【作者】 韩牟；

【导师】 张宏；

【作者基本信息】 南京理工大学 ， 计算机应用技术， 2011， 博士

【摘要】 后量子密码学是一个有重要意义的挑战性问题,对于未来量子计算机出现后,保证Internet中的信息安全将起关键作用。本文依托研究后量子密码学的重要意义,主要探讨和研究了基于编码的后量子公钥密码学中的一些问题,并重点对纠错码的结构,基于编码的后量子公钥加密方案的构造方法、安全性证明和基于编码的后量子数字签名算法的构造进行了研究,取得的研究成果和创新如下：1、有限链环Fqd+uFqd+…+upa-1Fqd(upa=0)上重根循环码：为了进一步强调有限链环上重根循环码在编码理论与密码学中的重要性,本文对当d=1,q=p(p为素数),并令pa=k时,环R=Fqd+uFqd+…+upa-1Fqd(upa=0)上的重根循环码及其对偶码进行了深入研究。通过使用环R=Fqd+uFqd+…+upa-1Fqd,(upa=0)中的基本概念,给出了伽罗瓦环GR(uk,m)以及其扩环Suk(m,ω)的性质。在此基础上,利用GR(uk,m)中扰码的定义和性质,首先证明了环S=Fpm[ω]/<ωps-1>的理想为Torj(C),接着证明了扩环Suk(m,ω)中的理想的多项式表示为C=<so,us1,…,uk-1sk-1>,最后通过离散傅里叶变换得到环R=Fp[u]/<uk>上长为psn循环码的多项式表示和其对偶码的结构,为寻找基于线性码和格的后量子数字签名更优方案打下基础。2、构造了基于纠错码的公钥加密方案：基于F度量,构造了基于最大F距离码新的McEliece和Niederreiter公钥加密方案。在所构造的新方案中,合法接收者通过引入一个随机矩阵X作为附加私钥,并把X加入到原始公钥中,从而产生了一个新的公钥,使该密码系统能够有效抗击敌手想通过已知的公钥获得私钥的攻击。另外通过对现有可行攻击方法的分析,说明了基于最大F距离码新的McEliece和Niederreiter公钥加密方案是安全可行的。此外,本章还给出了最大F离码的快速译码方法。3、构造了可证明安全的基于纠错码的公钥加密体制：通过对原始的Niederreiter和F-Niederreiter公钥加密方案攻击方法的分析,提出原始的Niederreiter公钥加密算法和F-Niederreiter公钥加密算法是单向的命题。基于此命题,利用纠错码理论,构造了在随机预言模型下可证明安全的Niederreiter和F-Niederreiter公钥加密方案。4、利用纠错码构造基于无证书的数字签名方案：为了构造一种具有特殊性质的后量子数字签名方案,首先对无证书密码体制进行了研究。通过对原始的无证书加密方案顺序的改变,利用双线性映射构造了一个有效的可以抵抗恶意私钥中心的无证书加密方案。在方案中,加密过程只需一次幂运算,解密过程仅需一个对运算,与已有的方案相比具有很高的效率。方案安全性基于计算Diffie-Hellman司题和P-双线性Diffie-Hellman Inversion司题,并在随机预言模型下对用该方法所构造的方案的安全性给予了证明；最后利用无证书密码体制构造了具有特殊性质的后量子数字签名方案——基于纠错码的无证书数字签名方案。更多还原

【Abstract】 Post-Quantum Cryptography is a challenging research topic with an important significance because it will play a central role in ensuring information security in the internet if large quantum computers are built. Based on the significance of the research topic, this thesis mainly investigates several issues in one family of public key cryptosystems that have the potential to resist quantum computers: the code-based post-quantum public key cryptography. We focus on studying the structure of error-correcting code, as well as the methods to construct code-based post-quantum public key encryption scheme, provable security post-quantum public key encryption scheme, and code-based post-quantum signature scheme. The main contributions of the thesis can be enumerated as follows:1. We study repeated-root cyclic codes over Fqd +uFqd +…upa-1Fqd(upa = 0) for length N=psn. To further strengthen the significance of application of repeated-root cyclic code over finite chain ring in the coding theory and cryptology, the structure of cyclic codes and dual codes with length psn, (n prime to p) over the ring Fqd + uFqd+…+upa-1Fqd (upa = 0) are thoroughly studied, when d=1, q=p and p =k, that is, the structure of cyclic codes and dual codes (N=psn) over R=Fp[u]/<uk>. Based on the basic concepts of Fqd +uFqd+…+upa-1Fqd (upa = 0 ), some major properties of Galois ring GR(uk,m) and its extension ring Suk(m,ω) are given. Using the definition and properties of torsion code of the ring GR(uk ,m), it is first proved that Torj(c) is an ideal of S = Fpm [ω]/<ωps-1>, then it is proved that C=<s0,us1,…, uk-1Sk-1> is the polynomial representation of the corresponding ideals over Suk(m,ω) . Finally, an isomorphismγbetween R[X]/<XN-1> and a direct sum⊕h∈I Suk(mh,ω) can be obtained using discrete Fourier transform. The generator polynomial representation of the corresponding ideals over R=Fp[u]/<uk> is calculated via the inverse isomorphism ofγ, moreover, the structure of dual code is also obtained using discrete Fourier transform. This research is helpful to find the better post-quantum digital signature schemes based on error correcting codes and lattice.2. We show how to construct code-based public key encryption schemes. In terms of F -metric, a new modification of the McEliece and Niederreiter public key cryptosystem based on maximum F-distance codes are proposed. The legal party chooses a random matrix as an extra secret key and adds it to the original public key to produce a new modified public key, which makes this cryptosystem effective makes these cryptosystem are effective for resisting the attack based on getting private keys from known public keys. Moreover, attacks on such a system are also investigated; it is shown that the McEliece and Niederreiter public key cryptosystem based on maximum F-distance codes is secure and feasibile. Moreover, the fast decoding method of maximum F-distance codes is presented in this chapter.3 We show how to construct provable security code-based public-key encryption schemes. By means of reviewing currently known attacks to original Niederreiter public-key encryption schemes and the F-Niederreiter that constructed in chapter 4, we come up with the assumptions that F-Niederreiter and Niederreiter public-key encryption schemes are one-way function. Then, two new F-Niederreiter and one new Niederreiter public-key encryption schemes under the assumption are proposed, and these new public-key encryption schemes can be proven, in the random oracle model, to be security.4. We present how to construct a certificateless digital signature scheme using error correcting codes. To construct a post-quantum digital signature scheme with special proterty, the thesis first deeply study certificateless public key encryption scheme.By adjusting the steps of original certificateless public key encryption scheme (CL-PKE), an efficient certificateless public key encryption scheme against malicious key generation center (KGC) using bilinear maps is put forward. The encryption algotithm only need one power computation and the decryption only need one paring computation. The scheme is more efficient than other exiting scheme. Additionally, the security reach chosen-ciphertext secure in the random oracle model assuming the CDH and p-BDHI problem is difficult. Then, we use certificateless public key cryptography to construct a code-based post-quantum digital signature scheme.更多还原