èŠ‚ç‚¹æ–‡çŒ®

å‡ ç±»å¿«é€Ÿå…¬é’¥å¯†ç çš„è®¾è®¡ä¸Žåˆ†æž

Design and Analysis of Several Classes of Fast Public Key Cryptosystems

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ çŽ‹ä¿ä»“ï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ è¥¿å®‰ç”µåç§‘æŠ€å¤§å¦ ï¼Œ å¯†ç å¦ï¼Œ 2006ï¼Œ åšå£«

ã€æ‘˜è¦ã€‘ ä¼ ç»Ÿçš„å…¬é’¥å¯†ç ç®—æ³•é€Ÿåº¦æ¯”è¾ƒæ…¢ï¼Œè¿™åˆ¶çº¦äº†å…¬é’¥å¯†ç çš„å¹¿æ³›åº”ç”¨ã€‚å›½å†…å¤–å¯†ç å¦ç•Œéƒ½åœ¨åŠ å¼ºå¿«é€Ÿå¯†ç ç®—æ³•çš„ç ”åˆ¶ä¸Žå¼€å‘ï¼Œä»¥ä¾¿ä½¿å…¬é’¥å¯†ç èƒ½å¤Ÿåº”ç”¨åˆ°æ›´å¹¿æ³›çš„çŽ¯å¢ƒä¸ã€‚åœ¨å¿«é€Ÿå…¬é’¥å¯†ç è¿™ä¸€ç ”ç©¶é¢†åŸŸï¼Œæœ¬æ–‡å–å¾—äº†å¦‚ä¸‹æˆæžœï¼š (1)æ‰¾åˆ°äº†ä¸€ç±»æ–°çš„æ˜“è§£èƒŒåŒ…é—®é¢˜ï¼Œå¹¶ç”¨æ¤é—®é¢˜æž„é€ äº†ä¸€ä¸ªèƒŒåŒ…åž‹åŠ å¯†ç®—æ³•ã€‚è¯¥ç®—æ³•æ˜¯ç¬¬ä¸€ä¸ªåŸºäºŽèƒŒåŒ…é—®é¢˜çš„æ¦‚çŽ‡åŠ å¯†æ–¹æ¡ˆã€‚è¯æ˜Žäº†è¯¥ç®—æ³•èƒ½å¤ŸæŠµæŠ—ä½Žå¯†åº¦æ”»å‡»å’Œè”ç«‹ä¸¢ç•ªå›¾é€¼è¿‘æ”»å‡»ç‰ã€‚è€Œä¸”è¯¥ç®—æ³•çš„åŠ è§£å¯†è®¡ç®—å¤æ‚åº¦æ˜¯äºŒæ¬¡çš„ã€‚ (2)æ‰¾åˆ°äº†RSAå…¬é’¥å¯†ç ç®—æ³•çš„ä¸€ç±»å¼±å¯†é’¥ï¼ŒæŒ‡å‡ºå¦‚æžœRSAæ•°çš„ä¸¤ä¸ªç´ å› åçš„æ¯”å€¼èƒ½å¤Ÿè¢«ä¸€ä¸ªå°åˆ†æ•°æœ‰æ•ˆé€¼è¿‘çš„è¯ï¼Œåˆ™RSAæ•°æ˜¯å®¹æ˜“åˆ†è§£çš„ã€‚ (3)ä½¿ç”¨ä¸å›½å‰©ä½™å®šç†æž„é€ äº†ä¸€ä¸ªå¿«é€Ÿå…¬é’¥åŠ å¯†ç®—æ³•ï¼Œè¯æ˜Žäº†æ”»å‡»è€…é‡æž„é™·é—¨ä¿¡æ¯ç‰ä»·äºŽæ±‚è§£ä¸¤ä¸ªæ•°è®ºå›°éš¾é—®é¢˜ï¼Œå³æ•´æ•°åˆ†è§£å’Œè”ç«‹ä¸¢ç•ªå›¾é€¼è¿‘é—®é¢˜ã€‚ (4)å¯¹RSAé—®é¢˜è¿›è¡Œäº†æŽ¨å¹¿ï¼Œæå‡ºäº†å¹¿ä¹‰RSAé—®é¢˜ï¼Œç»™å‡ºäº†å¹¿ä¹‰RSAé—®é¢˜ä¸ŽRSAé—®é¢˜ä¹‹é—´çš„è”ç³»ã€‚å¹¶ç”¨æ¤é—®é¢˜æž„é€ äº†ä¸€ä¸ªå…·æœ‰åŒé‡é™·é—¨è§£å¯†æœºåˆ¶çš„å…¬é’¥å¯†ç ç®—æ³•GRSAã€‚è¯æ˜Žäº†GRSAæ˜¯å•å‘çš„å½“ä¸”ä»…å½“å¹¿ä¹‰RSAè®¡ç®—é—®é¢˜æ˜¯å›°éš¾çš„ï¼ŒGRSAæ˜¯é€‰æ‹©æ˜Žæ–‡æ”»å‡»ä¸‹è¯ä¹‰å®‰å…¨çš„å½“ä¸”ä»…å½“å¹¿ä¹‰RSAåˆ¤å®šé—®é¢˜æ˜¯å›°éš¾çš„ã€‚ (5)æž„é€ äº†ä¸€ä¸ªå®‰å…¨æ€§åŸºäºŽä¸¤ä¸ªæ•°å¦å›°éš¾é—®é¢˜çš„å…¬é’¥å¯†ç ç®—æ³•ï¼Œè¯¥ç®—æ³•çš„å®‰å…¨æ€§åŒæ—¶åŸºäºŽæ•´æ•°åˆ†è§£å’Œè”ç«‹ä¸¢ç•ªå›¾é€¼è¿‘å›°éš¾é—®é¢˜ï¼Œè€Œä¸”è¯¥å¯†ç ç®—æ³•çš„åŠ è§£å¯†è®¡ç®—å¤æ‚åº¦æ˜¯äºŒæ¬¡çš„ã€‚ (6)ä½¿ç”¨çŸ©é˜µçŽ¯ä¸Šçš„ä¸€ä¸ªç‰¹æ®Šçš„ç»„åˆé—®é¢˜æž„é€ äº†ä¸€ä¸ªå…¬é’¥åŠ å¯†ç®—æ³•ï¼Œå…¶å®‰å…¨æ€§ä¸Žæ•´æ•°åˆ†è§£é—®é¢˜æœ‰å…³ï¼Œä½†å¹¶ä¸ç›´æŽ¥ä¾èµ–äºŽæ•´æ•°åˆ†è§£é—®é¢˜ï¼Œè€Œæ˜¯ä¾èµ–äºŽä¸€ç±»ç‰¹æ®Šçš„çŸ©é˜µç»„åˆé—®é¢˜ã€‚ (7)ä»Žè¾«ç¾¤ä¸Šæ±‚æ ¹é—®é¢˜çš„å›°éš¾æ€§å‡ºå‘æž„é€ äº†ä¸€ä¸ªæ•°å—ç¾åæ–¹æ¡ˆï¼Œè¯æ˜Žäº†æ”»å‡»è€…èƒ½å¤ŸæˆåŠŸåœ°ä¼ªé€ ä¸€ä¸ªç¾åå½“ä¸”ä»…å½“ä»–èƒ½å¤Ÿæ±‚è§£è¾«ç¾¤ä¸Šçš„æ±‚æ ¹é—®é¢˜ã€‚è€Œä¸”ä»Žè¯¥æ•°å—ç¾åæ–¹æ¡ˆå‡ºå‘æž„é€ äº†ä¸€ä¸ªåŸºäºŽèº«ä»½çš„æ•°å—ç¾åæ–¹æ¡ˆã€‚ (8)å¯¹å…¬é’¥å¯†ç ç®—æ³•Naccache-Sternè¿›è¡Œäº†å®‰å…¨æ€§åˆ†æžï¼ŒæŒ‡å‡ºè¯¥ç®—æ³•çš„è§£å¯†å¯ä»¥çœ‹ä½œä¸€ä¸ªç¾¤åˆ†è§£é—®é¢˜ï¼Œå¹¶è¯´æ˜Žäº†è¯¥æ”»å‡»ç®—æ³•æ”»å‡»æˆåŠŸçš„æ¦‚çŽ‡ä¾èµ–äºŽæŠŠä¸€ä¸ªéšæœºçš„è‡ªç„¶æ•°è½¬åŒ–æˆä¸€ä¸ªå…‰æ»‘æ•°çš„æ¦‚çŽ‡ã€‚ (9)å¯¹2000å¹´ACISPä¼šè®®ä¸Šçš„ä¸€ä¸ªå¿«é€Ÿå…¬é’¥å¯†ç ç®—æ³•è¿›è¡Œäº†å®‰å…¨æ€§åˆ†æžï¼Œç»™å‡ºäº†è¯¥ç®—æ³•çš„å®‰å…¨æ€§ä¸Žè”ç«‹ä¸¢ç•ªå›¾é€¼è¿‘é—®é¢˜ä»¥åŠæ ¼ä¸Šçš„æœ€å°å‘é‡é—®é¢˜ä¹‹é—´çš„å…³ç³»ã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ The traditional public-key ciphers suffer from a drawback that their speed is relatively low, which hampers the further applications of public key cryptography and also motivates the cryptographic community to design fast public-key cryptosystems. In the area of fast public-key cryptography, the author obtains the following main results.(1) A new kind of easy knapsack-type problems is found. A knapsack-type public-key encryption scheme is constructed based on the problem. This is the first probabilistic knapsack-type encryption scheme. It is shown that the cryptosystem is secure against low-density attacks and the simultaneous Diophantine approximation attacks. Furthermore, the computational complexities of the encryption and the decryption algorithms of the cryptosystem are quadratic.(2) A weak key of the RSA cryptosystem is found. It turns out that the modulus of the RSA cryptosystem is easy to factor if the the ratio of the two prime factors of the modulus can be well approximated by a small fraction.(3) A fast public-key encryption scheme is developed by using the Chinese remainder theorem. It is pointed out that the attacker must solve two number-theoretic intractable problems, namely the integer factorization and simultaneous Diophantine approximation problems, to recover the trapdoor information.(4) The RSA problem is generalized by introducing the generalized-RSA problem. The relations between the RSA problem and the G-RSA related problems are given. A public-key cryptosystem GRSA is proposed, which is based on the G-RSA problem and features double trapdoor decryption mechanism. It is proven that the GRSA is one-way if and only if the computational G-RSA problem is intractable, and the semantic security of the GRSA cryptosystem under the chosen-plaintext attack model is correct if and only the decisional G-RSA problem is infeasible.(5) A public-key cryptosystem based on two cryptographic intractable assumptions is proposed. The security of the proposed cryptosystem is based on the integer factorization and the simultaneous Diophantine approximation problems. It only takes quadratic bit complexity for the cryptosystem to perform an encryption/decryption operation.(6) A public-key cryptosystem is proposed by using a special combinatorial problem defined over the matrix ring. The security of the scheme is related to but not directly dependent upon the integer factorization problem.(7) This dissertation considers the root extraction problem defined over braid groups, and constructs a digital signature scheme. It is shown that the attacker can forge a signature if and if he can solve the root extraction problem defined over braid groups. Furthermore, the signature scheme is modified as an identity-based signature scheme.(8) The Naccache-Stern cryptosystem is cryptanalyzed. It is pointed out that the decryption of the cryptosystem can be viewed as a group factorization problem. The success probability of the attack relies on with what probability it can successfully transform a random integer into a smooth number.(9) The security of the cryptosystem proposed at ACISP 2000 is analyzed. The relation of the security of the cryptosystem with the simultaneous Diophantine approximation problem and the shortest vector problem over lattices is clarified.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ å¿«é€Ÿå…¬é’¥å¯†ç ï¼› é™·é—¨èƒŒåŒ…ï¼› æ•´æ•°åˆ†è§£ï¼› è¾«ç¾¤ï¼› è”ç«‹ä¸¢ç•ªå›¾é€¼è¿‘ï¼› æ ¼è§„çº¦ï¼›
ã€Key wordsã€‘ fast public-key cryptosystemï¼› trapdoor knapsackï¼› integer factorizationï¼› braid groupï¼› simultaneous Diophantine approximationï¼› lattice reductionï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ è¥¿å®‰ç”µåç§‘æŠ€å¤§å¦

ã€åˆ†ç±»å·ã€‘TN918.1
ã€è¢«å¼•é¢‘æ¬¡ã€‘6
ã€ä¸‹è½½é¢‘æ¬¡ã€‘760
æ”»è¯»æœŸæˆæžœ

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

å‡ ç±»å¿«é€Ÿå…¬é’¥å¯†ç çš„è®¾è®¡ä¸Žåˆ†æž

Design and Analysis of Several Classes of Fast Public Key Cryptosystems

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

å‡ ç±»å¿«é€Ÿå…¬é’¥å¯†ç çš„è®¾è®¡ä¸Žåˆ†æž