基于格的前向安全签名方案  被引量：2

作　　者：李明祥[1] 安妮[2] 

机构地区：[1]河北金融学院河北省科技金融重点实验室,保定071051 [2]河北金融学院国际教育学院,保定071051

出　　处：《密码学报》2016年第3期249-257,共9页Journal of Cryptologic Research

基　　金：国家自然科学基金资助项目(61370092);河北省高等学校科学技术研究项目(ZD2010102)

摘　　要：作为应对量子时代密码危机的有效措施,抗量子计算攻击的公钥密码体制得到了国内外学者的广泛关注.基于格的公钥密码体制除抗量子计算攻击外,还有其他优良特性,如最差情况/平均情况等价性以及运算高效性等,因此基于格的公钥密码体制成为抗量子计算密码领域的一个研究热点.签名私钥泄露是签名体制面临的最严重的安全威胁.前向安全签名体制能有效减轻签名私钥泄露所带来的危害,因此它是一种极具应用价值的带附加性质的签名体制.有鉴于此,本文首先基于格技术构造了一个前向安全签名方案,该方案的签名过程由Gentry等提出的带前像抽样的陷门单向函数实现,密钥更新过程由Cash等提出的被称为盆景树的密码结构实现.且我们所提出的方案使用了二叉树结构.然后,在随机预言模型下基于小整数解(SIS)问题困难性证明了所提出的方案的前向安全性,即在适应性选择消息攻击下的存在性不可伪造性.最后,以所提出的方案为基础,本文构造了一个基于格的前向安全的身份基签名方案.As an effective measure to cope with cryptography crisis in the quantum age, public-key cryptography against quantum computation attacks have drawn extensive attention and research internationally. Besides the security against quantum computation attacks, lattice based public-key cryptography has other attractive features, such as worse-case/average-case equivalence, high computational efficiency. So how to thwart quantum computation attacks has become a hot research topic in public-key cryptography. Exposure of the secret signing key is the greatest threat against the security of a digital signature scheme. Forward-secure signature scheme can effectively mitigate the damage caused by exposure of the secret signing key, hence, a forward-secure signature scheme is a digital signature scheme with additional properties and has great significance in applications. Given the above, this paper proposes a forward-secure signature scheme by using lattice techniques.In the proposed scheme, the signing procedure takes the advantage of a trapdoor one-way function with preimage sampling proposed by Gentry et al, and the secret key update procedure makes use of the cryptographic structure called the bonsai tree proposed by Cash et al. Furthermore, the proposed scheme employs the binary tree structure, and the paper proves that the proposed scheme satisfies the forward security, existential unforgeability against adaptively chosen message attacks, under the random oracle model based on the intractability of the small integer solution (SIS) problem. Finally, based on the proposed scheme, this paper constructs a lattice based forward-secure identity-based signature scheme.

关 键 词：前向安全签名 随机预言模型 格 小整数解问题 

分 类 号：TN918.4[电子电信—通信与信息系统]