基于超奇异同源的鉴别方案

doi:10.13868/j.cnki.jcr.000260

摘要
图/表
参考文献(15)
相关文章 (15)

全文: PDF (499 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要

在本文中, 我们构造了一种基于超奇异椭圆曲线同源的身份识别方案, 该方案可用于构造基于同源的零知识证明, 进一步用于设计基于同源的抗量子数字签名方案和基于同源的区块链抗量子密码方案. 我们的方案是De Feo, Jao和Pl\^{u}t的方案的推广, 是一种交互的零知识证明方案. 我们的方案同样也可以使用Unruh的构造方法把交互零知识证明转换为非交互零知识证明. 零知识证明可用于区块链的隐私保护, 为了获得抗量子安全的零知识证明, 需要使用抗量子密码算法. 截止到目前为止, 与其它抗量子密码算法相比, 其中基于同源的抗量子密码在相同的安全水平下, 公钥长度和通信量是最小的. 因此我们尝试寻找基于同源的零知识证明方案和数字签名方案. 目前基于同源的数字签名方案都依赖于De Feo, Jao和Pl\^{u}t的方案. 但是使用De Feo, Jao 和Pl\^{u}t的方案设计的零知识证明效率很低, 每一次交互过程只能确认1比特的安全性. 我们的方案在De Feo, Jao和Pl\^{u}t的方案的基础上推广到一次交互过程可以确认2比特的安全性.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章

关键词 ：同源, 零知识证明, 鉴别方案, 区块链

Abstract：

This paper presents an identification scheme based on supersingular isogenies. The proposed scheme can be used to construct zero-knowledge proof based on isogenies. Furthermore, it can be used to design post-quantum digital signature schemes and post-quantum block chain cryptography schemes based on isogenies. The proposed scheme is a generalization of De Feo, Jao, and Pl\^{u}t's scheme, and is an interactive zero-knowledge proof scheme. The proposed scheme can use Unruh's construction to transform the interactive zero-knowledge proof into a non-interactive one. Zero-knowledge proof can be used to protect the privacy in block chain. In order to have the post-quantum security zero-knowledge proof, post-quantum cryptography algorithms need to be used. Compared with other post-quantum cryptography algorithms known so far, at the same security level, the cryptography based on isogeny has the shortest public key length and the least communication cost. Thus we try to find the zero-knowledge proof schemes and digital signature schemes based on isogeny. By far, the digital signature schemes based on isogeny all depend on the De Feo, Jao, and Pl\^{u}t's scheme. However, the zero-knowledge proof constructed by De Feo, Jao, and Pl\^{u}t's scheme is noneffective, because it can only validate 1 bit security in each round of the interactive proof. We generalize the De Feo, Jao, and Pl\^{u}t's scheme to get 2 bit security in each round of the interactive proof.

Key words： isogeny zero knowledge identification scheme block chain

收稿日期: 2018-07-28 出版日期: 2018-09-27

基金资助:国家重点研发计划(2017YFB0802500)

通讯作者: 高胜, E-mail: gs14011@163.com

引用本文:

林齐平高胜. 基于超奇异同源的鉴别方案[J]. 密码学报, 2018, 5(5): 510-515.
LIN Q P, GAO S. Identification Scheme Based on Supersingular Isogenies. Journal of Cryptologic Research, 2018, 5(5): 510-515.

链接本文:

http://www.jcr.cacrnet.org.cn/CN/10.13868/j.cnki.jcr.000260 或 http://www.jcr.cacrnet.org.cn/CN/Y2018/V5/I5/510

\bibitem{1}V\'{E}LU J. Isog\'{e}nies entre courbes elliptiques[J]. C. R. Acad. Sc. Paris, S\'{e}rie A., 273, 1971: 238–241.

\bibitem{2}BOSTAN A, MORAIN F, SALVY B, et al. Fast algorithms for computing isogenies between elliptic curves[J]. Mathematics of Computation, 77, 2008: 1755–1778. [DOI: 10.1090/S0025-5718-08-02066-8]

\bibitem{3}KOHEL D. Endomorphism Rings of Elliptic Curves over Finite Fields[D]. [Ph.D. Dissertation]. Berkeley, CA, USA. University of California Berkeley, 1996.

\bibitem{4}BLAKE I, SEROUSSI G, SMART N. Elliptic Curves in Cryptography[M]. Cambridge University Press, UK. 1999. [DOI: 10.1112/S0024609300247371]

\bibitem{5}DE FEO L, JAO D, PL\^{U}T J. Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies[J]. Journal of Mathematical Cryptology, 2014, 8(3): 209–247. [DOI: 10.1515/jmc-2012-0015]

\bibitem{6}SUN X, TIAN H B, WANG Y M. Toward quantum-resistant strong designated verifier signature from isogenies[C]. In: 2012 Fourth International Conference on Intelligent Networking and Collaborative Systems (INCoS 2012). IEEE, 2012: 292–296. [DOI: 10.1109/iNCoS.2012.70]

\bibitem{7}GALBRAITH S D, PETIT C, SILVA J. Identification protocols and signature schemes based on supersingular isogeny problems[C]. In: Advances in Cryptology—ASIACRYPT 2017, Part I. Springer Cham, 2017: 3–33. [DOI: 10.1007/978-3-319-70694-8\_1]

\bibitem{8}YOO Y, AZARDERAKHSH R, JALALI A, et al. A post-quantum digital signature scheme based on supersingular isogenies[C]. In: Financial Cryptography and Data Security—FC 2017. Springer Cham, 2017: 163–181. [DOI: 10.1007/978-3-319-70972-7\_9]

\bibitem{9}JAO D, SOUKHAREV V. Isogeny-based quantum-resistant undeniable signatures[C]. In: Post-Quantum Cryptography—PQCrypto 2014. Springer Cham, 2014: 160–179. [DOI: 10.1007/978-3-319-11659-4\_10]

\bibitem{10}AZARDERAKHSH R, JAO D, KALACH K, et al. Key compression for isogeny-based cryptosystems[C]. In: Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography. ACM, 2016: 1–10. [DOI: 10.1145/2898420.2898421]

\bibitem{11}COSTELLO C, LONGA P, NAEHRIG M. Efficient algorithms for supersingular isogeny Diffie-Hellman[C]. In: Advances in Cryptology—CRYPTO 2016, Part I. Springer Berlin Heidelberg, 2016: 572–601. [DOI: 10.1007/978-3-662-53018-4\_21]

\bibitem{12}TORRES W A A, STEINFELD R, SAKZAD A, et al. Post-quantum one-time linkable ring signature and application to ring confidential transactions in blockchain (Lattice RingCT v1.0)[J]. IACR Cryptology ePrint Archive, 2018: 2018/379. https://eprint.iacr.org/2018/379.

\bibitem{13}BAUM C, BOOTLE J, CERULLI A, et al. Sub-linear-based zero-knowledge arguments for arithmetic circuits[J]. IACR Cryptology ePrint Archive, 2018: 2018/560. https://eprint.iacr.org/2018/560.

\bibitem{14}UNRUH D. Non-interactive zero-knowledge proofs in the quantum random oracle model[C]. In: Advances in Cryptology—EUROCRYPT 2015, Part II. Springer Berlin Heidelberg, 2015: 755–784. [DOI: 10.1007/978-3-662-46803-6\_25]

\bibitem{15}ZHANG H, ZHANG F G, TIAN H B, et al. Anonymous post-quantum cryptocash[J]. IACR Cryptology ePrint Archive, 2017: 2017/716. https://eprint.iacr.org/2017/716.