Full Text:   <400>

Summary:  <194>

CLC number: TP309.7

On-line Access: 2017-10-25

Received: 2017-01-12

Revision Accepted: 2017-04-17

Crosschecked: 2017-09-24

Cited: 0

Clicked: 1556

Citations:  Bibtex RefMan EndNote GB/T7714

 ORCID:

Mo-meng Liu

http://orcid.org/0000-0002-8545-5551

-   Go to

Article info.
Open peer comments

Frontiers of Information Technology & Electronic Engineering  2017 Vol.18 No.9 P.1348-1369

http://doi.org/10.1631/FITEE.1700039


Quantum security analysis of a lattice-based oblivious transfer protocol


Author(s):  Mo-meng Liu, Juliane Krämer, Yu-pu Hu, Johannes Buchmann

Affiliation(s):  State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an 710071, China; more

Corresponding email(s):   liumomeng@gmail.com

Key Words:  Oblivious transfer, Post-quantum, Lattice-based, Learning with errors, Universally composable


Mo-meng Liu, Juliane Krämer, Yu-pu Hu, Johannes Buchmann. Quantum security analysis of a lattice-based oblivious transfer protocol[J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18(9): 1348-1369.

@article{title="Quantum security analysis of a lattice-based oblivious transfer protocol",
author="Mo-meng Liu, Juliane Krämer, Yu-pu Hu, Johannes Buchmann",
journal="Frontiers of Information Technology & Electronic Engineering",
volume="18",
number="9",
pages="1348-1369",
year="2017",
publisher="Zhejiang University Press & Springer",
doi="10.1631/FITEE.1700039"
}

%0 Journal Article
%T Quantum security analysis of a lattice-based oblivious transfer protocol
%A Mo-meng Liu
%A Juliane Krämer
%A Yu-pu Hu
%A Johannes Buchmann
%J Frontiers of Information Technology & Electronic Engineering
%V 18
%N 9
%P 1348-1369
%@ 2095-9184
%D 2017
%I Zhejiang University Press & Springer
%DOI 10.1631/FITEE.1700039

TY - JOUR
T1 - Quantum security analysis of a lattice-based oblivious transfer protocol
A1 - Mo-meng Liu
A1 - Juliane Krämer
A1 - Yu-pu Hu
A1 - Johannes Buchmann
J0 - Frontiers of Information Technology & Electronic Engineering
VL - 18
IS - 9
SP - 1348
EP - 1369
%@ 2095-9184
Y1 - 2017
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/FITEE.1700039


Abstract: 
Because of the concise functionality of oblivious transfer (OT) protocols, they have been widely used as building blocks in secure multiparty computation and high-level protocols. The security of OT protocols built upon classical number theoretic problems, such as the discrete logarithm and factoring, however, is threatened as a result of the huge progress in quantum computing. Therefore, post-quantum cryptography is needed for protocols based on classical problems, and several proposals for post-quantum OT protocols exist. However, most post-quantum cryptosystems present their security proof only in the context of classical adversaries, not in the quantum setting. In this paper, we close this gap and prove the security of the lattice-based OT protocol proposed by Peikert et al. (CRYPTO, 2008), which is universally composably secure under the assumption of learning with errors hardness, in the quantum setting. We apply three general quantum security analysis frameworks. First, we apply the quantum lifting theorem proposed by Unruh (EUROCRYPT, 2010) to prove that the security of the lattice-based OT protocol can be lifted into the quantum world. Then, we apply two more security analysis frameworks specified for post-quantum cryptographic primitives, i.e., simple hybrid arguments (CRYPTO, 2011) and game-preserving reduction (PQCrypto, 2014).

一个格上不经意传输协议的量子安全性分析

概要:不经意传输协议(oblivious transfer, OT)因其简易的密码功能广泛应用于安全多方计算。以往OT协议都是基于传统数论问题(例如,离散对数,大数分解问题)所构造的,随着量子计算技术的发展,基于传统困难问题的OT协议安全性受到极大的威胁。因此,人们转而考虑使用后量子密码技术替代以往OT协议所依赖的传统困难问题。目前,已有一些基于后量子密码体制的OT协议被提出。然而,大多数后量子密码构造只在假设传统敌手存在的环境下证明其方案安全性。在本文中,我们在量子敌手存在的环境下,证明一个基于格公钥密码的OT协议([PVW08])的安全性。首先我们使用量子平移定理([Unr10])证明该协议的安全性可以完全平移到量子环境中,此外,我们还使用其他两个专用于分析后量子密码原语的分析模型([HSS11],[Son14])从不同的角度对该协议进行安全性分析,从而保证我们给出的量子安全证明的正确性。我们的成果可以看作对后量子密码协议分析模型的一个实际应用实例。

关键词:不经意传输;后量子;格公钥;带差错学习;通用可复合

Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article

Reference

[1]Bernstein, D.J., Buchamann, J., Dahmen, E., 2009. Post-Quantum Cryptography. Springer, Berlin.

[2]Canetti, R., 2001. Universally composable security: a new paradigm for cryptographic protocols. Proc. 42nd IEEE Symp. on Foundations of Computer Science, p.136-145.

[3]Damgård, I., Funder, J., Nielsen, J.B., et al., 2014. Super-position attacks on cryptographic protocols. LNCS, 8317:142-161.

[4]Even, S., Goldreich, O., Lempel, A., 1985. A randomized protocol for signing contracts. Commun. ACM, 28(6):637-647.

[5]Fehr, S., Katz, J., Song, F., et al., 2013. Feasibility and completeness of cryptographic tasks in the quantum world. LNCS, 7785:281-296.

[6]Gentry, C., Peikert, C., Vaikuntanathan, V., 2008. Trapdoors for hard lattices and new cryptographic constructions. Proc. 40th Annual ACM Symp. on Theory of Computing, p.197-206.

[7]Gilboa, N., 1999. Two party RSA key generation. LNCS, 1666:116-129.

[8]Hallgren, S., Smith, A., Song, F., 2011. Classical cryptographic protocols in a quantum world. LNCS, 6841:411-428.

[9]Hallgren, S., Smith, A., Song, F., 2015. Classical cryptographic protocols in a quantum world. Cryptology ePrint Archive, 2015/687. http://eprint.iacr.org/2015/687

[10]Ishai, Y., Kilian, J., Nissim, K., et al., 2003. Extending oblivious transfers efficiently. LNCS, 2729:145-161.

[11]Lai, R.W.F., Cheung, H.K.F., Chow, S.S.M., 2014. Trapdoors for ideal lattices with applications. LNCS, textbf8957:239-256.

[12]Lyubashevsky, V., Peikert, C., Regev, O., 2013. On ideal lattices and learning with errors over rings. J. ACM, 60(6):43.

[13]Micciancio, D., Regev, O., 2009. Lattice-based cryptography. phIn: Bernstein, D.J., Buchmann, J., Dahmen, E. (Eds.), Post-Quantum Cryptography. Springer, Berlin, p.147-191.

[14]Nielsen, M.A., Chuang, I.L., 2010. Quantum Computation and Quantum Information. Cambridge University Press, Cambridge.

[15]Peikert, C., 2009. Some recent progress in lattice-based cryptography. LNCS, 5444:72.

[16]Peikert, C., Vaikuntanathan, V., Waters, B., 2008. A framework for efficient and composable oblivious transfer. LNCS, 5157:554-571.

[17]Rabin, M.O., 1981. How to Exchange Secrets with Oblivious Transfer. Technical Report No. TR-81, Aiken Computation Lab, Harvard University, Cambridge, MA. http://eprint.iacr.org/2005/187

[18]Regev, O., 2005. On lattices, learning with errors, random linear codes, and cryptography. Proc. 37th Annual ACM Symp. on Theory of Computing, p.84-93.

[19]Sendrier, N., 2011. Code-based cryptography. In: van Tilborg, H.C.A., Jajodia, S. (Eds.), Encyclopedia of Cryptography and Security. Springer, New York, p.215-

[20]216.

[21]Song, F., 2014. A note on quantum security for post-quantum cryptography. LNCS, 8772:246-265.

[22]Unruh, D., 2010. Universally composable quantum multi-party computation. LNCS, 6110:486-505.

[23]Unruh, D., 2012. Quantum proofs of knowledge. LNCS, 7237:135-152.

[24]Watrous, J., 2009. Zero-knowledge against quantum attacks. SIAM J. Comput., 39(1):25-58.

[25]Zhandry, M., 2012. How to construct quantum random functions. IEEE 53rd Annual Symp. on Foundations of Computer Science, p.679-687.

Open peer comments: Debate/Discuss/Question/Opinion

<1>

Please provide your name, email address and a comment





Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - Journal of Zhejiang University-SCIENCE