Research On Public Key Cryptography Based On One-Way Shell Core Function

Public key cryptography is the core of information security and trusted computing. At the present stage, we have proposed lots of public key cryptography systems. However, these public key cryptography systems can be divided into two types. One is based on the problem of big integral factor, such as RSA. The other is based on the problem of discrete logarithm, such as ECC. With the appearance and development of quantum computer, RSA and ECC have been under a great threat. Therefore, searching a new alternative solution of public key cryptography is pressing. In this paper, we will construct a novel and more secure function by the idea of HFE public key cryptography. The function can overcome HFE deficiency and will be used as a new public key cryptography. This paper will finish the construction of the function by hardware technology of Programmable Logic Device (PLD), and this construction has the same security. This novel function is the core function of this paper—one-way shell core function.i. The introduction of one-way shell core functionFrom the definition of one-way function, for the given x , it is easy to compute y = f(x). In contrast, for the given y , it is hard to get the solution x of y = f(x). According to this feature, one-way function is equivalent to the given x that is sealed by a box.From the definition of one-way trap-door function, for the given x, it is easy to compute y = f(x). In contrast, for the given y , it is hard to get the solution x of y = f(x) .But if we know trap-door k, it is easy to compute x of y = f(x). According to this feature, one-way trap-door function is equivalent to the given x that is sealed by a box with a trap door.According to the features of above two functions, we give a more comprehensive and flexible one-way shell core function. It has two structures. One, inner function is one-way function C and outer function is one-way function S .The other, inner function is one-way function C and outer function is one-way trap-door function S . We have introduced packer function S and core function C and their inverse transformations—shell function S^-1(x) and peel core function C^-1(x). But peel core function C^-1(x) is not used basically. Thereinto, SC(x) = Sâ—‹C(x)= S(c(x)), shell core function SC(x) is a compound operation of packer function S and core function C.ii. The constructions of one-way shell core function1. The construction based on HFE public key cryptographyWe need to choose a one-way function as the inner function C. To do this, we construct core function C by the idea of HFE in MQ cryptosystem. We choose (r is a constant), its computation is proceeded in extended domainE of F R(x) and T(x) are affine functions over F, R(x) = M_Rx + u_R, T(x) = M_Tx + u_T.We also need to choose a one-way function as the outer function S. To do this, weconstruct packer function S by the idea of HFE. We choose (r' isa constant), its computation is proceeded in extended domain E of F. R'(x)å'ŒT'(x) are affine functions over F as R(x) and T(x) , R' (x) = M'_Rx + u'_R, T'(x) = M'_Tx + u'_T .The constructions of core function C and packer function S are similar to P(x) in HFE. Their same points are that they are computing over extended domain E of F and have the similar construction. Their difference is that P(x) in HFE is invertible, but C and S in one-way shell core function are one-way and irreversible. In order to ensure invertibility of P{x), r is not too big, but r of C and S should be big.We choose , (i = 1,2,...,m) that are m quadratic polynomials of n variables over F₂ as compound function SC .The problem of Solving x = (x₁,x₂,...,x_m)∈F₂ⁿ for the given y = (y₁,y₂,...,y_m)∈F₂^m is based onMultivariate Quadratic (MQ) over finite field. The problem is NP-hard.The one-way shell core function based on HFE public key cryptography can choosetrue random MQ equations. What is more, S(x) is one-way and irreversible. Therefore,one-way shell core function can resist attacks of GB, relinearization, XL, DR and fixingvariables.2. The construction based on Programmable Logic Device (PLD)We construct one-way shell core function by using OR arrays of fusible programmableunit. We choose two PLD with different nargin to construct the function. They are inner core function C(x) = PLD₁ (x₁, x₂,..., x_n) and outer packer functionS(x)=PLD₂(x₁,x₂,...,x_n1). Thereinto, one-way shell core function SC(x) is still acompound operation, SC(x) = S(c(x)) = PLD₂(PLD₁).In the shematic diagram of one-way shell core function based on PLD, fuses that are connected to emitter of transistors can be burned out in the OR arrays of PLD₁ and PLD₂. Every output is a logical function of the input, but specific logical function (blackbox function) can be chosen at random. Otherwise, if it has a specific function expression between input and output, it is hard to resist interpolation attack. The operation that is similar to the operation of one-time pad has strong randomicity and can not be breached.iii. The key exchange schemes of one-way shell core functionAccording to the idea of one-way shell core function, if Alice and Bob want to arrange a pair of session key, the following three schemes can be chosen.Scheme 1:(1) Alice arranges core function C(x) and shell core function SC(x) in public, and keeps packer function s(x) secrecy.(2) Bob chooses x randomly, and then, he computes C(x) and SC(x). After doing these, Bob will send C(x) to Alice.(3) After Alice receiving c(x), she will use secretive packer function s(x) to compute SC(x).Because of this, Alice and Bob have arranged a pair of session key SC(x).Scheme 2:(1) Alice arranges core function C(x) and shell core function SC(x) in public,and keeps shell function S^-1(x) secrecy.(2) Bob chooses x randomly, and then, he computes c(x) and SC(x). After doing these, Bob will send SC(x) to Alice.(3) After Alice receiving SC(x), she will use secretive shell function S^-1(x) to compute C(x).Because of this, Alice and Bob have arranged a pair of session key c(x).Scheme 3:(1) Alice arranges shell core functions SC(x) and S'C(x) in public, and keepsshell function S^-1(x) and packer function S'(x) secrecy.(2) Bob chooses x randomly, and then, he computes SC(x) and S'C(x). After doing these, Bob will send SC(x) to Alice.(3) After Alice receiving SC(x), she will use secretive shell function S^-1(x) to compute C(x) first. And then, she will use secretive packer function S'(x) to compute S'C(x).Because of this, Alice and Bob have arranged a pair of session key S'C(x).iv. The extended schemes of key exchange based on one-way shell core functionMany transformations will appear base on the most basic schemes in the practical application. If Alice and Bob want to arrange a pair of session key, the following several extended schemes can be chosen.The extended scheme of Scheme 1:(1) Alice arranges core function c(x) and shell core function S_k(...S₁(C(x)))in public, and keeps packer function S₁ (x), S₂ (x), ..., S_k (x) secrecy.(2) Bob chooses x randomly, and then, he computes C(x) and S_k (... S₁ (C(x))) . After doing these, Bob will send C(x) to Alice.(3) After Alice receiving c(x), she will use secretive packer function S₁ (x), S₂ (x) ...,S_k(x) to compute S_k(...S₁(C(x))).Because of this, Alice and Bob have arranged a pair of session key S_k (... S₁ (C(x))) .The extended scheme of Scheme 2:(1) Alice arranges core function C(x) and shell core function S_k(...S₁(C(x)))in public, and keeps shell function S₁^-1(x),S₂^-1(x),...,S_k^-1(x) secrecy.(2) Bob chooses x randomly, and then, he computes c(x) and S_k (... S₁ (c(x))). After doing these, Bob will send S_k(... S₁ (c(x))) to Alice.(3) After Alice receiving S_k(...S₁(C(x))), she will use secretive shell function S₁^-1(x),S₂^-1(x),...,S_k^-1(x) to compute C(x).Because of this, Alice and Bob have arranged a pair of session key C(x).The extended scheme Scheme 3:(1) Alice arranges shell core function CC' (x) and shell core function SC' (x) in public, and keeps peel core function C^-1(x) and packer function s(x) secrecy.(2) Bob chooses x randomly, and then, he computes CC' (x) and SC'(x). After doing these, Bob will send CC' (x) to Alice.(3) After Alice receiving CC' (x), she will use secretive peel core functionC^-1(x) to compute C' (x) first. And then, she will use secretive packer function s(x) to compute SC'(x).Because of this, Alice and Bob have arranged a pair of session key SC'(x).