EAGER: Implementing Practical Provably Secure Authenticated Key Exchange for the Post-Quantum World

EAGER：为后量子世界实施实用的、可证明安全的认证密钥交换

• 批准号: 1565748
• 负责人: Jintai Ding
• 金额: $ 14.2万
• 依托单位: University of Cincinnati Main Campus
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-12-15 至 2018-11-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1565748&HistoricalAwards=false
• 关键词: EAGER; Implementing; Practical; Provably; Secure

Cyber security is considered one of the most important aspects of our information technology based society. Key Exchange(KE) is a fundamental cryptographic primitive, and authenticated KE (AKE) is one of the most used cryptographic tools in secure communication protocols (e.g. SSL/TLS, IPSec, SSH) over the Internet. In light of the threat that quantum computers pose to cryptosystems such as RSA and ECC, this project is devoted to the development of secure and efficient AKE alternatives for the post-quantum computer world, which is now considered of a high priority by the US government. This project will help develop new AKEs that have the great potential in cyber security for our society. The success of the project will not only have very significant practical values, but also will have a broad impact on theoretical mathematics and computation. This project will have a significant impact on the collaboration we are developing with the Post-Quantum cryptography group at the National Institute of Standard of Technology, where a significant amount of efforts is devoted to the study of quantum resistant AKEs. The PI will teach and work with undergraduate and graduate students, and recruit students from under represented groups in science.This project intends to develop AKE schemes but based on problems resistant to quantum computer attacks, in particular, we would like to develop efficient and secure implementations of AKE based on the learning with errors problems (LWE) and ring-LWE (RLWE) problems, as well as the selection of concrete parameters for applications with the goal developing secure and efficient systems for the post-quantum world. Such a system should enjoy the potential benefits of lattice-based constructions such as asymptotic efficiency, conceptual simplicity, worst-case hardness assumptions, and provable security, which makes it perfect for the post-quantum world. This key component of the project is based on several promising innovative ideas coming from preliminary experiments and theoretical results we have established, and this project also includes fundamental new ideas in addressing a diverse set of challenges in the design of AKEs. The results will lead to a better understanding of the fundamentals of the AKEs based on LWE and to methods on how to design more secure and efficient AKEs for practical applications. Our research approach is a synergistic combination of new mathematical ideas and systematic computer experiments.

网络安全被认为是我们信息技术社会最重要的方面之一。密钥交换（KE）是一种基本的密码原语，认证密钥交换（AKE）是Internet上安全通信协议（如SSL/TLS、IPSec、SSH）中最常用的密码工具之一。鉴于量子计算机对RSA和ECC等密码系统构成的威胁，该项目致力于为后量子计算机世界开发安全有效的AKE替代品，这是美国政府目前高度重视的问题。该项目将有助于开发新的AKE，这些AKE在我们社会的网络安全方面具有巨大潜力。该项目的成功不仅具有非常重要的实用价值，而且将对理论数学和计算产生广泛的影响。该项目将对我们与国家标准技术研究所的后量子密码学小组的合作产生重大影响，该小组投入了大量精力研究量子抗性AKE。PI将与本科生和研究生一起教学和工作，并从科学领域的代表性较低的群体中招募学生。该项目旨在开发AKE方案，但基于抵抗量子计算机攻击的问题，特别是，我们希望开发基于错误学习问题（LWE）和环LWE（RLWE）问题的高效和安全的AKE实现，以及为应用程序选择具体参数，目标是为后量子世界开发安全有效的系统。这样的系统应该享受基于格的构造的潜在好处，例如渐近效率，概念简单，最坏情况下的硬度假设和可证明的安全性，这使得它非常适合后量子世界。该项目的这一关键组成部分是基于我们已经建立的初步实验和理论结果中的几个有前途的创新想法，该项目还包括解决AKE设计中各种挑战的基本新思路。研究结果将有助于更好地理解基于LWE的AKE的基本原理，以及如何为实际应用设计更安全、更有效的AKE的方法。我们的研究方法是新的数学思想和系统的计算机实验的协同组合。