计算机科学

计算机科学 ›› 2021, Vol. 48 ›› Issue (3): 307-312.doi: 10.11896/jsjkx.200100024

所属专题: 信息安全 虚拟专题 密码学 虚拟专题

• 信息安全 • 上一篇    下一篇

基于MLWE的双向可否认加密方案

郑嘉彤1,2, 吴文渊1   

  1. 1 中国科学院重庆绿色智能技术研究院自动推理与认知重庆市重点实验室 重庆 400714
    2 中国科学院大学 北京 101408
  • 收稿日期:2020-01-03 修回日期:2020-11-09 出版日期:2021-03-15 发布日期:2021-03-05
  • 通讯作者: 吴文渊(wuwenyuan@cigit.ac.cn)
  • 作者简介:940188085@qq.com
  • 基金资助:
    重庆市科委项目(cstc2018jcyj-yszxX0002,cstc2019yszx-jcyjX0003,cstc2017zdcy-yszxX0011);中科院前沿科学重点项目(QYZDB-SSW-SYS026);贵州省科技计划项目([2020]4Y056)

Practical Bi-deniable Encryption Scheme Based on MLWE

ZHENG Jia-tong1,2, WU Wen-yuan1   

  1. 1 Chongqing Key Lab.of Auotomated Resoning & Cognition,Chongqing Inst. of Green Intelligent Technol.,Chinese Academy of Sciences,Chongqing 400714,China
    2 University of Chinese Academy of Sciences,Beijing 101408,China
  • Received:2020-01-03 Revised:2020-11-09 Online:2021-03-15 Published:2021-03-05
  • About author:ZHENG Jia-tong,born in 1995,postgraduate.His main research interests include lattice encryption and deniable encryption.
    WU Wen-yuan,born in 1976,Ph.D,researcher,Ph.D supervisor.His main research interests include lattice encryption,automatic reasoning and symbolic calculation.
  • Supported by:
    Chongqing Science and Technology Program (cstc2018jcyj-yszxX0002,cstc2019yszx-jcyjX0003,cstc2017zdcy-yszxX0011),Key Research Program of Frontier Sciences of Chinese Academy of Sciences (QYZDB-SSW-SYS026) and Guizhou Science and Technology Program ([2020]4Y056).

PDF (PC)

1060

摘要: 传统的加密方案没有考虑到敌手窃听密文后胁迫发送方或接收方交代加密时使用的公钥、随机数、明文或解密密钥的情况,因此可否认加密的概念在1997年被提出,以解决胁迫问题所带来的信息泄露。目前国内外学者仅提出了几种可否认加密方案,但是普遍存在加密效率过低和膨胀率过高的问题,因此并不实用。文中通过构造“模糊集”的方式来构造一种可抵抗量子攻击的实用双向可否认加密方案。该方案基于多项式环上的模容错学习(Module Learning With Errors,MLWE)困难问题来构造两个敌手无法进行区分的密文分布,并通过卡方统计实验验证了两个密文分布的不可区分性,其安全性可规约到格上的最短独立向量问题(Shortest Independent Vectors Problem,SIVP)。文中对方案的正确性、安全性、可否认性、膨胀率和复杂度等进行了分析,并且通过C++实现的实验结果与理论分析相一致。实验结果表明,该可否认加密方案的误码率约为1×10-23,密文膨胀率为5.0,加密速度约为670 KB/s,因此该方案在电子选举和电子竞标等场景具有实用价值。

关键词: 对称加密, 格密码, 抗量子攻击, 可否认加密, 模糊集

Abstract: The traditional encryption scheme does not take into account the situation in which the adversary eavesdrops on the ciphertext to force the sender or receiver to hand over the public key,random number,plaintext,or secret key used in the encryption.Therefore,the concept of deniable encryption was proposed in 1997 to solve the information leakage caused by the coercion problem.At present,only several complete deniable encryption schemes have been proposed and implemented.However,the schemes are not practical due to the problems of low encryption efficiency and high expansion rate.By constructing a “translucent set”,a practical bi-deniable anti-quantum encryption scheme is proposed in this paper.The scheme uses the difficult problem of Module Learning With Errors (MLWE) based on polynomial ring to construct two ciphertext distributions that adversaries can’tdistinguish.The indistinguishability of two ciphertext distributions is verified by chi-square statistical experiments.The schemes’ security can be reduced to the Shortest Independent Vectors Problem (SIVP).Meanwhile,the correctness,security,deniable,expansion rate and complexity of the scheme are theoretically analyzed.And the experimental results obtained through C++are consistent with the theoretical analysis.Experimental results show that the bit error rate is about 1×10<sup>-23,the ciphertext expansion rate 5.0,and the encryption efficiency is about 670 KB/s.Therefore,it has practical application prospects in many scena-rios,such as electronic election and electronic bidding.

Key words: Anti-quantum attack, Deniable encryption, Lattice encryption, Symmetric encryption, Translucent set

中图分类号: 

  • TP309
[1]CANETTI R,DWORK C,NAOR M,et al.Deniable encryption[C]//Annual International Cryptology Conference.Springer,1997:90-104.
[2]IBRAHIM M H.A Method for Obtaining Deniable Public-Key Encryption[J].International Journal of Network Security,2009,8(1):1-9.
[3]JAYDEEP H D N.Sender-Side Public Key Deniable Encryption Scheme[C]//International Conference on Advances in Recent Technologies in Communication & Computing.IEEE,2009:27-28.
[4]MAREK K,PRZEMYALAW K,MIROSLAW K.Practical de-niable encryption[C]//Proc. of the 34th Conference on Current Trends in Theory and Practice of Computer Science.Berlin:Springer-Verlag,2008:599-609.
[5]IBRAHIM M H.Receiver-deniable Public-Key Encryption[J].International Journal of Network Security,2009,8(2):159-165.
[6]KLONOWSKI M,KUBIAK P,KUTYŁOWSKI M.PracticalDeniable Encryption[J].Theory and Practice of Computer Science,2008,4910:599-609.
[7]MENG B,WANG J Q.An Efficient Receiver Deniable Encryption Scheme and Its Applications[J].Journal of Networks,2010,5(6):683-690.
[8]CRAMER R,GENNARO R,SCHOENMAKERS B.A Secure and Optimally Efficient Multi-Authority Election Scheme[C]//International Conference on the Theory & Applications of Cryptographic Techniques.Springer,1997:481-490.
[9]HIRT M,SAKO K.Efficient Receipt-Free Voting Based on Homomorphic Encryption[J].Lecture Notes in Computer Science,2000,1807:539-556.
[10]REGEV O.On Lattices,Learning with Errors,Random Linear Codes,and Cryptography[J].Journal of the Acm,2009,56(6):1-40.
[11]LYUBASHEVSKY V,PEIKERT C,REGEV O.On ideal lattices and learning with errors over rings[C]//Annual International Conference on the Theory and Applications of Cryptographic Techniques.Springer,2010:1-23.
[12]LANGLOIS A,STEHLE D.Worst-case to average-case reductions for module lattices [J].Designs,Codes and Cryptography,2015,75(3):565-599.
[13]BOS J,DUCAS L,KILTZ E,et al.CRYSTALS-Kyber:a CCA-secure module-lattice-based KEM[J].IACR Cryptology ePrint Archive,2017:634-650.
[14]KE C S,WU W Y,FENG Y.Low Expansion Rate EncrptionAlgorithm Based on MLWE[J].Computer Science,2019,46(4):145-150.
[15]O’NEIL A,PEIKERT C,WATERS B.Bi-Deniable Public-Key Encryption[C]//Annual International Cryptology Conference.Springer,2011:525-542.
[16]BAI S,LANGLOIS A,LEPOINT T,et al.Improved securityproofs in lattice-based cryptography:using the Renyi divergence rather than the stastical distance[C]//International Conference on the Theory and Application of Cryptology and Information Security.Springer,2015:3-24.
[17]WU W Y,ZHENG J T,FENG Y.Sender-side Public Key Deniable Encryption Scheme Based on LWE[J].Advanced Enginee-ring Sciences,2020,52(2):1-8.
[18]SUN L,WANG C F.Practical deniable encryption scheme and security proofs[J].Application Research of Computers,2010,27(10):3862-3865.
[19]SUN L.Deniable Encryption and Deniable Protocol[D].Lanzhou:Northwest Normal University,2011.
[20]ZHENG J T.Public Key Deniable Schemes Based on Lattice Problems [D].Beijing:University of Chinese Academy ofScien-ces,2020.
[1] 戴宗明, 胡凯, 谢捷, 郭亚.
基于直觉模糊集的集成学习算法
Ensemble Learning Algorithm Based on Intuitionistic Fuzzy Sets
计算机科学, 2021, 48(6A): 270-274. https://doi.org/10.11896/jsjkx.200700036
[2] 钱心缘, 吴文渊.
基于R-SIS和R-LWE构建的IBE加密方案
Identity-based Encryption Scheme Based on R-SIS/R-LWE
计算机科学, 2021, 48(6): 315-323. https://doi.org/10.11896/jsjkx.200700215
[3] 康波, 潘小东, 王虎.
基于公理化模糊集合的模糊推理方法
Fuzzy Reasoning Method Based on Axiomatic Fuzzy Sets
计算机科学, 2021, 48(11A): 57-62. https://doi.org/10.11896/jsjkx.201200140
[4] 冷峰, 张明凯, 延志伟, 张翠玲, 曾宇.
国密算法在资源公钥基础设施(RPKI)中的应用
Application of Chinese Cryptographic Algorithm in RPKI
计算机科学, 2021, 48(11A): 678-681. https://doi.org/10.11896/jsjkx.210100030
[5] 薛占熬, 孙冰心, 侯昊东, 荆萌萌.
基于多粒度粗糙直觉犹豫模糊集的最优粒度选择方法
Optimal Granulation Selection Method Based on Multi-granulation Rough Intuitionistic Hesitant Fuzzy Sets
计算机科学, 2021, 48(10): 98-106. https://doi.org/10.11896/jsjkx.200800074
[6] 张煜, 陆亿红, 黄德才.
基于密度峰值的加权犹豫模糊聚类算法
Weighted Hesitant Fuzzy Clustering Based on Density Peaks
计算机科学, 2021, 48(1): 145-151. https://doi.org/10.11896/jsjkx.200400043
[7] 胡平, 秦克云.
基于模糊等价的毕达哥拉斯模糊集相似度构造方法
Similarity Construction Method for Pythagorean Fuzzy Set Based on Fuzzy Equivalence
计算机科学, 2021, 48(1): 152-156. https://doi.org/10.11896/jsjkx.191100102
[8] 陈玉金, 徐吉辉, 史佳辉, 刘宇.
基于直觉犹豫模糊集的三支决策模型及其应用
Three-way Decision Models Based on Intuitionistic Hesitant Fuzzy Sets and Its Applications
计算机科学, 2020, 47(8): 144-150. https://doi.org/10.11896/jsjkx.190800041
[9] 陈利锋, 朱路平.
一种基于云端加密的FPGA自适应动态配置方法
Encrypted Dynamic Configuration Method of FPGA Based on Cloud
计算机科学, 2020, 47(7): 278-281. https://doi.org/10.11896/jsjkx.190700110
[10] 胡磊, 严丽.
一种基于模糊集和概率分布的不确定XML模型及其代数运算
Uncertain XML Model Based on Fuzzy Sets and Probability Distribution and Its Algebraic Operations
计算机科学, 2020, 47(7): 21-30. https://doi.org/10.11896/jsjkx.190700164
[11] 李树全,刘磊,朱大勇,熊超,李锐.
一种面向云存储的数据动态验证方案
Protocol of Dynamic Provable Data Integrity for Cloud Storage
计算机科学, 2020, 47(2): 256-261. https://doi.org/10.11896/jsjkx.181202371
[12] 杨洁, 王国胤, 张清华, 冯林.
层次粒结构下粗糙模糊集的不确定性度量
Uncertainty Measure of Rough Fuzzy Sets in Hierarchical Granular Structure
计算机科学, 2019, 46(1): 45-50. https://doi.org/10.11896/j.issn.1002-137X.2019.01.007
[13] 郑宏亮, 侯雪辉, 宋笑迎, 庞阔, 邹丽.
基于犹豫模糊可信度的知识推理
Approach for Knowledge Reasoning Based on Hesitate Fuzzy Credibility
计算机科学, 2019, 46(1): 131-137. https://doi.org/10.11896/j.issn.1002-137X.2019.01.020
[14] 吴文华, 宋亚飞, 刘晶.
直觉模糊框架内的证据动态可靠性评估及应用
Dynamic Reliability Evaluation Method of Evidence Based on Intuitionistic Fuzzy Sets and Its Applications
计算机科学, 2018, 45(12): 160-165. https://doi.org/10.11896/j.issn.1002-137X.2018.12.025
[15] 邢瑞康, 李成海, 范晓诗.
网电空间中基于IFTS预测模型的IDS方法
Intrusion Detection Method Based on Intuitionistic Fuzzy Time Series Forecasting Model in Cyberspace
计算机科学, 2018, 45(11): 164-168. https://doi.org/10.11896/j.issn.1002-137X.2018.11.025
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发