摘要
认证密钥交换(AKE)协议可以使得在不安全信道通信的双方安全地协商一个共享的会话密钥。随着量子计算技术的迅速发展,基于Diffie-Hellman等经典数论假设设计的AKE协议受到严峻挑战。与之相对的,基于同源的密码学,特别是基于交换超奇异同源Diffie-Hellman(CSIDH)假设设计的认证密钥交换协议成为后量子时代AKE协议的备选算法之一。为厘清基于CSIDH相关问题设计AKE协议的主流方法,通过整理文献并分类总结等方式,给出了基于CSIDH相关假设设计的、包括显式认证和隐式认证两条技术路线的AKE协议的研究综述,并分析了不同协议的优缺点。研究结论可以为我国未来抗量子AKE相关协议的设计及标准化工作提供指导。
AKE(Authenticated Key Exchange)protocols enable two parties to securely establish a shared session key over an insecure channel.With the rapid development of quantum computing technology,conventional AKE protocols based on classical problems such as Diffie-Hellman become vulnerable to quantum attacks.In contrast,isogeny-based cryptography,particularly the CSIDH(Commutative Supersingular Isogeny Diffie-Hellman)protocols,emerge as promising candidate for post-quantum AKE protocols.A comprehensive survey of AKE protocols based on CSIDH assumption,including both explicit and implicit approaches,is proposed.Performance trade-offs of these protocols are also given.
作者
王洋
薛海洋
周国庆
曹越
黄宝盛
WANG Yang;XUE Haiyang;ZHOU Guoqing;CAO Yue;HUANG Baosheng(School of Mathematics,Shandong University,Jinan Shandong 250100,China;National Key Laboratory of Security Communication,Chengdu Sichuan 610041,China;School of Computing and Information System,Singapore Management University,178903,Singapore)
出处
《通信技术》
2026年第1期1-8,共8页
Communications Technology
基金
国家自然科学基金(12441104)
保密通信全国重点实验室稳定支持计划项目(WD202402)
保密通信全国重点实验室基金项目(6142103042402)
山东省青年基金(ZR2022QF039)。
