全同态加密具体安全参数分析  被引量：4

作　　者：陈智罡[1,2] 石亚峰 宋新霞[4] 

机构地区：[1]浙江万里学院电子与计算机学院,宁波315100 [2]密码科学技术国家重点实验室,北京100878 [3]喀什大学数学与统计学院,喀什844007 [4]浙江万里学院基础学院,宁波315100

出　　处：《密码学报》2016年第5期-,共12页Journal of Cryptologic Research

基　　金：浙江省自然科学基金资助(LY17F020002);NSFC-浙江两化融合联合基金(U1509219);密码科学技术国家重点实验室开放课题;宁波市自然科学基金(2016A610226)

摘　　要：为了保证全同态加密的安全使用,以及衡量分析全同态加密方案的效率,提出一个计算分析LWE上全同态加密具体安全参数的通用方法,该方法同样适用于环LWE上的全同态加密.该方法分为两步:第一步,根据同态计算的电路深度L,以及全同态加密方案解密正确性条件与噪音增长关系,计算出所需的模q;第二步,在给定安全等级下,我们引入了敌手的优势,根据区分攻击获得LWE问题维数n与模q之间的函数关系,计算出满足第一步中模q的最小维数n.从而分析计算出全同态加密的具体安全参数.该方法具有模块化特征,可以根据最新的格密码攻击进展替换相应的内容,从而获得最新的全同态加密具体安全参数.最后利用提出的方法对两个全同态加密的代表方案进行了具体安全参数的分析与比较,这也是首次给出这两个方案的具体安全参数.数据显示目前LWE上的全同态加密参数尺寸过大,与实际应用还有距离.In order to ensure the security of fully homomorphic encryption (FHE) and analyze the efficiency of fully homomorphic encryption, we present a general method to estimate the concert security parameters of fully homomorphic encryption scheme based on learning with errors problem (LWE). Note that this method is also applicable to the FHE on the ring LWE. The proposed method has two steps. In the first step, according to the circuit depthL, the modulusq can be estimated by the condition of correct decryption among noise growth. In the second step, we introduce the advantage of adversary. Given the security level, the minimal dimensionn can be derived from modulusq according to the distinguishing attack. Thus the concert security parameters of a fully homomorphic encryption scheme are obtained. The proposed method has the feature of modularization. We obtain the new concert security parameters of a fully homomorphic encryption scheme by replacing the old lattice attack with the new one. We use the method to analyze the concert security parameters of two fully homomorphic encryption schemes. The results show that the size of the concert security parameters is large, which means that fully homomorphic encryption scheme on learning with errors problem cannot be used in practical applications.

关 键 词：全同态加密 具体安全参数 区分攻击 学习错误问题 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]