Public-key encryption and certificate-based encryption from lattice
-
摘要: 证书基加密(CBE)结合了基于身份加密和公钥基础设施的各自优点,然而基于传统数学假设的CBE不能有效抵御量子算法的攻击.为此构建了一个基于格的CBE方案,可有效抵御量子算法的攻击.首先构建出一个基于格的公钥加密(PKE)方案,之后利用该PKE构建出基于格的CBE方案.该方案可被规约为格上的学习误差(LWE)问题,因此得到的CBE为随机不可区分选择明文攻击安全的.该方案是目前为止已知的第一个基于格的CBE方案.
-
关键词:
- 证书基加密 /
- 公钥加密 /
- 随机不可区分选择明文安全 /
- 学习误差假设 /
- 格
Abstract: Certificate-based encryption (CBE) combines the advantages of identity-based encryption and that of public key infrastructure. However, CBE based on traditional mathematical assumptions cannot defeat quantum attacks. This paper aims at constructing a lattice-based CBE which is post-quantum: First constructed a lattice-based public key encryption (PKE); then used this PKE to construct a lattice-based CBE. Finally, it was proved that the ciphertexts generated by our CBE are indistinguishable from random against chosen-plaintext attacks (namely, INDr-CBE-CPA secure) by assuming that the learning with errors (LWE) problem is hard. This scheme is the first known lattice-based CBE so far.-
Key words:
- CBE /
- PKE /
- INDr-CBE-CPA /
- LWE /
- Lattice
-
[1] [1] AJTAI M. Generating hard instances of lattice problems[C]//Proceedings of the twenty-eighth annual ACM symposium on Theory of computing. ACM, 1996: 99-108.[2] AJTAI M. The shortest vector problem in L2 is NP-hard for randomized reductions[C]//Proceedings of the thirtieth annual ACM symposium on Theory of computing. ACM, 1998: 10-19.[3] SHAMIR A. Identity-based cryptosystems and signature schemes[C]//Advances in cryptology. Berlin: Springer, 1985: 47-53.[4] BONEH D, FRANKLIN M. Identity-based encryption from the Weil pairing[C]//Advances in Cryptology- CRYPTO 2001. Berlin: Springer, 2001: 213-229.[5] COCKS C. An identity based encryption scheme based on quadratic residues[M]//Cryptography and Coding. Berlin: Springer, 2001: 360-363.[6] AGRAWAL S, BONEH D, BOYEN X. Efficient lattice (H)IBE in the standard model[M]//Advances in Cryp- tology-EUROCRYPT 2010. Berlin: Springer, 2010: 553-572.[7] SHOR P W. Algorithms for quantum computation: discrete logarithms and factoring[C]//Foundations of Com- puter Science, 1994 Proceedings., 35th Annual Symposium on. IEEE, 1994: 124-134.[8] GENTRY C. Certificate-based encryption and the certificate revocation problem[M]//Advances in Cryp- tology-EUROCRYPT 2003. Berlin: Springer, 2003: 272-293.[9] BONEH D, CANETTI R, HALEVI S, et al. Chosen-ciphertext security from identity-based encryption[J]. SIAM Journal on Computing, 2006, 36(5): 1301-1328.[10] REGEV O. On lattices, learning with errors, random linear codes, and cryptography[J]. Journal of the ACM (JACM), 2009, 56(6): 34.[11] BELLARE M, BOLDYREVA A, DESAI A, et al. Key-privacy in public-key encryption[M]//Advances in Cryptology-ASIACRYPT 2001. Berlin: Springer, 2001: 566-582.[12] ALWEN J, PEIKERT C. Generating shorter bases for hard random lattices[J]. Theory of Computing Systems, 2011, 48(3): 535-553.[13] AJTAI M. Generating hard instances of the short basis problem[M]//Automata, Languages and Programming. Berlin: Springer, 1999: 1-9.[14] GENTRY C, PEIKERT C, VAIKUNTANATHAN V. Trapdoors for hard lattices and new cryptographic constructions[C]//Proceedings of the 40th annual ACM symposium on Theory of computing. ACM, 2008: 197-206.[15] DODIS Y, OSTROVSKY R, REYZIN L, et al. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data[J]. SIAM Journal on Computing, 2008, 38(1): 97-139.[16] CRAMER R, DAMGRD I. On the amortized complexity of zero-knowledge protocols[M]//Advances in Cryptology-CRYPTO 2009. Berlin: Springer, 2009: 177-191.[17] PEIKERT C. Public-key cryptosystems from the worst-case shortest vector problem[C]//Proceedings of the 41st annual ACM symposium on Theory of computing. ACM, 2009: 333-342.
点击查看大图
计量
- 文章访问数: 1867
- HTML全文浏览量: 7
- PDF下载量: 1862
- 被引次数: 0