CN108173643A - An Efficient Key Consensus Transmission Method - Google Patents
An Efficient Key Consensus Transmission Method Download PDFInfo
- Publication number
- CN108173643A CN108173643A CN201611018455.1A CN201611018455A CN108173643A CN 108173643 A CN108173643 A CN 108173643A CN 201611018455 A CN201611018455 A CN 201611018455A CN 108173643 A CN108173643 A CN 108173643A
- Authority
- CN
- China
- Prior art keywords
- dimensional vectors
- dimensional
- calculates
- vector
- secret
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 230000005540 biological transmission Effects 0.000 title claims abstract description 9
- 239000013598 vector Substances 0.000 claims abstract description 29
- 239000003999 initiator Substances 0.000 claims description 2
- 230000015572 biosynthetic process Effects 0.000 claims 1
- 230000009897 systematic effect Effects 0.000 claims 1
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000011159 matrix material Substances 0.000 description 2
- 239000002131 composite material Substances 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Compression, Expansion, Code Conversion, And Decoders (AREA)
Abstract
Description
技术领域technical field
本发明涉及密码和编码技术领域,具体地说,涉及一种高效的密钥共识传输方法。The invention relates to the technical field of encryption and encoding, in particular to an efficient key consensus transmission method.
背景技术Background technique
伴随量子计算机的快速发展,发展抗量子攻击的密码和编码算法变得愈来愈迫切。格基,特别是基于LWE和RLWE问题的,新型密码系统是后量子密码的主流技术。基于LWE和RLWE的密码系统(特别是公钥加密、密钥协商等) 的核心模块是如何从距离较近但却不相等的值中达成秘密共识和传送。已有的秘密共识和传送方案存在效率差、出错率高、实用性差等缺点,发展新型的秘密共识和传送方法具有在重大的产业和应用价值,是引领和占据国际信息安全产业制高点的核心技术。With the rapid development of quantum computers, it is becoming more and more urgent to develop ciphers and encoding algorithms that are resistant to quantum attacks. Lattice, especially based on LWE and RLWE problems, the new cryptographic system is the mainstream technology of post-quantum cryptography. The core module of LWE- and RLWE-based cryptosystems (especially public-key encryption, key agreement, etc.) is how to achieve secret consensus and transfer from values that are close but not equal. The existing secret consensus and transmission schemes have shortcomings such as poor efficiency, high error rate, and poor practicability. The development of new secret consensus and transmission methods has great industrial and application value, and is the core technology that leads and occupies the commanding heights of the international information security industry .
给定两个四维列向量和定义 即对向量的每一维进行四舍五入,其中是四舍五入运算符,定义向量的一阶范数定义为四阶方阵。集合Zq可以用两种方法表示:或 其中是向下取整运算符。对于任意的整数x∈Z,定义|x|q=min{x mod q,q-x mod q};对于任意的四维列向量 定义 Given two 4D column vectors and definition i.e. vector Each dimension of is rounded, where is the rounding operator that defines the first-order norm of the vector definition is a square matrix of order four. The set Z q can be represented in two ways: or in is the floor operator. For any integer x∈Z, define |x| q = min{x mod q, qx mod q}; for any four-dimensional column vector definition
发明内容Contents of the invention
为解决上述问题,本发明提供了一种高效的密钥共识传输方法,发明方法达到了密钥共识传输方法所能达到的效率的上界,是国际上首个达到效率上界的秘密共识和传输方法。为了降低出差率,我们用四维信息来达成一位的秘密共识和传输;发明方法可以用来构建目前为止基于RLWE的最为高效的公钥加密系统。所述方法包括:In order to solve the above problems, the present invention provides an efficient key consensus transmission method. The inventive method reaches the upper bound of the efficiency that the key consensus transmission method can achieve, and is the first secret consensus and transfer method. In order to reduce the travel rate, we use four-dimensional information to achieve a secret consensus and transmission; the invented method can be used to build the most efficient public key encryption system based on RLWE so far. The methods include:
系统参数:params=(q,m,g,d),其中q、m、g、d为正整数,满足: m≥2,q≥g>2,0≤d<q(1-1/g)-2;通常而言,q为素数;令 和为四维列向量;系统参数可以由系统内的用户协商决定,或由使用发明方法的过程来确定,或由可信第三方给定。System parameters: params=(q, m, g, d), where q, m, g, d are positive integers, satisfying: m≥2, q≥g>2, 0≤d<q(1-1/g )-2; generally speaking, q is a prime number; let and is a four-dimensional column vector; system parameters can be determined through negotiation among users in the system, or determined by the process of using the invented method, or given by a trusted third party.
给定两个四维列向量和定义 即对向量的每一维进行四舍五入,其中是四舍五入运算符,定义向量的一阶范数定义令 为四阶方阵;对于任意的整数x∈Z,定义|x|q=min{x mod q,q-x mod q};对于任意的四维列向量其中或 是向下取整运算符,定义 Given two 4D column vectors and definition i.e. vector Each dimension of is rounded, where is the rounding operator that defines the first-order norm of the vector definition make is a fourth-order square matrix; for any integer x∈Z, define |x| q = min{x mod q, qx mod q}; for any four-dimensional column vector in or is the floor operator, defined by
系统中的两个用户(可以为设备、程序等),运行发明方法的初始者记为运行方法的响应者记为有一个秘密输入四维列向量 和秘密信息k1∈{0,1};有一个秘密输入四维列向量 满足发明方法将使得和达成相同的密钥共识k1=k2∈{0,1},其中k2将由计算得到。为此,向传送一个四维向量信息具体而言:Two users (can be equipment, program etc.) in the system, the initiator who runs the inventive method is denoted as The responder of the run method is denoted as There is a secret input 4D column vector and secret information k 1 ∈ {0, 1}; There is a secret input 4D column vector Satisfy The invented method will allow and Reach the same key consensus k 1 = k 2 ∈ {0, 1}, where k 2 will be determined by calculated. to this end, Towards Send a 4D vector message in particular:
发送者编码方法:按如下步骤计算得到并将传送给 Sender encoding method: Calculated according to the following steps and will sent to
步骤一:计算 step one: calculate
步骤二:计算并检查:如果则令b=0,否则令b=1;记 Step two: Calculate and check: if Then let b=0, otherwise let b=1; record
步骤三:计算 Step three: calculate
步骤四:将传送给 Step four: Will sent to
接收者解码方法:收到之后,按如下步骤计算得到k2:Receiver Decoding Method: Received after, Calculate k 2 as follows:
步骤一:计算 Step 1: Calculate
步骤二:计算 Step 2: Calculate
步骤三:计算并检查:如果t<1,则令k2=0,否则令k2=1。 Step 3: Calculate and check: if t<1, set k 2 =0, otherwise set k 2 =1.
为了描述的简便期间,发明方法仅描述了如何从距离比较近的四维向量共识并传输一位的秘密信息。在发明方法的实际应用中,交互的各方可以有更高维度的输入;比如:交互的每一方输入中的向量是1024维度的,这时可以将1024维度的向量分成255组,每一组视作一个四维向量,然后并行运行发明方法256次,从而可以共识和传输256位的信息。发明方法也可以扩展在输入是二维向量或八维向量的情况工作。For simplicity of description, the inventive method only describes how to consensus and transmit one bit of secret information from a relatively close four-dimensional vector. In the practical application of the inventive method, all parties to the interaction can have higher-dimensional inputs; for example, if the vectors in the input of each party to the interaction are 1024-dimensional, then the 1024-dimensional vectors can be divided into 255 groups, and each group Treat it as a four-dimensional vector, and then run the inventive method 256 times in parallel, so that 256 bits of information can be consensus and transmitted. The inventive method can also be extended to work when the input is a two-dimensional vector or an eight-dimensional vector.
注意发明方法中的k1可以由发送方在运行发明方法之前就可以确定,从而具有优良的在线和并行运算能力,这是发明方法的一个重要性质。发明方法在用于密钥协商时,k1是从{0,1}中随机选取;当发明方法在用于加密时,k1可以服从 {0,1}上的任何分布。当应用于基于LWE或RLWE的密码系统构造时,运行发明方法的交互各方需交换LWE或RLWE数据,并由这些数据分别导出向量和当应用于RLWE密码系统时,q一般为素数;而应用于LWE密码系统时, q既可以为素数也可以为合数。Note that k 1 in the inventive method can be determined by the sender before running the inventive method, thus having excellent online and parallel computing capabilities, which is an important property of the inventive method. When the inventive method is used for key agreement, k 1 is randomly selected from {0, 1}; when the inventive method is used for encryption, k 1 can obey any distribution on {0, 1}. When applied to the construction of a cryptographic system based on LWE or RLWE, the interactive parties running the inventive method need to exchange LWE or RLWE data, and derive vectors from these data and When applied to the RLWE cryptosystem, q is generally a prime number; while applied to the LWE cryptosystem, q can be either a prime number or a composite number.
Claims (1)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611018455.1A CN108173643B (en) | 2016-11-18 | 2016-11-18 | An Efficient Key Consensus Transmission Method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611018455.1A CN108173643B (en) | 2016-11-18 | 2016-11-18 | An Efficient Key Consensus Transmission Method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108173643A true CN108173643A (en) | 2018-06-15 |
CN108173643B CN108173643B (en) | 2021-04-13 |
Family
ID=62525951
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611018455.1A Active CN108173643B (en) | 2016-11-18 | 2016-11-18 | An Efficient Key Consensus Transmission Method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108173643B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108989031A (en) * | 2018-07-27 | 2018-12-11 | 上海扈民区块链科技有限公司 | A kind of more bit error correction coding-decoding methods |
CN109861821A (en) * | 2019-02-26 | 2019-06-07 | 清华大学 | An error coordination method for LWE public key cryptography |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101150399A (en) * | 2007-10-12 | 2008-03-26 | 四川长虹电器股份有限公司 | Generation method for share secret key |
CN101187856A (en) * | 2007-12-12 | 2008-05-28 | 四川长虹电器股份有限公司 | Random number generation method |
CN103368725A (en) * | 2012-04-06 | 2013-10-23 | 中国科学院软件研究所 | Construction method of G0-type S-box and circuit of G0-type S-box |
-
2016
- 2016-11-18 CN CN201611018455.1A patent/CN108173643B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101150399A (en) * | 2007-10-12 | 2008-03-26 | 四川长虹电器股份有限公司 | Generation method for share secret key |
CN101187856A (en) * | 2007-12-12 | 2008-05-28 | 四川长虹电器股份有限公司 | Random number generation method |
CN103368725A (en) * | 2012-04-06 | 2013-10-23 | 中国科学院软件研究所 | Construction method of G0-type S-box and circuit of G0-type S-box |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108989031A (en) * | 2018-07-27 | 2018-12-11 | 上海扈民区块链科技有限公司 | A kind of more bit error correction coding-decoding methods |
CN108989031B (en) * | 2018-07-27 | 2022-07-01 | 上海扈民区块链科技有限公司 | A multi-bit error correction coding and decoding method |
CN109861821A (en) * | 2019-02-26 | 2019-06-07 | 清华大学 | An error coordination method for LWE public key cryptography |
CN109861821B (en) * | 2019-02-26 | 2020-10-30 | 清华大学 | Error coordination method for LWE public key password |
Also Published As
Publication number | Publication date |
---|---|
CN108173643B (en) | 2021-04-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109657489B (en) | Privacy protection set intersection two-party secure calculation method and system | |
CN108388808B (en) | Image Encryption Method Based on Hill Encryption and Dynamic DNA Coding | |
CN105337737B (en) | Public key encryption communication means and device | |
CN108650097B (en) | Efficient digital signature aggregation method | |
JPWO2008087734A1 (en) | Ciphertext generation apparatus, cryptographic communication system, and group parameter generation apparatus | |
CN1889433A (en) | Mutual identifying key consultation method and system based on hidden common key certificate | |
CN101267277A (en) | Anti-eavesdropping and anti-pollution network coding method | |
JP2019528028A (en) | Method and system for advanced data-centric encryption system using geometric algebra | |
CN107566121B (en) | Efficient secret consensus method | |
CN109450635A (en) | A kind of sender based on fault-tolerant problem concerning study can deny encryption method | |
JP4869824B2 (en) | Receiver device, sender device, cryptographic communication system, and program | |
CN114978533A (en) | Verifiable security aggregation method based on weighted layered asynchronous federated learning | |
CN108173643B (en) | An Efficient Key Consensus Transmission Method | |
CN109040041B (en) | Data layer encryption device and related electronic device, storage medium | |
CN106453253A (en) | Efficient identity-based concealed signcryption method | |
CN115037439A (en) | Multi-party privacy set intersection method and system suitable for small set | |
CN110932856B (en) | Verifiable quantum key negotiation method | |
CN109344627A (en) | A Novel Shannon Perfect Secrecy Method | |
CN109861821B (en) | Error coordination method for LWE public key password | |
CN112468284A (en) | A method of safety outsourcing based on SHE | |
CN104486074B (en) | For the elliptic curve cryptography method and decryption method of embedded device | |
CN106534144A (en) | Network covert channel construction method based on Web application directory tree | |
CN113330712A (en) | Encryption system and method using permutation group-based encryption technology | |
Barman et al. | An efficient hybrid elliptic curve cryptography system with DNA encoding | |
CN110932863A (en) | A Code-Based Generalized Signcryption Method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20190412 Address after: Room 5345, Lane 786, Xinzhong Road, Xinhe Town, Chongming District, Shanghai Applicant after: SHANGHAI HUMIN BLOCKCHAIN TECHNOLOGY Co.,Ltd. Address before: 200433 Fudan University, 220 Handan Road, Yangpu District, Fudan University Applicant before: Zhao Yunlei |
|
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: Room 345, No. 5, 786 Lane, Xinzhong Road, Xinhe Town, Chongming District, Shanghai Applicant after: SHANGHAI HUMIN BLOCKCHAIN TECHNOLOGY Co.,Ltd. Address before: Room 5345, Lane 786, Xinzhong Road, Xinhe Town, Chongming District, Shanghai Applicant before: SHANGHAI HUMIN BLOCKCHAIN TECHNOLOGY Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20220823 Address after: Room 717, School of Computer Science, Fudan University (Jiangwan Campus), No. 2005, Songhu Road, Yangpu District, Shanghai, 200438 Patentee after: Zhao Yunlei Address before: Room 345, No.5, Lane 786, Xinzhong Road, Xinhe Town, Chongming District, Shanghai 202156 Patentee before: SHANGHAI HUMIN BLOCKCHAIN TECHNOLOGY Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240117 Address after: 200433 No. 220, Handan Road, Shanghai, Yangpu District Patentee after: FUDAN University Address before: Room 717, School of Computer Science, Fudan University (Jiangwan Campus), No. 2005, Songhu Road, Yangpu District, Shanghai, 200438 Patentee before: Zhao Yunlei |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20241226 Address after: 201,601 1st floor, Building 2, No. 18, Fangsi Road, Sijing Town, Songjiang District, Shanghai Patentee after: Shanghai Honggehou Quantum Technology Co.,Ltd. Country or region after: China Address before: 200433 No. 220, Handan Road, Shanghai, Yangpu District Patentee before: FUDAN University Country or region before: China |