In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement...In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement protocols based on lattice up to now.To solve this issue,an improved key agreement protocol with post quantum security is proposed.Firstly,by analyzing the Wess-Zumino model+(WZM+)key agreement protocol based on small integer solution(SIS)hard problem,it is found that there are fatal defects in the protocol that cannot resist man-in-the-middle attack.Then based on the bilateral inhomogeneous small integer solution(Bi-ISIS)problem,a mutual authenticated key agreement(AKA)protocol with key confirmation is proposed and designed.Compared with Diffie-Hellman(DH)protocol,WZM+key agreement protocol,and the AKA agreement based on the ideal lattice protocol,the improved protocol satisfies the provable security under the extend Canetti-Krawczyk(eCK)model and can resist man-in-the-middle attack,replay attack and quantum computing attack.展开更多
In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Inf...In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Information Sciences, 2012, 6(1): 23-28] have independently extended the concept of signcryption to lattice-based cryptography. However, their schemes are only secure under the random or- acle model. In this paper, we present a lattice-based signcryp- tion scheme which is secure under the standard model. We prove that our scheme achieves indistinguishability against adaptive chosen-ciphertext attacks (IND-CCA2) under the learning with errors (LWE) assumption and existential unforgeability against adaptive chosen-message attacks (EUF- CMA) under the small integer solution (SIS) assumption.展开更多
Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can...Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attributebased signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices,which could resist quantum attacks, is proposed. This scheme employs "bonsai tree" techniques, and could be proved secure under the hardness assumption of small integer solution problem.展开更多
Many evidences have showed that some intelligence agencies(often called big brother)attempt to monitor citizens’communication by providing coerced citizens a lot of subverted cryptographic algorithms and coercing the...Many evidences have showed that some intelligence agencies(often called big brother)attempt to monitor citizens’communication by providing coerced citizens a lot of subverted cryptographic algorithms and coercing them to adopt these algorithms.Since legalized services on large number of various applications and system architectures depend on digital signature techniques,in the context some coerced users who use double authentication preventing signatures to design some novel digital signature techniques,have some convincing dissertations to defuse requests from authorities and big brothers creating some corresponding subverted signatures.As rapid progress in quantum computers,National Security Agency advisory memorandum and announcement of National Institute of Standards and Technology procedures from standardization focus on some cryptographic algorithms which are post quantum secure.Motivated by these issues,we design an algorithm substitution attack against Fiat-Shamir family based on lattices(e.g.,BLISS,BG,Ring-TESLA,PASSSign and GLP)that are proven post-quantum computational secure.We also show an efficient deterable way to eliminate big brother’s threat by leaking signing keys from signatures on two messages to be public.Security proof shows that our schemes satisfy key extraction,undetectability and deterability.Through parameters analysis and performance evaluation,we demonstrate that our deterring subverted Fiat-Shamir signature is practical,which means that it can be applied to privacy and protection in some system architectures.展开更多
基金This work was supported by the China State Cryptography Development Fund of Thirteen Five-year(MMJJ20170110).
文摘In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement protocols based on lattice up to now.To solve this issue,an improved key agreement protocol with post quantum security is proposed.Firstly,by analyzing the Wess-Zumino model+(WZM+)key agreement protocol based on small integer solution(SIS)hard problem,it is found that there are fatal defects in the protocol that cannot resist man-in-the-middle attack.Then based on the bilateral inhomogeneous small integer solution(Bi-ISIS)problem,a mutual authenticated key agreement(AKA)protocol with key confirmation is proposed and designed.Compared with Diffie-Hellman(DH)protocol,WZM+key agreement protocol,and the AKA agreement based on the ideal lattice protocol,the improved protocol satisfies the provable security under the extend Canetti-Krawczyk(eCK)model and can resist man-in-the-middle attack,replay attack and quantum computing attack.
基金This work was supported by the National Natural Science Foundation of China (Grant Nos. 61272057, 61202434, 61170270, 61100203, 61003286, 61121061), the Fundamental Research Funds for the Central Universities (2012RC0612, 2011YB01), Langfang Teachers University Youth Fund (LSZQ200804), Hebei Education Funds for Youth Project (Q2012020, QN20131077).
文摘In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Information Sciences, 2012, 6(1): 23-28] have independently extended the concept of signcryption to lattice-based cryptography. However, their schemes are only secure under the random or- acle model. In this paper, we present a lattice-based signcryp- tion scheme which is secure under the standard model. We prove that our scheme achieves indistinguishability against adaptive chosen-ciphertext attacks (IND-CCA2) under the learning with errors (LWE) assumption and existential unforgeability against adaptive chosen-message attacks (EUF- CMA) under the small integer solution (SIS) assumption.
基金the National Natural Science Foundation of China(Nos.61133014 and 60903189)
文摘Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attributebased signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices,which could resist quantum attacks, is proposed. This scheme employs "bonsai tree" techniques, and could be proved secure under the hardness assumption of small integer solution problem.
基金Supported by the National Natural Science Foundation of China(61802239,61872229,62062019,62074131)Key Research and Development Program of Shaanxi Province(2020ZDLGY09-06,2021ZDLGY06-04,2021ZDLGY05-01)+1 种基金Natural Science Basic Research Plan in Shaanxi Province(2019JQ-667,2020JQ-422)Shenzhen Fundamental Research Program(20210317191843003)
文摘Many evidences have showed that some intelligence agencies(often called big brother)attempt to monitor citizens’communication by providing coerced citizens a lot of subverted cryptographic algorithms and coercing them to adopt these algorithms.Since legalized services on large number of various applications and system architectures depend on digital signature techniques,in the context some coerced users who use double authentication preventing signatures to design some novel digital signature techniques,have some convincing dissertations to defuse requests from authorities and big brothers creating some corresponding subverted signatures.As rapid progress in quantum computers,National Security Agency advisory memorandum and announcement of National Institute of Standards and Technology procedures from standardization focus on some cryptographic algorithms which are post quantum secure.Motivated by these issues,we design an algorithm substitution attack against Fiat-Shamir family based on lattices(e.g.,BLISS,BG,Ring-TESLA,PASSSign and GLP)that are proven post-quantum computational secure.We also show an efficient deterable way to eliminate big brother’s threat by leaking signing keys from signatures on two messages to be public.Security proof shows that our schemes satisfy key extraction,undetectability and deterability.Through parameters analysis and performance evaluation,we demonstrate that our deterring subverted Fiat-Shamir signature is practical,which means that it can be applied to privacy and protection in some system architectures.