口令认证密钥协商可以在客户机和服务器之间建立安全的远程通信,且可以将一个低熵口令放大为一个高熵的会话密钥。然而,随着量子计算技术的快速发展,基于大数分解和离散对数等经典数学难题的PAKA协议面临着严峻的安全挑战。因此,为了构...口令认证密钥协商可以在客户机和服务器之间建立安全的远程通信,且可以将一个低熵口令放大为一个高熵的会话密钥。然而,随着量子计算技术的快速发展,基于大数分解和离散对数等经典数学难题的PAKA协议面临着严峻的安全挑战。因此,为了构建一个高效安全的后量子PAKA协议,依据改进的Bellare-Pointcheval-Rogaway(BPR)模型,提出了一个基于格的匿名两方PAKA协议,并且使用给出严格的形式化安全证明。性能分析结果表明,该方案与相关的PAKA协议相比,在安全性和执行效率等方面有一定优势,更适用于资源受限的物联网(Internet of Things, IoT)智能移动设备。展开更多
A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r...A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r≥2m) linear hull probabilities are bounded by q^2 when around function F is bijective and the maximal linear hull probabilities of round function F is q. Application of this structure to block cipher designs brings out the provable security against linear attack with the upper bounds of probabilities.展开更多
文摘口令认证密钥协商可以在客户机和服务器之间建立安全的远程通信,且可以将一个低熵口令放大为一个高熵的会话密钥。然而,随着量子计算技术的快速发展,基于大数分解和离散对数等经典数学难题的PAKA协议面临着严峻的安全挑战。因此,为了构建一个高效安全的后量子PAKA协议,依据改进的Bellare-Pointcheval-Rogaway(BPR)模型,提出了一个基于格的匿名两方PAKA协议,并且使用给出严格的形式化安全证明。性能分析结果表明,该方案与相关的PAKA协议相比,在安全性和执行效率等方面有一定优势,更适用于资源受限的物联网(Internet of Things, IoT)智能移动设备。
基金Supported by the fund of National Laboratory for Modern Communications (5143603ZDS0601),the outstanding youth science foundation of Henan (0312001800).
文摘A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r≥2m) linear hull probabilities are bounded by q^2 when around function F is bijective and the maximal linear hull probabilities of round function F is q. Application of this structure to block cipher designs brings out the provable security against linear attack with the upper bounds of probabilities.