摘要
基于格理论设计的同态认证方案具有抗量子计算的属性,然而现有的标准格上设计的同态认证方案由于密钥存储量大,结构复杂导致方案实际运行效率相对偏低,不能应用于装备保障云服务中。基于NTRU格理论,设计了首个抗量子计算的面向装备保障云服务的线性同态认证方案,新方案利用NTRU密钥生成算法简化了系统的密钥,避免了庞大的密钥量,然后采用结构简洁的NTRU格上原像高斯抽样算法产生出线性同态认证值。证明结果与分析表明:新方案具有弱内容隐私性安全,在随机预言机模型下,新方案在NTRU-SIS问题困难性假设下满足适应性选择消息的存在性不可伪造性。通过与已有方案实现效率相比,新方案在密钥量、认证代价和通信代价方面均为最优。
Aimed at the problems that the homomorphous signature schemes based on the lattice-based theory can resist the quantum computer attacks,however,the existing homomorphous signature schemes based on the standard lattice-based theory are inefficient due to their large key storage and complex structure,failing to be used for the equipment support cloud service,a first anti-quantum computing linear homomorphism authentication scheme for equipment assurance cloud service is designed based on the NTRU.The algorithm generated by the key of the NTRU is utilized for simplifying the system key quantity and avoiding the huge key quantity.And then the linear homomorphism authentication value is produced by using the simple structure of the NTRU lattice preimage sampleable algorithm.The results show that the scheme satisfies the weak context hiding property.And the scheme achieves existential unforgeability against adaptive chosen message under the NTRU-SIS(small integer solution)assumption in the random oracle model.Compared with the current scheme in effect,the new scheme is superior in the key quantity,the certification cost and the communication cost.
作者
张建航
曹泽阳
宋晓峰
邢立鹏
ZHANG Jianhang;CAO Zeyang;SONG Xiaofeng;XING Lipeng(Air and Missile Defense College,Air Force Engineering University,Xi’an 710051,China;Information and Communication College,National University of Defense Technology,Xi’an 710106,China)
出处
《空军工程大学学报(自然科学版)》
CSCD
北大核心
2020年第2期106-111,共6页
Journal of Air Force Engineering University(Natural Science Edition)
基金
国家自然科学基金(61872448)
陕西省自然科学基金(2018JM6017)。
关键词
抗量子计算
云服务
同态认证
NTRU格
原像高斯抽样算法
resistant quantum computation
cloud services
homomorphous authentication
NTRU(Number Theory Research Unit)lattices
preimage Gaussian sampleable algorithm