Unconditionally Secure Cryptography

无条件安全的密码学

• 批准号: RGPIN-2016-03882
• 负责人: Stinson, Douglas
• 金额: $ 3.93万
• 依托单位: University of Waterloo
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2016
• 资助国家: 加拿大
• 起止时间: 2016-01-01 至 2017-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=614695
• 关键词: Unconditionally; Secure; Cryptography

Unconditionally secure cryptographic protocols refer to protocols that can be proven secure mathematically without the need for any assumptions regarding the intractability of underlying computational problems. The first example of an unconditionally secure cryptosystem was the one-time pad, which was proven secure by Shannon. There are by now many examples of many such schemes. Examples include certain types of authentication codes, secret sharing schemes, key predistribution schemes, commitment schemes, tracing schemes, broadcast encryption, and even some schemes that are most often studied in the public-key setting, such as signature schemes. There has been increasing interest in post-quantum cryptography over the last 10-15 years, as an insurance policy in case a practical quantum computer is built. Indeed, the NSA announced in August 2015 that it intends to transition to quantum-resistant cryptography in its "Suite B'' of standardized cryptosystems. Most work in post-quantum cryptography involves constructing systems based on computational problems that are apparently hard to solve, even by quantum computers (e.g., lattice-based cryptography). Unconditionally secure cryptography can be regarded as the strongest form of post-quantum cryptography, since these protocols are by their very nature immune to attacks by (hypothetical) quantum computers. Security proofs in unconditionally secure cryptography ultimately rely on considerations from information theory and probability. Roughly speaking, a security proof establishes that an adversary does not have sufficient information to be able to compute some specified secret information or to successfully carry out a specified attack. The construction of unconditionally secure cryptographic schemes typically involve methods and techniques from various branches of mathematics, including combinatorics, coding theory, finite fields, group theory, number theory, etc. My objective is to continue to study various long-term research problems in unconditionally secure cryptography, as well as to initiate the study of new problems. Some specific research problems I plan to undertake include the following: 1. Construct new types of fingerprinting codes for tracing pirated content. 2. Give new constructions for unconditionally secure proof-of-retrievability schemes, especially in the (distributed) setting which employs multiple servers. 3. Give new constructions and necessary conditions for algebraic manipulation detection codes and investigate connections with related mathematical structures and cryptographic primitives. 4. Give new constructions and necessary conditions for generalized all-or-nothing transforms. Research in these specific areas (and others) will lead to new unconditionally secure cryptographic techniques that will be valuable in securing the internet in a post-quantum setting.

无条件安全的密码协议是指可以在数学上证明安全的协议，而不需要对底层计算问题的棘手性进行任何假设。无条件安全密码系统的第一个例子是一次性密码本，香农证明了它的安全性。到目前为止，有许多这样的计划的例子。例子包括某些类型的认证码，秘密共享方案，密钥预分配方案，承诺方案，跟踪方案，广播加密，甚至一些在公钥设置中最常研究的方案，如签名方案。 在过去的10-15年里，人们对后量子密码学的兴趣越来越大，这是一种保险政策，以防建立实用的量子计算机。事实上，美国国家安全局在2015年8月宣布，它打算在其标准化密码系统的“Suite B”中过渡到抗量子密码学。 后量子密码学中的大多数工作涉及基于显然难以解决的计算问题来构建系统，即使是量子计算机（例如，基于格的密码学）。无条件安全密码学可以被认为是后量子密码学的最强形式，因为这些协议本质上不受（假设的）量子计算机的攻击。 无条件安全密码学中的安全性证明最终依赖于信息论和概率的考虑。粗略地说，安全证明确定对手没有足够的信息来计算某些特定的秘密信息或成功地进行特定的攻击。无条件安全的密码方案的构造通常涉及来自数学的各个分支的方法和技术，包括组合学、编码理论、有限域、群论、数论等。 我的目标是继续研究无条件安全密码学中的各种长期研究问题，并开始研究新问题。我计划进行的一些具体研究问题包括： 1.建立新型的指纹识别码，用于追踪盗版内容。 2.给出了无条件安全的可检索性证明方案的新构造，特别是在使用多个服务器的（分布式）环境中。 3.给出代数操作检测码的新构造和必要条件，并研究与相关数学结构和密码学原语的联系。 4.给出了广义全有或全无变换的新构造和必要条件。 在这些特定领域（和其他领域）的研究将导致新的无条件安全的加密技术，这将是在后量子环境中保护互联网的价值。