基于SM9和FALCON的密钥交换协议设计

Design of Key Exchange Protocol Based on SM9 and FALCON

SM9是我国首个全体系纳入ISO/IEC标准的标识密码算法,FALCON是NIST后量子竞赛优胜算法。本文基于SM9和FALCON设计了一个新的密钥交换协议。协议通过校验FALCON签名的有效性来鉴别信息发送方的身份,基于SM9公钥加密算法保障共享的256比特秘密数据串的机密性,通过密钥派生函数,利用双方生成的随机数据串和双方的标识信息生成一个定长的共享会话密钥。结合BAN逻辑证明和非形式化分析方法,对协议的安全性进行了证明。本文协议具有抵抗重放攻击、中间人攻击和拒绝服务攻击的能力。基于FALCON数字签名算法实现参与双方身份的真实性和不可否认性,具有抗量子攻击的特性。

SM9 is the first identity cryptographic algorithm in China whose whole system is included in the ISO/IEC standard, and FALCON is the winner of the NIST post-quantum competition. The protocol identifies the message sender by verifying the validity of the FALCON signature, guarantees the confidentiality of the shared 256-bit secret data string based on the SM9 public key encryption algorithm, and generates a fixed-length shared session key using the random data string generated by both parties and the identification information of both parties through a key derivation function. The security of the protocol is proved by combining BAN logic and non-formal analysis methods. This protocol has the ability to resist replay attacks, man in the middle attacks, and denial of service attacks. The protocol designed in this paper achieves the authenticity and non-repudiation of the identities of the participating parties and is resistant to quantum attacks through the application of the FALCON digital signature algorithm.