可证明安全性理论与方法研究
作者:
基金项目:

Supported by the National Grand Fundamental Research 973 Program of China under Grant No.G1999035802(国家重点基础研究发展规划(973));the National Natural Science Foundation of China under Grant No.60273027(国家自然科学基金)


Research on Theory and Approach of Provable Security
  • 摘要
  • | |
  • 访问统计
  • |
  • 参考文献 [32]
  • |
  • 相似文献
  • |
  • 引证文献
  • | |
  • 文章评论
    摘要:

    论述了可证明安全性理论在安全方案与安全协议的设计与分析中的应用,内容主要包括:什么是可证明安全性,可证明安全性理论涉及到的一些基本概念,RO(random oracle)模型方法论的基本思想及其在公钥加密和数字签名等方案中的应用研究进展,标准模型下可证明安全性理论在公钥加密和数字签名等方案中的应用研究进展,以及可证明安全性理论在会话密钥分配协议的设计与分析中的应用研究进展.

    Abstract:

    This paper presents a survey on the theory of provable security and its applications to the design and analysis of security protocols. It clarifies what the provable security is, explains some basic notions involved in the theory of provable security and illustrates the basic idea of random oracle model. It also reviews the development and advances of provably secure public-key encryption and digital signature schemes, in the random oracle model or the standard model, as well as the applications of provable security to the design and analysis of session-key distribution protocols and their advances.

    参考文献
    [1]Bellare M. Practice-Oriented provable-security. In: Damgard I, ed. Modem Cryptology in Theory and Practice. LNCS 1561, Berlin,Heidelberg: Springer-Verlag, 1999. 1-15.
    [2]Goldreich O. Foundations of Cryptography. Cambridge: Cambridge University Press, 2001.
    [3]Goldwasser S, Micali S. Probabilistic encryption. Journal of Computer and System Science, 1984,28:270-299.
    [4]Goldwasser S, Micali S, Rivest R. A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of Computing, 1988,17(2):281-308.
    [5]Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. In: Proc. of the 1st ACM Conf.on Computer and Communications Security. New York: ACM Press, 1993.62-67. http:∥doi.acm.org/10.1145/168588.168596
    [6]Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. Journal of the ACM, 2004,51(4):557-594.
    [7]Pointcheval D. Asymmetric cryptography and practical security. Journal of Telecommunications and Information Technology, 2002,4:41-56.
    [8]Bellare M, Bilian J, Rogaway P. The security of cipher block chaining. In: Desmedt Y, ed. Proc. of the Advances in CryptologyCrypto'94. LNCS 839, Berlin, Heidelberg: Springer-Verlag, 1994. 341-358.
    [9]Bellare M, Rogaway P. Optimal asymmetric encryption. In: Santis A.D, ed. Proc. of the Advances in CryptologyEUROCRYPT'94. LNCS 950, Berlin, Heidelberg: Springer-Verlag, 1995.92-111.
    [10]Bellare M, Rogaway P. The exact security of digital signatures-How to sign with RSA and rabin. In: Maurer U, ed. Proc. of the Advances in Cryptology-Eurocrypt'96 Proc. LNCS 1070, Berlin, Heidelberg: Springer-Verlag, 1996. 399-416.
    [11]Fiat A, Shamir A. How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko A, ed. Proc. of the Advances in Cryptology-Crypto'86. LNCS 263, Berlin, Heidelberg: Springer-Verlag, 1986. 186-194.
    [12]Micali M, Reyzin L. Improving the security of digital signature schemes. Journal of Cryptology, 2002,15(1):1-18.
    [13]Pointcheval D, Stern J. Security proofs for signature schemes. In: Maurer U, ed. Proc. of the Advances in CryptologyEUROCRYPT'96. LNCS 1070, Berlin, Heidelberg: Springer-Verlag, 1996. 387-398.
    [14]Bellare M, Neven G. Transitive signatures based on factoring and RSA. In: Zheng Y, ed. Proc. of the Advances in CryptologyASIACRYPT 2002. LNCS 2501, Berlin, Heidelberg: Springer-Verlag, 2002. 397-4 14.
    [15]Goh EJ, Jarecki S. A signature scheme as secure as the Diffie-Hellman problem. In: Biham E, ed. Proc. of the Advances in Cryptology-EUROCRYPT 2003. LNCS 2656, Berlin, Heidelberg: Springer-Verlag, 2003. 401-415.
    [16]Koeune F. Careful design and integration of cryptographic primitives with contributions to timing attack, padding schemes and random number generators [Ph.D. Thesis]. Louvain-la-Neuve: Universite Catholique de Louvain, 2001.
    [17]Gennaro R, Halevi S, Rabin T. Secure Hash-and-sign signatures without the random oracle. In: Stern J, ed. Proc. of the Advances in Cryptology-EUROCRYPT'99. LNCS 1592, Berlin, Heidelberg: Springer-Verlag, 1999. 123-139.
    [18]Cramer R, Shoup V. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk H, ed. Proc. of the Advances in Cryptology-Crypto'98. LNCS 1462, Berlin, Heidelberg: Springer-Verlag, 1998. 13-25.
    [19]Needham R, Schroeder M. Using encryption for authentication in large networks of computers. Communications of the ACM, 1978,21 (12) :993 -999.
    [20]Sacco G. Timestamps in key distribution protocols. Communications of the ACM, 1981,24(8):523-536.
    [21]Burrows M, Abadi M, Needham R. A logic for authentication. ACM Trans. on Computer Systems, 1990,8(1):18-36.
    [22]Bellare M, Rogaway P. Entity authentication and key exchange. In: Stinson D.R, ed. Proc. of the Advances in CryptologyCrypto'93. LNCS 773, Berlin, Heidelberg: Springer-Verlag, 1993. 232-249.
    [23]Bellare M. Provably secure session key distribution-The three party case. In: Proc. of the ACM Symp. on the Theory of Computing. New York: ACM Press, 1995.57-66. http:∥doi.acm.org/10.1145/225058.225084
    [24]Bellare M. The challenge of session-key distribution protocols. In: Proc. of the 7th Annual Workshop on Selected Areas in Cryptography (SAC 2000). Waterloo, 2000. http:∥www-cse.ucsd.edu/users/mihir/papers/kd-talk.pdf
    [25]Halevi S, Krawczyk H. Public-Key cryptography and password protocols. In: Proc. of the 5th ACM Conf. on Computer and Communications Security. San Francisco: ACM, 1998. 122-131. http:∥doi.acm.org/10.1145/288090.288118
    [26]Bellare M, Canetti R, Krawczyk H. A modular approach to the design and analysis of authentication and key exchange protocols. In:Proc. of the 30th Annual Symp. on the Theory of Computing. New York: ACM Preee, 1998. 419-428. http:∥doi.acm.org/10.1145/276698.276854
    [27]Micali S, Rogaway P. Secure computation. In: Feigenbaum J, ed. Proc. of the Advances in Cryptology-Crypto'91. LNCS 576,Berlin, Heidelberg: Springer-Verlag, 1991. 392-404.
    [28]Bellovin SM, Merritt M. Encrypted key exchange: Password-Based protocols secure against dictionary attacks. In: Proc. of the IEEE Symp. on Research in Security and Privacy. 1992.72-84. http:∥doi.ieeecomputersociety.org/10.1109/RISP. 1992.213269
    [29]Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attacks. In: Preneel B, ed. Proc. of the Advances in Cryptology-EUROCRYPT 2000. LNCS 1807, Berlin, Heidelberg: Springer-Verlag, 2000. 139-155.
    [30]Katz J, Ostrovsky R, Yung M. Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann B,ed. Proc. of the Advances in Cryptology-EUROCRYPT 2001. LNCS 2045, Berlin, Heidelberg: Springer-Verlag, 2001. 475-494.
    [31]Goldreich O, Lindell Y. Session-Key generation using human passwords only. In: Kilian J, ed. Proc. of the Advances in Cryptology -CRYPTO 2001. LNCS 2139, Berlin, Heidelberg: Springer-Verlag, 2001. 408-432.
    [32]Raimondo MD, Gennaro R. Provably secure threshold password-authenticated key exchange. In: Biham E, ed. Proc. of the Advances in Cryptology-EUROCRYPT 2003. LNCS 2656, Berlin, Heidelberg: Springer-Verlag, 2003. 507-523.
    相似文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

冯登国.可证明安全性理论与方法研究.软件学报,2005,16(10):1743-1756

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2004-07-06
  • 最后修改日期:2005-08-24
文章二维码
您是第20381016位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号