEE Transactions on Information Theory,2001,47(7):1207-1211
[74]Christian Wieschebrink. An Attack on a Modified Niederreiter Encryption Scheme. Public Key Cryptography-PKC, Lecture Notes in Computer Science,2006,3958:14-26
[75]Sidelnikov V M, Shetakov S O. On the insecurity of Cryptosystem Based on Generalized Reed-Solomon Codes. Discrete Math,1992,2 (4):439-444
[76]Daniel J. Bernstein, Tanja Lange, Christiane Peters. Attacking and Defending the McEliece Cryptosystem. Post-Quantum Cryptography, Lecture Notes in Computer Science, 2008,5299:31-46
[77]Christian Wieschebrink. Cryptanalysis of the Niederreiter public key scheme based on GRS subcodes. http://eprint.iacr.org/2009/452.pdf.
[78]Valeric Gauthier Umaia, Gregor Leander. Practical Key Recovery Attacks On Two McEliece Variants, http://eprint.iacr.org/2009/509.pdf.
[79]Gibson J K. Severely denting the Gabidulin version of the McEliece public key cryptosystem. Designs, Codes and Cryptography,1995,6(1):37-45
[80]Keith Gibson. The Security of the Gabidulin Public Key Cryptosystem. Advances in Cryptology-EUROCRYPT'96, Lecture Notes in Computer Science, Volume,,1996, 1070:212-223
[81]Florent Chabaud, Jacques Stern. The cryptographic security of the syndrome decoding problem for rank distance codes. Advances in Cryptology-ASIACRYPT'96, Lecture Notes in Computer Science,1996,1163:368-38, http://fchabaud.free.fr /English /Publications /CS96.pdf
[82]Thierry P. Berger, Pierre Loidreau. Security of the Niederreiter form of the GPT public-key cryptosystem. Proceedings 2002 IEEE international symposium on information theory,2002:267
[83]Raphael Overbeck. A New Structural Attack for GPT and Variants. Progress in Cryptology-Mycrypt 2005, Lecture Notes in Computer Science,2005,3715:50-63
[84]Raphael Overbeck. Extending Gibson's Attacks on the GPT Cryptosystem. Coding and Cryptography, Lecture Notes in Computer Science,2006,3969:178-188
[85]Raphael Overbeck. Structural attacks for public key cryptosystems based on Gabidulin codes. Journal of Cryptology,2008,21 (2):280-301
[86]Sidelnikov V M. A public-key cryptosystem based on binary Reed-Muller codes. Discrete Mathematics and Applications,1994,4 (3)
[87]G A. Karpunin. On the McEliece public-key cryptosystem based on Reed-Muller binary codes. Mathematics and Applications 2004,14:257-262
[88]Mohammed S. EL-Atrash, Fayik R. EL-Naowk. Public-key Cryptosystem Using MDS Code, M.El-Atrash et aL.,J.Al-Aqsa Unv.,2004,8:50-58
[89]Skantzos, Nikos, Saad, David and Kabashima, Yoshiyuki. Analysis of common attacks in public-key cryptosystems based on low-density parity-check codes. Physical Review E,2003,68 (056125):1-11
[90]Marco Baldi, Franco Chiaraluce, Roberto Garello. On the Usage of Quasi-Cyclic Low-Density Parity-Check Codes in the McEliece Cryptosystem.Communications and Electronics,2006:305-310
[91]Chris Monico, Joachim Rosenthal, Amin ShokrollahL Using Low Density Parity Check Codes in the McEliece Cryptosystem. ISIT 2000, Sorrento, Italy, June 25-30,2000, 21
[92]Heeralal Janwa, Oscar Moreno. McEliece public key cryptosystems using algebraic-geometric codes. Designs, Codes and Cryptography,1996,8(3):293-307
[93]张颖,岳殿武.基于代数几何码的公钥密码体制.通信学报,2008,29(6):75-81
[94]Catterall N, Gabidulin E M, Honary B, Obemikhin V A. Public Key Cryptosystem based metrics associated with GRS Codes. ISIT 2006,2006:729-733
[95]Alexei V. Ourivski, Thomas Johansson. New technique for decoding codes in the rank metric and its cryptography applications. Problems of Information Transmission 2002, 38(3):237-246
[96]Kitaev A. Quantum measurements and the abelian stabilizer problem. http:// xxx. lanl.gov/a bs/quant-ph/9511026
[97]Proos J, Zalka C. Shor's discrete logatithms quantum algorithm for elliptic curevs. Quantum Inform Computer,2003,3:317-34
[98]王新梅.MC分组加密纠错体制.通信学报,1986,7(5).
[99]刘金龙,许宗泽Rao-Nam私钥密码体制的修证.电子与信息学报,2005,27(8):1287-1289
[100]梅挺,代群,刘文清.单钥密码体制与纠错码的构造研究.计算机工程与设计,2008,29(4):820-823
[101]Goldwasser S, Mical S. Probability encryption. Journal of computer and system science,1984,28:270-289
[102]Goldwasser S, Mical S, Rivest R. A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of computing,1988,17(2):281-308
[103]Fiat A, Shamir A. How to prove yourself:Pracitical solutions to identification and signature problems. Advances in Cryptology'86, LNCS,1986,263,186-194
[104]Bellare M, Rogaway P. Random oracles are pricatical:A paradigam for designing efficient protocols. Pro. of the 1st ACM Conf. on Computer and Communications Security,1993:62-73
[105]路献辉,何大可.可证明安全公钥加密体制研究综述.计算机应用研究,2009,26(11):4031-4035
[106]冯登国.可证明安全性理论与方法.软件学报,2005,16(10):1743-1756
[107]Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. Journal of the ACM.2004,51(4):557-594
[108]Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. Pro. of the 30th Annual ACM Symposium on the theory of computer,1998:209-218
[109]Kazukuni Kobara, Hideki Imai. Semantically Secure McEliece Public-Key Cryptosystems- Conversions for McEliece PKC. Public Key Cryptography, Lecture Notes in Computer Science,2001,1992:19-35
[110]Bellare M, Desai Anand, Pointcheval David, Rogaway Phillip. Relations among notions of security for public-key encryption scheme. CRYPTO'98, LNCS,1998,1462: 26-46
[111]Finiasz M, Sendrier N. Security bounds for the design of code-based crptosystems. Asiacrypt'2009, Lecture Notes in Computer Science,2009:88-105
[112]Yuan Xing Li, Robert H D, Xin Mei Wang. On the equivalence of McEliece's and Niederreiter's public-key cryptosystems. IEEE Transactions on Information Theory,1994, 40(1):271-273
[113]Bellare M, Rogaway P. Optimal Asymmetric Encryption. In Proc. Of EUROCRYPT'94, LNCS,1995,950:92-111
[114]Fujisaki E, Okamoto T. How to Enhance the security of Public-Key Encryption at Minimum Cost. In Proc. of CRYPTO'99, LNCS,1999,1560:53-68
[115]Pointcheval D. Chosen-Ciphertext Security for Any One-Way Cryptosystem. In Proc. of PKC'2000, LNCS,2000,1751:129-146
[116]Fujisaki E, Okamoto T. Secure Integration of Asymmetric and Symmetric Encryption Scheme. In Proc. of CRYPTO'99, LNCS,1999,1666:535-554
[117]窦本年,张宏,许春根,王灿.语义安全的Niderreiter公钥加密方案.计算机工程与应用,2009,45(24):91-93
[118]Kazukuni Kobara, Hideki Imai. New Chosen-Plaintext Attacks on the One-Wayness of the Modified McEliece PKC Proposed at Asiacrypt 2000, PKC 2002, LNCS,2274: 237-251
[119]Rafael Dowsley, Jorn Muller-Quade, Anderson C A Nascimento. A CCA2 secure public key encryption scheme based on the McEliece assumption in the standard model.CT-RSA2009, LNCS,2009,5473:240-251
[120]Ryo Nojima, Hideki Imai, Kazukuni Kobara. Semantic security for McEliece cryptosystem without random oracles. Des.Codes Cryptogr.,2008,49:289-305
[121]Bhaskar Biswas, Nicolas Sendrier. McEliece cryptosystem Implementation:Theory and Practice. PQCrypto2008, LNCS,2008,5299:47-62
[122]王新梅.纠错码数字签名,加密纠错码公钥体制.电子学报,1991,9(5):48-54
[123]李元兴,成坚,王新梅.一种基于代数编码理论的签名,加密和纠错码公钥体制.电子科学学刊,1991,13(4):359-364.
[124]Yuanxmg Li, Chuanjia Liang. A digital signature scheme constructed with error-correcting codes. Chinese:Acta Eiectronica Sinica,1991,19(4):102-104. English: http://cryptome.org/nsa-nse/nsa-nse-06.pdf
[125]Johan van Tilburg. Cryptanalysis of Xinmei digital signature scheme. Electronics Letters,1992,28(20):1935-1936
[126]王新梅.纠错码数字签名公钥体制.通信学报,1993,14(1):34-39
[127]王新梅.纠错码数字签名方案的修正.电子学报,2000,28(2):110-112
[128]Nicolas T. Courtois, Matthieu Fmiasz and Nicolas Sendrier. How to Achieve a McEliece-Based Digital Signature Scheme. Advances in Cryptology-ASIACRYPT 2001, Lecture Notes in Computer Science,2001,2248:157-174
[129]L.Dallot. Towards a concrete security proof of Courtois Finiasz and Sendrier signature scheme. WEWORC 2007.
[130]Jacques Stern. Can one design a signature scheme based on error-correcting codes? ASIACRYPT'94, Lecture Notes in Computer Sciences,1995,917:424-426
[131]Pierre-Louis Cayrel, Philippe Gaborit, Marc Girault. Identity-based identification and signature schemes using correcting codes. WCC 2007:69-78,www. unilim. r/pages_perso/ philippe.gaborit/wcc_ibi_ fin.pdf.
[132]Carlos Aguilar Melchor, Pierre-Louis Cayrel, Philippe Gaborit. A new efficient threshold ring signature scheme based on coding theory. PQCrypto 2008, Lecture Notes in Computer Science,2008,5299:1-16
[133]K. Okada and K. Kurosawa. MDS secret sharing scheme secure against cheaters. IEEE Trans. Inf. Theory,2000,46(3):1078-1081
[134]J. Pieprzyk and X.M. Zhang. Ideal threshold schemes from MDScodes. Discrete Mathematics and Theoretical Computer Science,2004,6(2):471-482
[135]Jin Yuan and Cunsheng Ding. Secret sharing schemes from three classes of linear codes. IEEE Transactions on Information Theory,2006,52(1):206-212
[136]Baek J, Safavi-Naini R. Certificateless public key encryption without pairing. Proceedings of the 8th International Conference on Information Security, Lecture Notes in Computer Science,2005,3650:134-148.
[137]Huang Q, Wong D S. Generic certificateless encryption in the standard model.Advances in Information and Computer Security, LNCS,2007,4752:278-291.
[138]明洋,王育民.有效的无证书签名方案.电子科技大学学报,2008,37:175-177.
[139]Chen Hu, Zhang Fu-tai, Song Ru-Shun. Certificateless Proxy Signature Scheme with Provable Security. Journal of Software,2009,20:692-701.
[140]桑永宣,曾吉文.两种无证书的分布环签名方案.电子学报,2008,36:1468-1472.
[141]Au M H, Chen J, Liu J K, et al.. Malicious KGC Attacks in Certificateless Cryptography [J]. ACM Symposium on Information, Computer and Communications Security 2007, http://eprint.iacr.org/2006/255.
[142]Hwang Y H, Liu J K. Certificateless public key encryption secure against malicious KGC attack in the standard model [J]. Journal of universal computer science,2008,14: 463-480.
[143]Zhang Guo-yan, Wang Shao-hui. A Certificateless Signature and Group Signature Schemes against Malicious PKG[J].22nd International Conference on Advanced Information Networking and Applications,2008:334-341.
[144]Boneh D, Franklin M. Identity-Based Encryption from the Weil Pairing[J]. CRYPTO 2001, LNCS,2001,2139:213-229.
[145]Boneh D, Boyen X and Shacham H. Short group signatures [J]. Advances in Cryptology -CRYPTO 2004, Lecture Notes in Computer Science,2004,3152:41-55.
[146]Pierce J N. Limit distributions of the minimum distance of random linear codes. IEEE Trans. Inf. Theory,1967,13:595-599
[147]Barg S. Some new np-complete coding problems. Probl.Peredachi Inf.1994,30: 23-28
[2]Rivest R L, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystem. Communication of the ACM,1978,21(2):120-126
[3]Shor P W. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Journal on Computer,1997,26:1484-1509
[4]胡磊,王鹏等译.应用密码学手册.北京:电子工业出版社,2005
[5]Bernstein, Daniel J, Buchmann, Johannes A. Post-Quantum Cryptography. Springer, Heidelberg,2009
[6]McEliece, Robert J. A Public-key Cryptosystem Based on Algebraic Coding Theory. Technical report, Jet Propulsion Lab. DSN Progress Reprot,1978:42-44
[7]Hoffstein J, Pipher J, Silverman J H. NTRU:a ring based public key cryptosystem. In Proceedings of ANTS-III, LNCS,1998,1423:267-288
[8]Jintai Ding, Jason E G, Dieter S S. Multivariate Public Key Cryptosystems. Springer, Heidelberg,2006
[9]Shannon C E. A mathematical theory of communication. Bell System Technical Journal, 1948,27:379-423
[10]Girault M. Self-Certified public keys[J]. Proceedings of the EUROCRYPT91, LNCS, 1991,547:490-497.
[11]Al-Riyami S, Paterson K. Certificateless public key cryptography [J].Proceedings of Asiacrypt2003,Springer-Verlag,2003:452-473.
[12]Al-Riyami S, Paterson K. CBE from CL -PKE:A Generic Construction and Efficient Schemes[J]. PKC 2005, LNCS,2005,3386:398-415.
[13]Libert B. On constructing certificateless cryptosystems from identity base Encryption [J]. PKC 2006, LNCS,2006,3958:474-490.
[14]Thomas W. Hungerford. Algrbra. New York:Springer,12edition,2003
[15]林东岱.代数与基础与有限域.北京:高等教育出版社,2006
[16]Mac Williams F J, Sloane N J A. The theory of error-correcting codes. North-Holland Publishing Company,1977
[17]Berlekamp E, McEliece R, Tilborg H van. On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory,1978,24(3):384-386
[18]Jacques Stern. Anew identification scheme based on syndrome decoding. Advances in Cryptology-CRYPTO'93, Lecture Notes in Computer Science,1994,773:13-21
[19]杜伟章,王新梅.编码理论与密码学.中国密码学发展报告2009,北京:电子工业出版社,2010:293-352
[20]Gabidulin E M. Public-key cryptosystems based on linear codes.1995
[21]Zhe-Xian Wan. Quaternary codes. Singapore, World Scientific,1997
[22]A. R. Hammons, P. V. Kumar, A. R. Calderbank, N. J. A Sloane, P. Sole. The Z4-linearity of Kerdock, Preparata, Goethals, and related codes. IEEE Trans. Inform.Theory,1994,40(2):301-319
[23]Pramod Kanwar, Sergio R.Lopea-Permouth. Cyclic codes over the integers modulo pm. Finite fields and their application.1997,3:334-352
[24]Steven T Dougherty, T. Aaron Gulliver, John Wong. Self-dual codes over Zg and Z9. Des. Codes Crypt,2006,41:235-249
[25]A. Bonnecaze, P. Udaya. Cyclic codes and self-dual codes over F2+uF2.IEEE Trans. Inform. Theory,1999,45:1250-1255
[26]S. T. Dougherty, P. Gaborit, M. Harada. Type II codes over F2+uF2. IEEE Trans. Inform. Theory,1999,45:32-45
[27]P.Gaborit. Mass formulas for self-dual codes over Z4 and Fg+uFq rings. IEEE Trans. Inform. Theory,1996,.45:1594-1600
[28]T. Aaron Gulliver, Masaaki Harada. Construction of Optimal Type IV Self-Dual Codes Over F2+uF2. IEEE Trans. Inform. Theory,1999,45:2520-2521
[29]P. Udaya, A. Bonnecaze. Decoding of cyclic codes over F2+uF2.IEEE Trans. Inf. Theory,1999,45:2148-2157
[30]S. Ling, P. Sole, Duadic codes over F2+uF2. Applicable Algebra in Engineering, Communication and Computing,2001,12:365-379
[31]S. Ling, P. Sole. Type Ⅱ codes over F4+uF4. European J. Combin.,2001,12,983-997.
[32]K. Betsumiya, S. Ling, Fidel R, Nemenzo, Type II codes over F2m+uF2m. Discrete Mathematics,2004,275:43-65
[33]余海峰,关于环F2+uF2上线性码的研究.合肥工业大学:理学院,2005
[34]Jian Fa Qian, L.Zhang,Z. Yin, Type Ⅱ codes over F2+uF2+u2F2. Proceeding of 2006 IEEE Information Theory Workshop,2006:21-23
[35]Qian J F, Zhang L N, Zhu S X. Constacyclic and cyclic codes over F2+uF2+u2F2, IEICE Trans. Fundamentals,2006, E89-A:1863-1865
[36]Wu B, Zhu S X, Trace codes over Galois extensions of ring F2+uF2, Journal of Electronics & Information Technology,29(12),2007,pp.2989-2901.
[37]Udaya P, Siddiqi M U. Optimal large linear complexity frequency hopping patterns derived from polynomials residue class rings, IEEE Trans. Inform.Theory,1998,44:1492-1503
[38]Qian J F, Zhang L N, Zhu S X. Cyclic codes over Fp+uFp+…+uk-1Fp, IEICE Trans. Fundamentals,2005, E88-A:795-797
[39]Shi M J, Zhu S X. Constacyclic codes over the ring Fq+uFq+…+us-1Fq, Journal of University of Science and Technology of China,2009,39(6):583-587
[40]Graham H N, Ana Salagean. On the structure of linear and cyclic codes over a finite chain ring. Appl. Algebra Engng. Comm. Comput.,2000,10:489-506
[41]J.H. Van Lint. Repeated-root cyclic codes. IEEE Trans. Inform. Theory,1991,37 (2): 343-345
[42]Castagnoli G, Massey J L, Schooeller P A, Seemann N.von. On repeated-root cyclic codes. IEEE Transactions on Information Theory.1991,37:337-342
[43]Blackford T. Cyclic codes over Z4 of oddly even length, Discrete Applied Math,2003, 128:27-46
[44]Dougherty S T, Ling S. Cyclic codes over Z4 of even length. Design Codes Cryptogr., 2006,39:127-153
[45]Salagea Ana. Reapeated-root cyclic and negacyclic codes over a finite chain ring. Discrete Appl. Math.2006,154(2):413-419
[46]Abualrub T, Oehmke T. On the generator of Z4 cyclic codes. IEEE Trans. On Information Theory.2003,49(9):2126-2133
[47]李平,朱士信.环F2+uF2上长为2e的循环码.电子与信息学报.2007,29(5):1124-1127
[48]李平,朱士信.环F2+uF2上长为2e的(1+u)-循环码,大学数学.2007,32(1):85-88
[49]Shi Xin Zhu, Xiao Shan Kai. Dual and self-dual negacyclic codes of length over Z2a. Discrete Mathematics.2009,309:2382-2391
[50]Shi Xin Zhu, Xiao Shan Kai. A class of constacyclic codes over Zpm. Finite Fields and their application.2010:1-12
[51]Xiao Shan Kai,Shi Xin Zhu. On the distances of cyclic codes of length 2e over Z4. Discrete Mathematics.2010,310:12-20
[52]San Ling, Hardld Niederreiter, Patrick Sole. On the Algebraic Structure of Quasi-cyclic Codes Ⅳ:Reapeated roots. Design, Codes and Cryptography,2006,38: 337-361
[53]Zhu S X, Ling P, Wu B. A class of repeated-root constacyclic codes over the ring Fq+uFq+…+uk-1Fq. Journal of Electronics & Information Technology,2008, 30(6):1394-1396
[54]H. Niederreiter. Knapsack-type cryptosystems and algebraic coding theory. Problems of Control and Information Theory,1986,15(2):159-166
[55]E.M.Gabidulin. Theory of codes with maximum rank distance. Problems of Information Transmission,1985,21(1):1-12
[56]Ernst M. Gabidulin, A. V. Paramonov, O. V. Tretjakov. Ideals over a non-commutative ring and their applications to cryptography. Advances in Cryptology-EUROCRYPT'91, Lecture Notes in Computer Science,1991,547:482-489
[57]王新梅.M公钥的推广及通过有扰信道时的性能分析.电子学报,1986,14(4):84-90
[58]王新梅,李元兴,武传坤McEliece公钥体制的修正.电子学报,1994,22(4):90-92
[59]Pierre Loidreau. Strengthening McEliece Cryptosystem. Advances in Cryptology-ASIACRYPT 2000, Lecture Notes in Computer Science,2000,1976:585-598
[60]Hung-Min Sun. Enhancing the security of the McEliece public-key cryptosystem. Journal of Information Science and Engineering,2000,16(6):799-812
[61]Thierry P.Berger, Pierre Loidreau. How to Mask the Structure of Codes for a Cryptographic Use, Designs, Codes and Cryptography,2005,35(1):63-79
[62]Thierry Berger, Pierre-Louis Cayrel, Philippe Gaborit, Ayoub Otmani. Reducing key length of the McEliece cryptosystem. Cryptology-AFRICACRYPT 2009, Lecture Notes in Computer Science,5580:77-97
[63]T.P.Berger, P.Loidreau. A Niederreiter version of the GPT public-key cryptosystem. In International Workshop on Algebraic and Combinatorial Coding theory, ACCT-7, Bansko, Bulgarie, June 2000:72-77
[64]E.M.Gabidulin, A.V. Ourivski, B. Honary, B.Ammar. Reducible rank codes and their applications to cryptography. IEEE Transactions on Information Theory,2003, 49(12):3289-3293
[65]A.V.Ourivski, E. M. Gabidulin. Column scrambler for the GPT cryptosystem. Discrete Applied Mathematics,2003,128(1) (May):207-221
[66]P. J. Lee, E.F.Brickell. An observation on the security of McEliece's public-key cryptosystem. Lecture Notes in Computer Science on Advances in Cryptology EUROCRYPT88,1988,275-280
[67]Carlisle M A, Henk M. Security-related comments regarding McEliece's public-key cryptosystem. IEEE Transactions on Information Theory,1989,35(2):454-455
[68]Florent Chabaud. On the security of some cryptosystems based on error-correcting codes. Advances in Cryptology-EUROCRYPT'94, Lecture Notes in Computer Science,1995, (950):131-139
[69]Thomas A Berson. Failure of the McEliece public-key cryptosystem under message-resend and related-message attack. Advances in Cryptology-CRYPTO'97, Lecture Notes In Computer Science,1997,1294:213-220
[70]Anne Canteaut, Nicolas Sendrier. Cryptanalysis of the Original McEliece Cryptosystem. Advances in Cryptology-ASIACRYPT'98, Lecture Notes in Computer Science,1998,(1514):187-199
[71]SUN H M. Improving the security of the McEliece public-key cryptosystem. ASIACRYPT98,1998:200-213
[72]Chris Hall, Ian Goldberg, Bruce Schneier. Reaction Attacks against Several Public-Key Cryptosystem. Information and Communication Security, Lecture Notes in Computer Science,2004,1726:2-12
[73]Pierre Loidreau, Nicolas Sendrier. Weak keys in the McEliece public-key cryptosystem. IEEE Transactions on Information Theory,2001,47(7):1207-1211
[74]Christian Wieschebrink. An Attack on a Modified Niederreiter Encryption Scheme. Public Key Cryptography-PKC, Lecture Notes in Computer Science,2006,3958:14-26
[75]Sidelnikov V M, Shetakov S O. On the insecurity of Cryptosystem Based on Generalized Reed-Solomon Codes. Discrete Math,1992,2 (4):439-444
[76]Daniel J. Bernstein, Tanja Lange, Christiane Peters. Attacking and Defending the McEliece Cryptosystem. Post-Quantum Cryptography, Lecture Notes in Computer Science, 2008,5299:31-46
[77]Christian Wieschebrink. Cryptanalysis of the Niederreiter public key scheme based on GRS subcodes. http://eprint.iacr.org/2009/452.pdf.
[78]Valeric Gauthier Umaia, Gregor Leander. Practical Key Recovery Attacks On Two McEliece Variants, http://eprint.iacr.org/2009/509.pdf.
[79]Gibson J K. Severely denting the Gabidulin version of the McEliece public key cryptosystem. Designs, Codes and Cryptography,1995,6(1):37-45
[80]Keith Gibson. The Security of the Gabidulin Public Key Cryptosystem. Advances in Cryptology-EUROCRYPT'96, Lecture Notes in Computer Science, Volume,,1996, 1070:212-223
[81]Florent Chabaud, Jacques Stern. The cryptographic security of the syndrome decoding problem for rank distance codes. Advances in Cryptology-ASIACRYPT'96, Lecture Notes in Computer Science,1996,1163:368-38, http://fchabaud.free.fr /English /Publications /CS96.pdf
[82]Thierry P. Berger, Pierre Loidreau. Security of the Niederreiter form of the GPT public-key cryptosystem. Proceedings 2002 IEEE international symposium on information theory,2002:267
[83]Raphael Overbeck. A New Structural Attack for GPT and Variants. Progress in Cryptology-Mycrypt 2005, Lecture Notes in Computer Science,2005,3715:50-63
[84]Raphael Overbeck. Extending Gibson's Attacks on the GPT Cryptosystem. Coding and Cryptography, Lecture Notes in Computer Science,2006,3969:178-188
[85]Raphael Overbeck. Structural attacks for public key cryptosystems based on Gabidulin codes. Journal of Cryptology,2008,21 (2):280-301
[86]Sidelnikov V M. A public-key cryptosystem based on binary Reed-Muller codes. Discrete Mathematics and Applications,1994,4 (3)
[87]G A. Karpunin. On the McEliece public-key cryptosystem based on Reed-Muller binary codes. Mathematics and Applications 2004,14:257-262
[88]Mohammed S. EL-Atrash, Fayik R. EL-Naowk. Public-key Cryptosystem Using MDS Code, M.El-Atrash et aL.,J.Al-Aqsa Unv.,2004,8:50-58
[89]Skantzos, Nikos, Saad, David and Kabashima, Yoshiyuki. Analysis of common attacks in public-key cryptosystems based on low-density parity-check codes. Physical Review E,2003,68 (056125):1-11
[90]Marco Baldi, Franco Chiaraluce, Roberto Garello. On the Usage of Quasi-Cyclic Low-Density Parity-Check Codes in the McEliece Cryptosystem.Communications and Electronics,2006:305-310
[91]Chris Monico, Joachim Rosenthal, Amin ShokrollahL Using Low Density Parity Check Codes in the McEliece Cryptosystem. ISIT 2000, Sorrento, Italy, June 25-30,2000, 21
[92]Heeralal Janwa, Oscar Moreno. McEliece public key cryptosystems using algebraic-geometric codes. Designs, Codes and Cryptography,1996,8(3):293-307
[93]张颖,岳殿武.基于代数几何码的公钥密码体制.通信学报,2008,29(6):75-81
[94]Catterall N, Gabidulin E M, Honary B, Obemikhin V A. Public Key Cryptosystem based metrics associated with GRS Codes. ISIT 2006,2006:729-733
[95]Alexei V. Ourivski, Thomas Johansson. New technique for decoding codes in the rank metric and its cryptography applications. Problems of Information Transmission 2002, 38(3):237-246
[96]Kitaev A. Quantum measurements and the abelian stabilizer problem. http:// xxx. lanl.gov/a bs/quant-ph/9511026
[97]Proos J, Zalka C. Shor's discrete logatithms quantum algorithm for elliptic curevs. Quantum Inform Computer,2003,3:317-34
[98]王新梅.MC分组加密纠错体制.通信学报,1986,7(5).
[99]刘金龙,许宗泽Rao-Nam私钥密码体制的修证.电子与信息学报,2005,27(8):1287-1289
[100]梅挺,代群,刘文清.单钥密码体制与纠错码的构造研究.计算机工程与设计,2008,29(4):820-823
[101]Goldwasser S, Mical S. Probability encryption. Journal of computer and system science,1984,28:270-289
[102]Goldwasser S, Mical S, Rivest R. A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of computing,1988,17(2):281-308
[103]Fiat A, Shamir A. How to prove yourself:Pracitical solutions to identification and signature problems. Advances in Cryptology'86, LNCS,1986,263,186-194
[104]Bellare M, Rogaway P. Random oracles are pricatical:A paradigam for designing efficient protocols. Pro. of the 1st ACM Conf. on Computer and Communications Security,1993:62-73
[105]路献辉,何大可.可证明安全公钥加密体制研究综述.计算机应用研究,2009,26(11):4031-4035
[106]冯登国.可证明安全性理论与方法.软件学报,2005,16(10):1743-1756
[107]Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. Journal of the ACM.2004,51(4):557-594
[108]Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. Pro. of the 30th Annual ACM Symposium on the theory of computer,1998:209-218
[109]Kazukuni Kobara, Hideki Imai. Semantically Secure McEliece Public-Key Cryptosystems- Conversions for McEliece PKC. Public Key Cryptography, Lecture Notes in Computer Science,2001,1992:19-35
[110]Bellare M, Desai Anand, Pointcheval David, Rogaway Phillip. Relations among notions of security for public-key encryption scheme. CRYPTO'98, LNCS,1998,1462: 26-46
[111]Finiasz M, Sendrier N. Security bounds for the design of code-based crptosystems. Asiacrypt'2009, Lecture Notes in Computer Science,2009:88-105
[112]Yuan Xing Li, Robert H D, Xin Mei Wang. On the equivalence of McEliece's and Niederreiter's public-key cryptosystems. IEEE Transactions on Information Theory,1994, 40(1):271-273
[113]Bellare M, Rogaway P. Optimal Asymmetric Encryption. In Proc. Of EUROCRYPT'94, LNCS,1995,950:92-111
[114]Fujisaki E, Okamoto T. How to Enhance the security of Public-Key Encryption at Minimum Cost. In Proc. of CRYPTO'99, LNCS,1999,1560:53-68
[115]Pointcheval D. Chosen-Ciphertext Security for Any One-Way Cryptosystem. In Proc. of PKC'2000, LNCS,2000,1751:129-146
[116]Fujisaki E, Okamoto T. Secure Integration of Asymmetric and Symmetric Encryption Scheme. In Proc. of CRYPTO'99, LNCS,1999,1666:535-554
[117]窦本年,张宏,许春根,王灿.语义安全的Niderreiter公钥加密方案.计算机工程与应用,2009,45(24):91-93
[118]Kazukuni Kobara, Hideki Imai. New Chosen-Plaintext Attacks on the One-Wayness of the Modified McEliece PKC Proposed at Asiacrypt 2000, PKC 2002, LNCS,2274: 237-251
[119]Rafael Dowsley, Jorn Muller-Quade, Anderson C A Nascimento. A CCA2 secure public key encryption scheme based on the McEliece assumption in the standard model.CT-RSA2009, LNCS,2009,5473:240-251
[120]Ryo Nojima, Hideki Imai, Kazukuni Kobara. Semantic security for McEliece cryptosystem without random oracles. Des.Codes Cryptogr.,2008,49:289-305
[121]Bhaskar Biswas, Nicolas Sendrier. McEliece cryptosystem Implementation:Theory and Practice. PQCrypto2008, LNCS,2008,5299:47-62
[122]王新梅.纠错码数字签名,加密纠错码公钥体制.电子学报,1991,9(5):48-54
[123]李元兴,成坚,王新梅.一种基于代数编码理论的签名,加密和纠错码公钥体制.电子科学学刊,1991,13(4):359-364.
[124]Yuanxmg Li, Chuanjia Liang. A digital signature scheme constructed with error-correcting codes. Chinese:Acta Eiectronica Sinica,1991,19(4):102-104. English: http://cryptome.org/nsa-nse/nsa-nse-06.pdf
[125]Johan van Tilburg. Cryptanalysis of Xinmei digital signature scheme. Electronics Letters,1992,28(20):1935-1936
[126]王新梅.纠错码数字签名公钥体制.通信学报,1993,14(1):34-39
[127]王新梅.纠错码数字签名方案的修正.电子学报,2000,28(2):110-112
[128]Nicolas T. Courtois, Matthieu Fmiasz and Nicolas Sendrier. How to Achieve a McEliece-Based Digital Signature Scheme. Advances in Cryptology-ASIACRYPT 2001, Lecture Notes in Computer Science,2001,2248:157-174
[129]L.Dallot. Towards a concrete security proof of Courtois Finiasz and Sendrier signature scheme. WEWORC 2007.
[130]Jacques Stern. Can one design a signature scheme based on error-correcting codes? ASIACRYPT'94, Lecture Notes in Computer Sciences,1995,917:424-426
[131]Pierre-Louis Cayrel, Philippe Gaborit, Marc Girault. Identity-based identification and signature schemes using correcting codes. WCC 2007:69-78,www. unilim. r/pages_perso/ philippe.gaborit/wcc_ibi_ fin.pdf.
[132]Carlos Aguilar Melchor, Pierre-Louis Cayrel, Philippe Gaborit. A new efficient threshold ring signature scheme based on coding theory. PQCrypto 2008, Lecture Notes in Computer Science,2008,5299:1-16
[133]K. Okada and K. Kurosawa. MDS secret sharing scheme secure against cheaters. IEEE Trans. Inf. Theory,2000,46(3):1078-1081
[134]J. Pieprzyk and X.M. Zhang. Ideal threshold schemes from MDScodes. Discrete Mathematics and Theoretical Computer Science,2004,6(2):471-482
[135]Jin Yuan and Cunsheng Ding. Secret sharing schemes from three classes of linear codes. IEEE Transactions on Information Theory,2006,52(1):206-212
[136]Baek J, Safavi-Naini R. Certificateless public key encryption without pairing. Proceedings of the 8th International Conference on Information Security, Lecture Notes in Computer Science,2005,3650:134-148.
[137]Huang Q, Wong D S. Generic certificateless encryption in the standard model.Advances in Information and Computer Security, LNCS,2007,4752:278-291.
[138]明洋,王育民.有效的无证书签名方案.电子科技大学学报,2008,37:175-177.
[139]Chen Hu, Zhang Fu-tai, Song Ru-Shun. Certificateless Proxy Signature Scheme with Provable Security. Journal of Software,2009,20:692-701.
[140]桑永宣,曾吉文.两种无证书的分布环签名方案.电子学报,2008,36:1468-1472.
[141]Au M H, Chen J, Liu J K, et al.. Malicious KGC Attacks in Certificateless Cryptography [J]. ACM Symposium on Information, Computer and Communications Security 2007, http://eprint.iacr.org/2006/255.
[142]Hwang Y H, Liu J K. Certificateless public key encryption secure against malicious KGC attack in the standard model [J]. Journal of universal computer science,2008,14: 463-480.
[143]Zhang Guo-yan, Wang Shao-hui. A Certificateless Signature and Group Signature Schemes against Malicious PKG[J].22nd International Conference on Advanced Information Networking and Applications,2008:334-341.
[144]Boneh D, Franklin M. Identity-Based Encryption from the Weil Pairing[J]. CRYPTO 2001, LNCS,2001,2139:213-229.
[145]Boneh D, Boyen X and Shacham H. Short group signatures [J]. Advances in Cryptology -CRYPTO 2004, Lecture Notes in Computer Science,2004,3152:41-55.
[146]Pierce J N. Limit distributions of the minimum distance of random linear codes. IEEE Trans. Inf. Theory,1967,13:595-599
[147]Barg S. Some new np-complete coding problems. Probl.Peredachi Inf.1994,30: 23-28