门限密码系统综述  被引量：6

作　　者：涂彬彬 陈宇[2,3,4] TU Bin-Bin;CHEN Yu(Westone Cryptologic Research Center,Westone Information Industry Inc.,Beijing 100070,China;School of Cyber Science and Technology,Shandong University,Qingdao 266237,China;State Key Laboratory of Cryptology,Beijing 100878,China;State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China)

机构地区：[1]成都卫士通信息产业股份有限公司摩石实验室,北京100070 [2]山东大学网络空间安全学院,青岛266237 [3]密码科学技术国家重点实验室,北京100878 [4]中国科学院信息工程研究所信息安全国家重点实验室,北京100093

出　　处：《密码学报》2020年第1期1-14,共14页Journal of Cryptologic Research

基　　金：国家自然科学基金(61772522,61572484);中国科学院青年创新促进协会;中国科学院前沿科学重点研究项目(QYZDB-SSW-SYS035)。

摘　　要：门限密码完美体现了"不要把所有的鸡蛋放在一个篮子里"的思想,将传统公钥密码的集中化权限进行分散,保证了多用户可共同分享密码操作权限,并以一种多方安全计算的方式进行密码操作,使得不少于门限值个用户可协同完成密码操作,而少于门限值个用户无法进行合谋.门限密码的多方操作模式,避免了传统公钥密码由于私钥唯一而导致的单点故障问题,对于提升了密码系统的健壮性和安全性等有着重要作用.本文分别介绍了门限密码的基本概念和安全性定义,系统地论述了目前门限密码的研究现状和主要进展,并针对门限密码的功能特性和安全性模型,就关键的研究工作和技术进行了总结,主要包括组件化设计门限密码的通用构造方法和自适应攻击模型下安全门限密码的设计思路,以及基于格构造门限密码的方法,最后讨论了门限密码未来需要研究和解决的部分问题.Threshold cryptography perfectly reflects the idea of "don't put all your eggs in one basket".It decentralizes the rights of the centralized authority of traditional public-key cryptography,ensures that multiple users share some cryptographic operation power and conduct the operation by secure multi-party computation,so that when the number of users is equal to or larger than the threshold value,they can cooperate to complete cryptographic operation,otherwise,they cannot.The mode of cooperating to complete cryptographic operation of threshold cryptography avoids the single point of failure caused by the unique secret key of traditional public-key cryptography,which plays an important role in improving the robustness and security of cryptosystem.This paper introduces the basic concepts and security definitions of threshold cryptography.According to the functionality and security model,this paper systematically shows the state-of-the-art research,and summarizes the key results and techniques of threshold cryptography,including the methods of generic constructions and the design ideas under adaptive corruption model,as well as the methods of constructing lattice-based threshold cryptography,and discusses some problems for future study.

关 键 词：门限加密 门限签名 自适应模型 通用构造 格 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]