节点文献

网络安全传输协议的若干问题研究

Research on Protocols of Network Secure Transmissions

【作者】 罗明星

【导师】 胡正名;

【作者基本信息】 北京邮电大学 , 密码学, 2011, 博士

【摘要】 网络通信是信息化的必然趋势。经典密码技术用来保障网络信息的安全服务,但也呈现冗余较大、计算复杂度较高和安全性不高等缺陷。特别是,随着各种网络个性化服务要求的提高,如何克服这些问题已成为网络化时代的研究重点之一。长期以来,经典网络通信采用存储-转发机制提高路由效率,人们也普遍认为中间节点的编码能力不会为网络传输带来任何收益。然而,Ahlswede等在2000年提出的网络编码理论彻底推翻了这种传统观点。网络编码是通过赋予网络中间节点一定的信息处理能力,来实现香农最大容量的网络多播。它是近年来通信领域的一项重大突破。网络编码在提高传输效率的同时,也是一种解决经典网络安全传输的可行技术。与经典通信不同,量子通信基于量子力学的基本原理,旨在构建无条件安全的通信方式。它不仅为解决经典安全问题提供方法和思路,同时也独具魅力。两方量子通信已得到了广泛研究,而量子网络通信的研究才刚刚起步,也是量子信息发展的重要方向。相对于完善的经典网络通信,量子网络通信的研究刚见雏形。单源网络和单宿网络虽然结构简单,但却是最基本的通信类型,它的研究势必触发量子通信的网络化发展。此外,量子单向函数作为量子非对称密码的基础要素,将对量子安全通信的研究起到很大的推动作用。本论文针对经典网络通信和量子网络通信的一些基础问题进行研究。内容涉及经典网络安全多播、半量子安全通信、量子安全网络通信和量子非对称密码。具体包括:抗窃听安全多播算法和Byzantine攻击检测算法的设计,半量子安全直接通信协议的设计,基于单源和多源量子网络的多方远程制备协议的设计和实验架构,以及量子单向函数研究和其在量子非对称密码学中的应用。论文的主要创新工作简要归纳如下:1.基于广义窃听攻击模型和分组密码学技术all-or-nothing变换,构造广义组合网络上的多播算法,其信息论安全性由网络吞吐量和窃听集的最小割共同刻画。此结论被推广到任意单信源有向无圈网络。与已有结论相比,这种多播算法无额外加密开销,也无传输冗余。进而,利用经典加密技术,构造了达到计算安全的多播算法,其优点在于取消了窃听集合的所有限制。最后,结合经典加密和认证技术,针对更大危险的Byzantine攻击,设计了较已有算法更高效、更大成功概率的检测算法。2.针对带有经典通信方和量子通信方的混合通信情形,在赋予经典方一定的量子测量能力情况下,提出了一个完全鲁棒的量子协议,实现量子端向经典端分发消息。基于此协议,进一步提出两个半量子安全对话协议。由于两方之间的不对称性,这两个交互协议并不等价于两次半量子消息分发协议。这些协议与以前的纯量子通信存在本质区别,为构建经典网络和量子网络的混合通信网络奠定了理论基础。3.针对单源量子多方通信,首先提出了一个三方远程制备协议,即一个发送方向两个远距离接收方制备任意两粒子态,包括实系数和复系数制备态。其量子信道是由一个EPR对和一个GHZ态来构建,并扩展到部分纠缠资源情况。这些协议实现了带有量子控制的安全传输。进而,又设计一个发送方给多个接收方远距离制备一个任意W-class态的多方远程制备协议。与已有协议相比,本方案的成功概率为1,且发送者并不知道实际接收者,具有很好的隐蔽性。该方案利用两个GHZ态来构建量子信道,结合新的纠缠转换,发送方能顺利完成W-class态的远程制备。最后,也计算了所有协议的经典资源花费以衡量效率和成本。4.针对多源量子多方通信,本文通过构造有用的测量基,首先证明两个发送方能为接收者联合制备一个复系数三粒子态。其量子资源为预先共享的三个GHZ态。接着,首次引入置换群将制备态分类以提高成功概率。进而,在不同的测量基下,又提出更经济的协议来联合制备一个实系数三粒子态。这些协议都被扩展到多方,同时也计算了所有协议的经典资源消耗。最后,基于一些已有的联合制备协议,提出了一些新协议和量子线路与光线路来实现联合制备单量子态。通过构造SO(4)中的特殊变换的KAK分解,给出了量子线路来实现联合制备一个任意两量子比特态。此外,也提出一些确定的联合方案。5.量子单向函数在量子密码学中扮演基础性角色,它是量子非对称密码系统的基础部件之一。本文基于单参数酉群,构建了一类量子单向函数和量子限门函数的候选框架。酉群的动态特征在一定程度上保证其单向性和不同层次的量子不可区分性,其无限小发生子的同时近似保证了其物理上的可行性。进而,利用这些特殊函数,构建新的安全的量子密码系统,例如量子公钥系统用来加密经典和量子信息,无仲裁的量子签名方案实现经典信息的量子化签名。

【Abstract】 Network communication is the inevitable trend of informatization. The classical cryptology techniques have been used to guarantee the security of network information service. However, it also shows some disadvantages such as big redundancy, hige computational complexity and low security. Especially, with the enhancement of personalized newtwork service, how to address these problems has become one important research of networked era.For a long time, the classical network communication has taken use of the store-forward switching to increase route efficiency, and it is generally accepted that the coding ability of the network node won’t bring any gains for network transmission. However, in 2000 Ahlswede etc propose the network coding theory thoroughly overthrowing the traditional idea. Network coding is by endowing some information processing ability for network nodes, and can achieve the network multicast with the Shannon’s maximal capacity. It is a major breakthrough in communications field recently. Network coding has unique advantages in the transmission efficiency, and is also feasible technique to solve the secure transmission on the classical network.Different form classical communication, quantum communication based on the basic principle of quantum mechanics, aims to establish some unconditional secure communication ways. It not only prviodes new ways and ideas to solve the problem with classical secure problems, but also has its own glamour. The quantum communication with two parties has been widely studied, however, the multiparties communications have just started, is also an important direction of quantum information. Comparing with the perfect classical network communications, the quantum network communications just appear its prototype. Although the networks with single source or single sink have simple structures, but they are the most basic communication types, and will trigger the research of quantum networking. In addition, quantum one-way functions as the primitives of the quantum asymmetric cryptology, has played a significant role in the research of quantum security communication. This thesis aims to study some basic questions of classical network communication and quantum network communication, including the classical network multicast, semiquantum secure communication, quantum network communication and quantum asymmetric cryptosystems. Specific includes:design some algorithms to resist eavesdroper and detect the Byzantine attack, construct semiquantum secure direct communication protocol, propose some quantum remote preparation schemes with single source and multisources and some experiment architectures, and study the quantum one-way functions and its applications in quantum asymmetric cryptosystems. We briefly summarize the main innovation work as follows:1. Based on the generalized eavesdropping model and all-or-nothing transformation, we construct some network mutlicast on the generalized combination networks, its security can be characterized by the network capacity and the min-cut bound of wiretapping set from the source. It can be extended to any directed acyclic networks with single source. Compared with the traditional results, this algorithm has no additional encryptions and giving up any capacity. Furthermore, using classical encryption technology, construct the multicast algorithm under the computation security, the advantage is to cancel all the restrictions on the eavesdropping sets. Finally, combined with classical encryption and authentication technology, propose some algorithm with more efficient and greater successful probability to detect at greater risk of Byzantine attack.2. As for the network communication with some classical access and quantum access, under the case of endowing certain quantum measurement ability to classical parties, puts forward a completely robust quantum scheme, to realize the quantum party distributes the classical infromation to the classical party. Based on this scheme, two semiquantum dialogue schemes are proposed. However, these two schemes cannot be easily replaced by two times of the present distribution schemes because of non-symmetry of two participates. These properties of the present schemes are in essential different from previous schemes of two-party with only quantum or classical capabilities, and establish the theoretical basis for constructing the mixed networks of quantum network and classical network.3. As for the single source quantum network, we first propose a remote preparation schemes with three parties, i.e., one sender remotely prepares an arbitrary two-qubit state to either of two receivers. Two cases of the prepared quantum state, an arbitrary two-qubit state with real coefficients and complex coefficients, are considered. One single EPR pair and a GHZ state are used as the quantum channel, and then the present scheme is extended to some partially entangled sources. These schemes realized the secure transmission with quantum control. Furthermore, we design a sender remotely prepares an arbitrary W-class state to multiple receivers. Compared with previous schemes, its successful probability is 1, moreover, the sender does not know the final receiver and this scheme has very good concealment.The scheme uses two GHZ state to build quantum channel, combined with the new entangle swapping, the sender can successfully remotely prepare W-class state. Finally, also calculate the cost of classic resources to measure the efficiency and cost.4. As for the multi-sources quantum network, by constructing some useful measurement bases, we first show that two senders can jointly prepare a three-qubit state of complex coefficients to a remote receiver via the three shared GHZ states. Then, the success probability can be improved by using the permutation group to classify the preparation state. Furthermore, under some different measurement bases, we propose another scheme to jointly prepare a three-qubit state of real coefficients with less restriction. The present schemes are extended to multi-sender, and the classical communication costs of all the schemes are also calculated. Finally, motivated by some previous joint remote preparation schemes, we propose some quantum circuits and photon circuits to jointly prepare an arbitrary one-qubit state. By constructing KAK decomposition of some transformation in SO(4), one quantum circuit is constructed for jointly preparing an arbitrary two-qubit state to the remote receiver.In addition, some deterministic schemes of jointly preparing one-qubit and two-qubit states are presented.5. Quantum one-way functions play a fundamental role in the quantum asymmetric cryptology because of its necessity for the secure encryption schemes taking into account the quantum computer. In this thsis we establish a theoretical candidate for one class of the quantum one-way functions and quantum trapdoor functions based on one-parameter unitary groups.The dynamics of parameterized unitary groups ensure the one-wayness and quantum undistinguishability in different levels, and the physical feasibility is derived from the simultaneous approximation of its infinitesimal generators. Moreover, these special functions are used to construct some secure cryptosystems such as quantum public-key cryptosystems and quantum signature without arbitrage for encrypting and signing the classical and quantum information resepectively.

节点文献中: