| Key encapsulation mechanism(KEM) is a kind of Key distribution mech-anism, it is used to make the sender and receiver safely share a random session key. KEM is mainly used in key encapsulation mechanism-data encapsu-lation mechanism(KEM-DEM) hybrid encryption. In the KEM-DEM mode, the encryption process is divided into two parts. Firstly, KEM uses receiver’s public key to produce a symmetric key. Secondly, DEM encrypt messages by a symmetrie encipherment algorithm. KEM is more efficient and succinet than the mode which randomly selects a symmetric cryptosystem key and encrypt it by public key cryptographic algorithm, and it can get across the limits of the space of plaintext.Shoup[8] initially proposed the concept of key encapsulation mechanism, he diveded the encryption process into two parts which were KEM and DEM. Nowdays, the KEM-DEM hybrid encryption is the most efficient encryption scheme. In the meantime, Shoup provided several classical KEM scheme, such as ECIES-KEM, PSEC-KEM, ACE-KEM, RSA-KEM and so on. Later, Dent introduced the general construction method of KEM:constucting a strong security KEM by transforming a weak security public-key encryption scheme. In recent years. KEM has displayed a big advantage because of its tenseness and efficiency, it has been adopted by many standards and drafts. New KEM has continued to pour out, and their security has been proved. But the CCA-secure schemes that can be proved in the standard model are few in number, Even with strong tools such as the Cramer Shoup framework[14] such schemes seem to be hard to obtain. Finally Kristiyan Haralambiev, Tibor Jager, Eike Kiltz and Victor Shoup raised a simple and effient KEM which was proved CCA-secure from computational Diffie-Hellman in the standard model.Based on Shoup’s scheme, this paper constructs a concrete key encapsu-lation algorithm by selecting and constructing proper bilinear pairing, bilinear groups and some other parameters. The algorithm in this paper is CCA-secure, which is based on standard Diffie-Hellman assume. In the process of construct-ing this algorithm, we have made use of bilinear pairing. The bilinear pairing, which is developed in recent years, has been an important tool for constructing cipher system. It has a distinctive property, namely it has two input variables and the property of bilinear makes the coefficients of variables can be trans-formed flexibly. So it can be used to construct many cryptography schemes than can not be constructed by another math tools, or it can be used to con-struct some cryptography schemes that has more functions than the schemes constructed by another tools. Bilinear pairing can be deduced by Weil pairing or Tate pairing, the bilinear pairing in this paper is deduced by Weil pairing. The security of the key encapsulation algorithm in this paper is based on the hardness of the elliptic curve discrete logarithm problem(ECDLP) of elliptic curve over finite field. At present. i1is widely believed that the ECDLP of non-supersingular elliptic curve over finite field is more hard than the hard-ness of the discrete logarithm problem over finite field, so the cryptography schemes constructed by elliptic curve have shorter keys and block lengths. At the end of the paper, we simply analyse the computational complexity of the concrete algorithm. |
PDF Full Text Request