|国家科技期刊平台
首页|期刊导航|信息安全研究|基于NTRU密钥协商协议设计

基于NTRU密钥协商协议设计OACSTPCD

The Design of a Key Agreement Protocol Based on NTRU

中文摘要英文摘要

NTRU是最早将密码系统困难性规约到格上困难问题的公钥密码体制.NTRU的特征简洁,密钥生成不复杂,运算速度快并且需要的存储空间小,所以目前基于格上困难问题建立密码体制的算法中,NTRU更加简便高效.然而基于NTRU的密钥协商协议相关研究较少,现存的基于NTRU的密钥协商协议消息传递过程中密钥的保护不充分,易为敌手攻击留下后门,且协议的安全性论证不充分不完备.鉴于此,提出了 2个基于NTRU格上的密钥协商协议,增加临时秘密信息,使方案具有强前向安全性,并且提出了详细的安全证明,在不泄露响应方密钥和要伪造的会话密钥的情况下,该证明是基于格上最短向量计算困难性SVP假设下会话密钥的不可伪造性.该安全证明在eCK模型下可证明安全的.相较于DH,ECDH等传统的密钥协商方案,NTRU方案是基于多项式环上的,运算效率更高,其安全性可以归约到求解格上的困难问题,可以抵御量子攻击.

NTRU is the earliest public-key cryptosystem that reduces the difficulty of the cryptosystem to the lattice-hard problem.The features of NTRU are simple,and the storage space required is small.Therefore,NTRU is more simple and efficient algorithm for establishing a cryptosystem based on lattice-hard problems.However,there are few relevant references to design NTRU-based key agreement protocols.The existing NTRU-based key agreement protocols do not protect the keys sufficiently,which is easy to leave convenience for adversary attacks.The proof is not sufficient and incomplete.In order to solve this problem,this paper proposes two key agreement protocols based on NTRU lattice,adding temporary secret information,so that the scheme has strong forward security,and proposes a detailed security proof.The proof is based on the unforgeability of the session key under the SVP assumption on the lattice.The security proof is based on the eCK model.Compared with traditional key agreement schemes such as DH and ECDH,this NTRU scheme is based on polynomial rings,and has higher computational efficiency.Its security can be reduced to solving difficult problems on lattices,and it can resist quantum attacks.

郑鉴学;张道法;徐松艳;宋苏鸣

北京遥测技术研究所 北京 100094

计算机与自动化

NTRU密钥协商协议可证明安全eCK模型

latticeNTRUkey agreement protocolprovable securityeCK model

《信息安全研究》 2024 (001)

12-19 / 8

10.12379/j.issn.2096-1057.2024.01.03

评论