基于有限储存模型的保密通信方案的应用
|
摘要
随着信息时代的到来,人们对安全通信的需求日益增加。目前安全通信主要使用的是现代密码学理论,但是现代密码学的保密性主要是基于未经证明的计算时间的复杂性,所以只能达到实际保密的结果。有限储存模型是一种新的加密模型,该模型假设攻击者计算能力无限,而储存能力有限。与现代密码学不同,有限储存模型的安全性是可以在理论上证明的,该模型可以达到语义学保密。
在有限储存模型的基础上,研究者给出了一些模型实现和安全性的证明。基于此,本文对基于有限储存模型的保密通信方案的应用进行了进一步讨论。在讨论中,本文提出了一个基于有限储存模型的基础通信方案,并分析了其安全性。利用该基础保密通信方案,本文提出BSV身份验证协议,BSK1和BSK2两个在线密钥分配协议和一个秘密分享方案。本文最后分析了基于有限储存模型的加密方案的局限性和前景:由于有限储存模型本身决定了它对所使用的广播信号的随机性有一定要求,同时理论上导致了基于这个模型的方案产生延迟的必然性,并且对时统系统的要求苛刻;但是由于其安全性在理论上是可以证明的,并且可以达到极高的加解密速度,所以基于有限储存模型的加密方案将会得到更好的发展。
At the information era, the demand for secure communication was increasing intensively. The normal secure communication used the theory of modern cryp-tography, but the unproven confidentiality of modern cryptography was based on the complexity of the computation time. Only could it reach the practical security results. The Bounded Storage Model was a new encryption model, which assumed that the attacker had unlimited computing power but limited storage capacity. D-ifferent from the modern one, the security of the Bounded Storage Model could be proved in theory. Thus it could reach the semantic security.
Based on the Bounded Storage Model, the researchers had given some mod-els'implementation and the proof of their security. According to this, the applica-tion of the secure communication scheme on limited storage model was discussed in this paper. During the discussion, this paper proposed a basic communication scheme using the Bounded Storage Model, and analyzed its security. In terms of secure communication scheme, this paper proposed a BSV authentication proto-col, two online key distribution protocols named BSK1and BSK2, and a secret sharing scheme. Finally, it was analyzed the limitations and prospects of the encryption scheme about the limited storage model:firstly, there were certain re-quirements of the randomness of its use of the broadcast signal; secondly, a delay was revealed for the theory of this model inevitably; thirdly, there was a strict de-mand for the when conventional system. On the other hand, due to its theoretical security could be proved, and reach a exceedingly high encrypting and decrypting speed, the encryption scheme based on the Bounded Storage Model would achieve a better development in the future.
在有限储存模型的基础上,研究者给出了一些模型实现和安全性的证明。基于此,本文对基于有限储存模型的保密通信方案的应用进行了进一步讨论。在讨论中,本文提出了一个基于有限储存模型的基础通信方案,并分析了其安全性。利用该基础保密通信方案,本文提出BSV身份验证协议,BSK1和BSK2两个在线密钥分配协议和一个秘密分享方案。本文最后分析了基于有限储存模型的加密方案的局限性和前景:由于有限储存模型本身决定了它对所使用的广播信号的随机性有一定要求,同时理论上导致了基于这个模型的方案产生延迟的必然性,并且对时统系统的要求苛刻;但是由于其安全性在理论上是可以证明的,并且可以达到极高的加解密速度,所以基于有限储存模型的加密方案将会得到更好的发展。
At the information era, the demand for secure communication was increasing intensively. The normal secure communication used the theory of modern cryp-tography, but the unproven confidentiality of modern cryptography was based on the complexity of the computation time. Only could it reach the practical security results. The Bounded Storage Model was a new encryption model, which assumed that the attacker had unlimited computing power but limited storage capacity. D-ifferent from the modern one, the security of the Bounded Storage Model could be proved in theory. Thus it could reach the semantic security.
Based on the Bounded Storage Model, the researchers had given some mod-els'implementation and the proof of their security. According to this, the applica-tion of the secure communication scheme on limited storage model was discussed in this paper. During the discussion, this paper proposed a basic communication scheme using the Bounded Storage Model, and analyzed its security. In terms of secure communication scheme, this paper proposed a BSV authentication proto-col, two online key distribution protocols named BSK1and BSK2, and a secret sharing scheme. Finally, it was analyzed the limitations and prospects of the encryption scheme about the limited storage model:firstly, there were certain re-quirements of the randomness of its use of the broadcast signal; secondly, a delay was revealed for the theory of this model inevitably; thirdly, there was a strict de-mand for the when conventional system. On the other hand, due to its theoretical security could be proved, and reach a exceedingly high encrypting and decrypting speed, the encryption scheme based on the Bounded Storage Model would achieve a better development in the future.
引文
[1]C. E. Shannon, "Communication theory of secrecy systems." M.D. computing computers in medical practice, vol.15, no.1, pp.57-64,1948.
[2]U. Maurer, "Conditionally-perfect secrecy and a provably-secure randomized cipher," Journal of Cryptology, vol.5, no.1, pp.53-66,1992.
[3]蒋加伏,黄小雯,“有限存储模型的密码学研究,”计算技术与自动化,vol.21,2002.
[4]S. Dziernbowski and U. Maurer, "Optimal Randomizer Efficiency in the Bounded-Storage Model," Journal of Cryptology, vol.17, no.1, pp.5-26, 2004.
[5]S. Dziembowski and U. Maurer, "On generating the initial key in the bounded-storage model," Advances in Cryptology-EUROCRYPT. no.4,2004.
[6]A., Y. Ding and M. O. Rabin, "Everlasting security in the bounded storage model," IEEE Transactions on Information Theory, vol.48, no.6, pp.1668-1680,2002.
[7]G. Shan and M. Silvio, "Probabilistic Encryption," Laboratory of Computer Science,Massachuseus Institute of Technology, vol. Cambridge Massachuseus 02139,1983.
[8]C.Cachin and U. Maurer, "Unconditional security against memory-bounded adversaries," Advances in Cryptology-CRYPTO'97,1997.
[9]Y. Aumann and M. Rabin, "Information theoretically secure communication in the limited storage space model," Advances in Cryptology—CRYPTO'99, vol. LNCS 1666, pp.65-79,1999.
[10]S. Dziembowski, "Intrusion-resilience via the bounded-storage model," The-ory of Cryptography,2006, pp.207-224,2006.
[11]Y. L. G Barthe, M Duclos, "A Computational Indistinguishability Logic for the Bounded Storage Model," pp.102-117,2012.
[12]S.Watanabe, "Privacy amplification theorem for bounded storage eavesdrop-per," Information Theory Workshop (ITW),2012 IEEE, pp.177-181,2012.
[13]C. Lu, "Hyper-encryption against space-bounded adversaries from on-line strong extractors," Advances in Cryptology—CRYPTO 2002, pp.257-271, 2002.
[14]N. Nisan and A. Ta-Shma, "Extracting Randomness:A Survey and New Constructions," Journal of Computer and System Sciences, vol.58, no.1, pp. 148-173,1999.
[15]R. R., O. Reingold and S. Vadhan. "Extracting all the Randomness and Re-ducing the Error in Trevisan's Extractors," Journal of Computer and System, Sciences, vol.65, no.1, pp.97-128,2002.
[16]O. R.,R. Shaltiel and A. Wigderson, "Extracting randomness via repeat-ed condensing," in Proceedings 41st Annual Symposium on Foundations of Computer Science., pp.22-31, IEEE Comput. Soc,2000.
[17]H. Zhou and J. Bruck, "Linear Transformations for Randomness Extraction.' arXiv preprint arXiv:1209.0132, pp.1-14,2012.
[18]L. Trevisan, "Extractors and pseudorandom generators." Journal of the ACM, vol.48, no.4, pp.860-879,2001.
[19]P. Vadhan, "Constructing Locally Computable Extractors and Cryptosystems in the Bounded-Storage Model," Journal of Cryptology, vol.17, no.1, pp.43-77,2004.
[20]A. T.-S. T Moran, R Shaltiel, "Non-Interactive Timestamping in the Bounded Storage Model," Advances in Cryptology-CRYPTO 2004, pp.460-476,2004.
[21]Y. Ding, "Error correction in the bounded storage model," Theory of Cryp-tography, vol.3378, pp.578-599,2005.
[22]J. Juang, "Practical implementation and analysis of hyper-encryption," 2009.
[23]T. V. Anindya De, "Near-optimal extractors against quantum storage," Pro-ceedings of the 42nd ACM symposium on Theory of computing, pp.161-170, 2010.
[24]A. T.-S. A Ben-Aroya, "Better short-seed extractors against quantum knowl-edge," Computing Research Repository, vol.1004,2010.
[25]S. W. P Mandayam, "Achieving the physical limits of the bounded-storage model," Physical Review A, pp.161-170,2011.
[2]U. Maurer, "Conditionally-perfect secrecy and a provably-secure randomized cipher," Journal of Cryptology, vol.5, no.1, pp.53-66,1992.
[3]蒋加伏,黄小雯,“有限存储模型的密码学研究,”计算技术与自动化,vol.21,2002.
[4]S. Dziernbowski and U. Maurer, "Optimal Randomizer Efficiency in the Bounded-Storage Model," Journal of Cryptology, vol.17, no.1, pp.5-26, 2004.
[5]S. Dziembowski and U. Maurer, "On generating the initial key in the bounded-storage model," Advances in Cryptology-EUROCRYPT. no.4,2004.
[6]A., Y. Ding and M. O. Rabin, "Everlasting security in the bounded storage model," IEEE Transactions on Information Theory, vol.48, no.6, pp.1668-1680,2002.
[7]G. Shan and M. Silvio, "Probabilistic Encryption," Laboratory of Computer Science,Massachuseus Institute of Technology, vol. Cambridge Massachuseus 02139,1983.
[8]C.Cachin and U. Maurer, "Unconditional security against memory-bounded adversaries," Advances in Cryptology-CRYPTO'97,1997.
[9]Y. Aumann and M. Rabin, "Information theoretically secure communication in the limited storage space model," Advances in Cryptology—CRYPTO'99, vol. LNCS 1666, pp.65-79,1999.
[10]S. Dziembowski, "Intrusion-resilience via the bounded-storage model," The-ory of Cryptography,2006, pp.207-224,2006.
[11]Y. L. G Barthe, M Duclos, "A Computational Indistinguishability Logic for the Bounded Storage Model," pp.102-117,2012.
[12]S.Watanabe, "Privacy amplification theorem for bounded storage eavesdrop-per," Information Theory Workshop (ITW),2012 IEEE, pp.177-181,2012.
[13]C. Lu, "Hyper-encryption against space-bounded adversaries from on-line strong extractors," Advances in Cryptology—CRYPTO 2002, pp.257-271, 2002.
[14]N. Nisan and A. Ta-Shma, "Extracting Randomness:A Survey and New Constructions," Journal of Computer and System Sciences, vol.58, no.1, pp. 148-173,1999.
[15]R. R., O. Reingold and S. Vadhan. "Extracting all the Randomness and Re-ducing the Error in Trevisan's Extractors," Journal of Computer and System, Sciences, vol.65, no.1, pp.97-128,2002.
[16]O. R.,R. Shaltiel and A. Wigderson, "Extracting randomness via repeat-ed condensing," in Proceedings 41st Annual Symposium on Foundations of Computer Science., pp.22-31, IEEE Comput. Soc,2000.
[17]H. Zhou and J. Bruck, "Linear Transformations for Randomness Extraction.' arXiv preprint arXiv:1209.0132, pp.1-14,2012.
[18]L. Trevisan, "Extractors and pseudorandom generators." Journal of the ACM, vol.48, no.4, pp.860-879,2001.
[19]P. Vadhan, "Constructing Locally Computable Extractors and Cryptosystems in the Bounded-Storage Model," Journal of Cryptology, vol.17, no.1, pp.43-77,2004.
[20]A. T.-S. T Moran, R Shaltiel, "Non-Interactive Timestamping in the Bounded Storage Model," Advances in Cryptology-CRYPTO 2004, pp.460-476,2004.
[21]Y. Ding, "Error correction in the bounded storage model," Theory of Cryp-tography, vol.3378, pp.578-599,2005.
[22]J. Juang, "Practical implementation and analysis of hyper-encryption," 2009.
[23]T. V. Anindya De, "Near-optimal extractors against quantum storage," Pro-ceedings of the 42nd ACM symposium on Theory of computing, pp.161-170, 2010.
[24]A. T.-S. A Ben-Aroya, "Better short-seed extractors against quantum knowl-edge," Computing Research Repository, vol.1004,2010.
[25]S. W. P Mandayam, "Achieving the physical limits of the bounded-storage model," Physical Review A, pp.161-170,2011.