基于Polar码改进的RLCE公钥加密方案  

作　　者：李喆 韩益亮[1,2] 李鱼[1] LI Zhe;HAN Yiliang;LI Yu(College of Cryptographic Engineering,Engineering University of PAP,Xi’an 710086,China;Key Laboratory of PAP for Cryptology and Information Security,Xi’an 710086,China)

机构地区：[1]武警工程大学密码工程学院,陕西西安710086 [2]武警部队密码与信息安全保密重点实验室,陕西西安710086

出　　处：《网络与信息安全学报》2020年第5期110-118,共9页Chinese Journal of Network and Information Security

基　　金：国家自然科学基金(61572521);武警工程大学科研创新团队科学基金(KYTD201805)。

摘　　要：针对PolarRLCE方案不具有语义安全,易受到自适应选择密文攻击(IND-CCA2,adaptively chosen ciphertext attacks)的缺点。在RLCE(random linear code encryption)方案的基础上,利用RLCE方案的结构和Polar码的极化性质,将Polar码作为方案的底层编码,通过RLCEspad消息填充的方法,采用普通编码对密文进行编码,提出一种具有语义安全、可以达到IND-CCA2安全的改进的RLCE公钥加密方案。改进后的方案将公钥矩阵转为系统矩阵,减小了公钥存储空间;对部分私钥进行预计算,减小了私钥存储空间。通过分析,所提方案未改变PolarRLCE方案的结构,可以抵抗针对汉明循环码的结构化等攻击。在128 bit安全级别,相较于HermitianRLCE方案、GRSRLCE方案和GoppaMcEliece方案,所提方案的公钥尺寸分别减少了4%、46.5%、47.9%。For PolarRLCE has no semantic security and be vulnerable to adaptively chosen ciphertext attacks.Based onrandom linear code encryptionscheme,the structure of the RLCE scheme and Polar code polarization propertieswere used to make the Polar code as underlying encoding scheme,and through the method of RLCEspad message padding,a kind of improved public key encryption scheme which considers semantic security and can resistant toadaptively chosen ciphertext attacks was proposed.The improved scheme transformed the public key matrix into a system matrix and reduces the storage space of the public key.Some pre-computation for private key are estimated to reduce the storage space of private key.Through analysis,this scheme does not change the structure of PolarRLCE scheme,which can resist structural attacks against hamming quasi-cyclic codes.At the 128 bit security level,compared with HermitianRLCE scheme,GRSRLCE scheme and GoppaMcEliece scheme,the public key size of this scheme decreased by 4%,46.5%and 47.9%respectively.

关 键 词：Polar码 随机线性码加密 消息填充 自适应选择密文攻击 结构化攻击 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]