摘要
2013年爆发的'棱镜门'等一系列事件,显示出当前信息安全领域面临一系列新的安全威胁,这些安全威胁相较于传统密码学所考虑的范畴有较大变化,一些在传统密码学分析下认为是安全的密码体制在新情况下不再安全.部分研究人员将这类新的现实环境称为大规模监视(mass-surveillance),由此产生了抗大规模监视密码学(属于后斯诺登密码学).在抗大规模监视密码学的定义中,由于攻击者的实际身份特殊、操作权力更大和手段更为灵活,能够控制和影响的环节更多;与此对应,对安全防护一方的限制则更强.抗大规模监视密码学在安全模型、防御方法等方面相较于传统密码学有显著区别,分析框架有较大发展,一些传统密码学所默认的假设不再成立.本文结合该领域当前主要成果,从产生背景、研究布局、安全模型、密码学原语、加密和签名体制、密码协议、防护机制等几个方面详细阐述了当前该领域的研究状况、主要结论及相关最新进展,并对该领域的发展方向做了一定的展望.
Events such as PRISM in 2013 showed that there are many new information security threats which are beyond the scope of traditional cryptography.Many existing cryptographic schemes are not secure any longer.Some researchers named these threats as mass-surveillance,and started to study the cryptography against mass surveillance(post-Snowden cryptography).In order to capture the real world better,the cryptography against mass surveillance assumes saboteurs to have stronger power,while there are more limitations on the capability of defenders.The new cryptography is different from traditional cryptography in terms of security model,defense strategy,and analytical framework,and some former assumptions do not hold any longer.This paper overviews the current research status,the main research results,and the most recent development of cryptography against mass surveillance from aspects such as background,security model,cryptographic primitive,encryption,digital signature,cryptographic protocol,defense strategy,etc.,and proposes several future research directions.
作者
李耕
刘建伟
张宗洋
LI Geng;LIU Jian-Wei;ZHANG Zong-Yang(School of Cyber Science and Technology,Beihang University,Beijing 100083,China;State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China)
出处
《密码学报》
CSCD
2019年第3期269-282,共14页
Journal of Cryptologic Research
基金
北京市自然科学基金(4182033)
中国科学院信息工程研究所信息安全国家重点实验室开放课题(2017-MS-02)
国家密码发展基金(MMJJ20180215)~~
关键词
后斯诺登密码学
大规模监视
算法替换攻击
post-Snowden cryptography
mass surveillance
algorithm-substitution attack
