计算机工程 ›› 2020, Vol. 46 ›› Issue (7): 122-128.doi: 10.19678/j.issn.1000-3428.0055076

• 网络空间安全 • 上一篇    下一篇

格上基于KEM的认证密钥交换协议

赵宗渠, 黄鹂娟, 范涛, 马少提   

  1. 河南理工大学 计算机科学与技术学院, 河南 焦作 454000
  • 收稿日期:2019-05-30 修回日期:2019-08-10 发布日期:2019-08-20
  • 作者简介:赵宗渠(1974-),男,讲师、博士,主研方向为密码学、网络安全、恶意代码分析;黄鹂娟、范涛(通信作者)、马少提,硕士研究生。
  • 基金项目:
    国家自然科学基金(61802117);"十三五"国家密码发展基金(MMJJ20170122);河南省科技厅项目(182102310923);河南理工大学博士基金(B2016-39)。

KEM-based Authenticated Key Exchange Protocol on Lattice

ZHAO Zongqu, HUANG Lijuan, FAN Tao, MA Shaoti   

  1. College of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, Henan 454000, China
  • Received:2019-05-30 Revised:2019-08-10 Published:2019-08-20

摘要: 针对现有认证密钥交换协议计算复杂度高且无法抵抗量子攻击的问题,提出一种格上基于R-LWE问题的认证密钥交换协议。将基于R-LWE问题构造的KEM方案与带消息恢复功能的数字签名算法相结合实现认证性,并使用加密的构造方法代替Peikert式错误协调机制,获取随机均匀的会话密钥。分析结果表明,与BOS等人设计的协议相比,该协议计算复杂度较低,可大幅减少通信量,并且能够有效抵抗量子攻击。

关键词: 格密码, 密钥封装机制, 认证密钥交换协议, R-LWE问题, 数字签名

Abstract: To solve the problem that existing Authenticated Key Exchange(AKE) protocols have high computational complexity and cannot resist quantum attacks,this paper proposes an AKE protocol based on R-LWE problem on lattice.The KEM scheme constructed based on R-LWE problem is combined with the digital signature algorithm with the message recovery function to achieve authentication,and the Peikert-type error coordination mechanism is replaced by the encrypted construction method to obtain the random and uniform session key.Analysis results show that,compared with the protocol designed by BOS,et al.,the proposed protocol has lower computational complexity,significantly reduces traffic,and effectively resists quantum attacks.

Key words: lattice-based cryptography, Key Encapsulation Mechanism(KEM), Authenticated Key Exchange(AKE) protocol, R-LWE problem, digital signature

中图分类号: