基于密钥封装机制的RLWE型认证密钥交换协议  被引量：1

作　　者：王超[1,2] 韩益亮 段晓巍[1,2] 李鱼[1,2] WANG Chao;HAN Yiliang;DUAN Xiaowei;LI Yu(College of Cryptographic Engineering,Engineering University of PAP,Xi’an 710086,China;Key Laboratory of PAP for Cryptology and Information Security,Xi’an 710086,China)

机构地区：[1]武警工程大学密码工程学院,西安710086 [2]武警部队密码与信息安全保密重点实验室,西安710086

出　　处：《信息网络安全》2021年第6期80-88,共9页Netinfo Security

基　　金：国家自然科学基金[61572521];陕西省自然科学基础研究计划[2021-JM252];武警工程大学科研创新团队科学基金[KYTD201805]。

摘　　要：当前,基于格理论构造密钥交换协议已成为密钥交换领域的研究前沿,设计安全性更强、密钥和密文规模以及通信开销更小的高效密钥交换协议,是格基密钥交换领域的重难点问题。文章基于紧凑型RLWE公钥加密方案与NewHope-Simple中的密文压缩和NTT转换技术,结合FO转换机制,提出一种主动安全的KEM方案,采用隐性认证和身份标识认证的方式,构造出一种在标准eCK模型下可证明安全的认证密钥交换协议。与NewHope-Simple协议相比,协议安全性由被动安全提升为主动安全;与现有的基于密钥封装机制的密钥交换协议相比,该协议中的密钥封装机制有效降低了密文尺寸和通信开销。通过分析可得,文章所提协议是一个紧凑高效、主动安全的基于密钥封装机制的抗量子认证密钥交换协议。At present,constructing key exchange protocol based on lattice theory has become the research frontier in the field of key exchange.Designing efficient key exchange protocol with stronger security,smaller size of key and ciphertext and communication overhead is an important and difficult problem in the field of lattice key exchange.Based on the compact RLWE public key encryption scheme and the ciphertext compression and NTT conversion technology in NewHope-Simple,and combined with FO conversion mechanism,an active secure KEM scheme is proposed.Using the implicit authentication and identity authentication methods,an authenticated key exchange protocol which can prove secure under the standard eCK model is constructed.In terms of protocol security,the proposed protocol improves from passive security to active security compared with NewHope-Simple protocol.In terms of ciphertext size and communication overhead,compared with the existing key exchange protocols based on key encapsulation mechanism,the key encapsulation mechanism in this protocol effectively reduces the ciphertext size and communication overhead through analysis,which is a compact,efficient and active secure anti-quantum authentication key exchange protocol based on key encapsulation mechanism.

关 键 词：RLWE FO转换 加密机制 认证密钥交换 标准eCK模型 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]