Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,th...Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,the BIKE scheme based on QC-MDPC(Quasi Cyclic Medium Density Parity Check)codes still faces challenges such as the GJS attack and weak key attacks targeting the decoding failure rate(DFR).This paper analyzes the BGF decoding algorithm of the BIKE scheme,revealing two deep factors that lead to DFR,and proposes a weak key optimization attack method for the BGF decoding algorithm based on these two factors.The proposed method constructs a new weak key set,and experiment results eventually indicate that,considering BIKE’s parameter set targeting 128-bit security,the average decryption failure rate is lowerly bounded by.This result not only highlights a significant vulnerability in the BIKE scheme but also provides valuable insights for future improvements in its design.By addressing these weaknesses,the robustness of QC-MDPC code-based cryptographic systems can be enhanced,paving the way for more secure post-quantum cryptographic solutions.展开更多
Verifiable secret sharing mainly solves the cheating behavior between malicious participants and the ground control center in the satellite network.The verification stage can verify the effectiveness of secret shares ...Verifiable secret sharing mainly solves the cheating behavior between malicious participants and the ground control center in the satellite network.The verification stage can verify the effectiveness of secret shares issued by the ground control center to each participant and verify the effectiveness of secret shares shown by participants.We use a lot of difficult assumptions based on mathematical problems in the verification stage,such as solving the difficult problem of the discrete logarithm,large integer prime factorization,and so on.Compared with other verifiable secret sharing schemes designed for difficult problems under the same security,the verifiable secret sharing scheme based on the Elliptic Curve Cryptography(ECC)system has the advantages of less computational overhead and shorter key.At present,the binary polynomial is a single secret scheme and cannot provide effective verification.Therefore,based on a Protected Verifiable Synchronous Multi Secret Sharing(PVS-MSS)scheme,this paper is designed based on bivariate asymmetric polynomials.The advanced verifiable attribute is introduced into the Protected Secret Sharing(PSS)scheme.This paper extends the protected synchronous multi-secret sharing scheme based on bivariate polynomial design.The ECC system constructs the security channel between the ground control center and participants and constructs the verification algorithm.Through the verification algorithm,any participant can verify the consistency and effectiveness of the secret shadow and secret share received from other participants or presented by the secret distribution center.Therefore,no additional key agreement protocol is required;participants do not need to negotiate the session key for encryption;the secret share polynomial can generate the session key between participants and speed up the secret reconstruction process.The verification stage has lower computational complexity than the verifiable scheme constructed by Rivest Shamir Adleman (RSA) and other encryption methods. Chinese Remainder Theorem (CRT)is used to update the secret shadow. The secret shadow does not need to beupdated with the change of the scheme shared secret, and the public valueupdate efficiency is higher. Reduce the complexity of sharing secret updatesin a synchronous multi-secret sharing scheme.展开更多
In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement...In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement protocols based on lattice up to now.To solve this issue,an improved key agreement protocol with post quantum security is proposed.Firstly,by analyzing the Wess-Zumino model+(WZM+)key agreement protocol based on small integer solution(SIS)hard problem,it is found that there are fatal defects in the protocol that cannot resist man-in-the-middle attack.Then based on the bilateral inhomogeneous small integer solution(Bi-ISIS)problem,a mutual authenticated key agreement(AKA)protocol with key confirmation is proposed and designed.Compared with Diffie-Hellman(DH)protocol,WZM+key agreement protocol,and the AKA agreement based on the ideal lattice protocol,the improved protocol satisfies the provable security under the extend Canetti-Krawczyk(eCK)model and can resist man-in-the-middle attack,replay attack and quantum computing attack.展开更多
基金funded by Beijing Institute of Electronic Science and Technology Postgraduate Excellence Demonstration Course Project(20230002Z0452).
文摘Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,the BIKE scheme based on QC-MDPC(Quasi Cyclic Medium Density Parity Check)codes still faces challenges such as the GJS attack and weak key attacks targeting the decoding failure rate(DFR).This paper analyzes the BGF decoding algorithm of the BIKE scheme,revealing two deep factors that lead to DFR,and proposes a weak key optimization attack method for the BGF decoding algorithm based on these two factors.The proposed method constructs a new weak key set,and experiment results eventually indicate that,considering BIKE’s parameter set targeting 128-bit security,the average decryption failure rate is lowerly bounded by.This result not only highlights a significant vulnerability in the BIKE scheme but also provides valuable insights for future improvements in its design.By addressing these weaknesses,the robustness of QC-MDPC code-based cryptographic systems can be enhanced,paving the way for more secure post-quantum cryptographic solutions.
基金This work is supported by The State Key Laboratory of Integrated Services Networks,Xidian University(ISN22-13).
文摘Verifiable secret sharing mainly solves the cheating behavior between malicious participants and the ground control center in the satellite network.The verification stage can verify the effectiveness of secret shares issued by the ground control center to each participant and verify the effectiveness of secret shares shown by participants.We use a lot of difficult assumptions based on mathematical problems in the verification stage,such as solving the difficult problem of the discrete logarithm,large integer prime factorization,and so on.Compared with other verifiable secret sharing schemes designed for difficult problems under the same security,the verifiable secret sharing scheme based on the Elliptic Curve Cryptography(ECC)system has the advantages of less computational overhead and shorter key.At present,the binary polynomial is a single secret scheme and cannot provide effective verification.Therefore,based on a Protected Verifiable Synchronous Multi Secret Sharing(PVS-MSS)scheme,this paper is designed based on bivariate asymmetric polynomials.The advanced verifiable attribute is introduced into the Protected Secret Sharing(PSS)scheme.This paper extends the protected synchronous multi-secret sharing scheme based on bivariate polynomial design.The ECC system constructs the security channel between the ground control center and participants and constructs the verification algorithm.Through the verification algorithm,any participant can verify the consistency and effectiveness of the secret shadow and secret share received from other participants or presented by the secret distribution center.Therefore,no additional key agreement protocol is required;participants do not need to negotiate the session key for encryption;the secret share polynomial can generate the session key between participants and speed up the secret reconstruction process.The verification stage has lower computational complexity than the verifiable scheme constructed by Rivest Shamir Adleman (RSA) and other encryption methods. Chinese Remainder Theorem (CRT)is used to update the secret shadow. The secret shadow does not need to beupdated with the change of the scheme shared secret, and the public valueupdate efficiency is higher. Reduce the complexity of sharing secret updatesin a synchronous multi-secret sharing scheme.
基金This work was supported by the China State Cryptography Development Fund of Thirteen Five-year(MMJJ20170110).
文摘In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement protocols based on lattice up to now.To solve this issue,an improved key agreement protocol with post quantum security is proposed.Firstly,by analyzing the Wess-Zumino model+(WZM+)key agreement protocol based on small integer solution(SIS)hard problem,it is found that there are fatal defects in the protocol that cannot resist man-in-the-middle attack.Then based on the bilateral inhomogeneous small integer solution(Bi-ISIS)problem,a mutual authenticated key agreement(AKA)protocol with key confirmation is proposed and designed.Compared with Diffie-Hellman(DH)protocol,WZM+key agreement protocol,and the AKA agreement based on the ideal lattice protocol,the improved protocol satisfies the provable security under the extend Canetti-Krawczyk(eCK)model and can resist man-in-the-middle attack,replay attack and quantum computing attack.
