| Key exchange is the core of modern cryptography, but also on the protection of critical Internet packets. Key exchange technology mainly involves two aspects:one is based on symmetric cryptography key exchange; the other is based on asymmetric cryptography (public key cryptography) key exchange.The key exchange is divided into need "trusted third party" and do not need two kinds of "trusted third party. "Key exchange is mainly to study how "safe convention session key" in a non-secure channel, if we can achieve secure key exchange between communicating parties, to ensure that communication can be realized. Has made a number of key exchange program, the main work of this paper is to key in the existing exchange programs for analysis and digestion, put forward the idea of a new key exchange programs, and to implement it.Ι. Key Exchange Technical BriefA key agreement protocol, also called a key exchange protocol, is a series of steps used when two or more parties need to agree upon a key to use for a secret-key cryptosystem. These protocols allow people to share keys freely and securely over any insecure medium, without the need for a previously-established shared secret.Diffie-Hellman key exchange is based on the discrete logarithm problem is the difficulty to achieve; the discrete logarithm problem is defined as follows: Discrete logarithm problem:Suppose Fp is a finite field, p is a prime number and g is generator, given y∈Fp, look for x,0≤x≤p, make y=gx, (satisfy y=gx is known as y on the discrete logarithm g)Suppose p is a prime number, it is acknowledged that the discrete logarithm GF(p)* is difficult, suppose g is generator, in order to achieve the purpose of communicating parties shared key, communication between the parties A and B, respectively, were as follows.(1) A as follows two steps:· A randomly selected integer xA,0≤xA<p-1;· Calculation yA=gxA mod p,yA will be sent to B.(2) B as follows two steps:·A randomly selected integer xB,0≤xB<p-1;·Calculate yB=gXB mod p, yB will be sent to A.(3) A calculate kA=yBA mod p, B calculation kB=yAxB mod p, easy to verify kA=kB, between A and B so as to achieve the purpose of establishing a shared key.Note:One of process, there is no pre-shared secret parameters between A and B. GF(p)*, g the public key is public parameters.Diffie-Hellman key exchange structure makes it vulnerable to "middle attack".Even if based on public key cryptography key exchange, if the public key is published by the parties rather than a trusted third party, but also vulnerable middle attack, the attacker is assumed that not only can listen Mallory information between Alice and Bob, but also modify information, delete information, and can generate new information. When Mallory talk with Alice, he can imitate Bob, he can imitate Alice talking to Bob.Session key, that is both the end user to communicate in a call or when exchanging data using the key. Also known as data encryption key (Data Encrypting Key).Validity of the session key on a connection-oriented protocol when the connection is not established or disconnected before the session key validity can be very long. And each time a connection is established, should use the new session key. If the logical connection for a long time, it should be replaced periodically session key.Ⅱ. Key exchange scheme based on a One-Way Shell Core FunctionThis article will draw ideological HFE public key cryptography, constructed a new, more secure functions. Such a function would compensate for the HFE public key cryptography, public key cryptography as a new application for people. This novel function is the core function of our article-the one-way function putamen.In order to facilitate unidirectional putamen function, first of two core members involved in traditional public key cryptography a one-way trapdoor one-way function and function profile.The one-way function, a function that is relatively easy to calculate it, but the inverse is very difficult. That is, a known function f and x, it is easy to calculate y=f(x). f and y, it is difficult to calculate x=f-1(y). Here, the "difficult" is defined as:even if all the computers in the world are used to calculate, from f(x) calculate x you have to spend hundreds of millions of years. The trapdoor one-way function is a special one-way function. Its function value is easy, but the value of the inverse function is difficult. However, if you know a secret (the secret is also known as "trapdoor"), it can be easily to the inverse function value. That is, a known function f and x, it is easy to calculate y=f(x). And by f and y, it is difficult to calculate x=f-1(y).However, if know trapdoort, then by f and y x=f-1(y).Trapdoor one-way function can be used directly by the construction of public key cryptography. Specific public key is f, t is the private key, the corresponding plaintext is x, the corresponding ciphertext y=f(x),so only those who know the private key can decrypt correctly. Similarly, let y=H(m) Hash value of the corresponding message mthen by private keyt is obtained x=f-1(y), then x can be seen as a message m of "signature"Therefore, the trapdoor one-way function can be easily public key cryptography.The one-way trapdoor one-way function and function combine to construct a so-called "one-way function putamen"We introduced the shell function S and core function C, where C is one-way function, S is one-way function or trapdoor one-way function. If S is trapdoor one-way function, it is called the inverse S-1 peel function. But regardless of whether S reversible, since C is a one-way function, so synthesis function SC(x)=(S℃)(x)=S(C(x)) constant one-way function, so called synthetic function SC(x)such as one-way shell core function.Based on a one-way function putamen, contemplated the following three key exchange schemes:Scheme 1:(1) Alice uses core function C(x) and shell core function SC(x)for public key,uses S(x) for private key;(2) Bob chooses x randomly, he computes C(x)and S(x), then sends (x) to Alice;(3) Alice received C(x), by private key S(x) she will compute SC(x)=S(C(x)).Thus Alice and Bob arranged a pair of session key.Scheme 2:(1) Alice arranges core function C(x)and shell core function SC(x)in public keeps Sheller function S1(x) secrecy;(2) Bob chooses randomly X, he computes C (x) and SC(x),then send SC(x) to Alice;(3) Alice received SC(x); she will use secret Sheller function S1(x)to compute C (x).Thus, Alice and Bob have agreed on the session key C(x).Scheme 3:(1) Alice arranges shell function SC(x) and S’C(x)in public, keeps Sheller function S-1(x) and confidential shell function S’(x) secrecy(2) Bob chooses randomly X, and he computes SC(x)and S’C(x),then send to SC(x) Alice;(3) Alice received SC(x); first, she uses a secret Sheller function S-1(x)to compute C(x). Then she uses confidential shell function S’(x), to compute S’C(x).Thus, Alice and Bob have agreed on the session key Ks= S’C(x)Since the scheme 1 and 2 exposed C and S "boundary", so they are susceptible to "interpolation" attack in Scheme 1, for example, if the attacker knows the shell function S "form constitutes", then the public key (C,SC) may crack the private key S, specific methods are as follows:May wish to set S(x)=a5x5+a4x4+...+a1x+a0, although the attacker does not know a0,a1,a2,...,a5, but its.To SC(x)=S(C(x)),can makeZ1=C(x1),Z2=C(x2),...,Z6=C(x6), by the relation y1=SC(x1)=S(Z1), the simultaneous equation as follows:By (Ⅰ) it can be easily solved a0,a1,a2,..., a5, Thereby crack the private key. In the case of visible putamen function construction method disclosed scheme 1 and 2 interpolation often cannot resist the attack. Therefore, this article will focus on how research solution to achieve 3 schemes of key exchange.From one perspective, the traditional public key cryptography is the "core" and "shell function" to form, for example for public-key cryptography based on Diffie-Hellman key exchange, there are:(1) Alice and Bob agree on a large prime number n and g modulo n such that g is a primitive element(which is equivalent to disclose core function C(x)=gx modn);(2) Alice chooses a random large integer a, the shell function SA (x)=xa mod n secrecy and Ka=C(a)=ga mod n will send to Bob;(3)Bob chooses a random large integer b, the shell function SB(x)=xb mod n secrecy and Kb=C(b)=gb mod n will send to Alice;(4) Alice uses a private key SA (x), to calculate k=(SAC)(b)=SA(C(b))=SA(Kb)=(gb)amod n;(5)Bob uses a private key SB (x), to calculate K’=(SBC)(a)=SB(C(a))=Sb(Ka)=(ga)b mod n.K and K’ are equals to gab mod n, so, Alice and Bob have agreed on the success of the session key K. But here’s the shell core function required to satisfy a special relationship:SA(C(b))=SB(C(a)) It is often difficult to construct.Ⅲ. Key exchange based on MQ problemThe so-called MQ problem that multivariate quadratic equations to solve problems. The problem is a NPC problem. MQ-based public key cryptosy stems problems are mainly:UOV, STS, HFE, MIC*,lIC. We adopted the following introduction of HFE to illustrate how to use the MQ problem to design public key cryptography (i.e., how to design a trapdoor one-way function).1. HFE public key cryptosystemHidden Field Equations (HFE) is a public key encryption system, which both can be used to encrypt data; it can also be used for signing. Given m and n are on a quadratic polynomial F2. For giveny=(y1,y2,y3,...,ym)∈F2m, look forx=(x1,x2,x3,...,xn)∈F2n, satisfy the following equations:The problem is multivariate equations (MQ) solution of the problem on a finite field, is NP-hard problem. HFE public key cryptosystem is such MQ problem.2. lIC public-key cryptosystemThe so-called lIC, i.e. it draws lIC reversible ring, mapping may be expressed as its center: when the variable is not zero inside, which can effectively demand the inverse, but in reality applications, taking into account efficiency problem, then the value of λi should be consistent with then following rules:IV. Key exchange based on knapsack problemKnapsack problem is a combinatorial optimization problem. Knapsack problem is a well-known NPC problem, which is defined as follows:Given a set of items, each item has its own weight and price, for a limited total weight, how we choose to make up the total price of the selected items?In addressing a large number of complex combinatorial optimization problems, it is often a problem as a child, from a practical point of view, many problems can be used to describe the knapsack problem, a problem such as packing, warehouse loading, budget control, storage allocation, project selection decision-making, are typical examples of applications.With the continuous development of network technology, electronic commerce knapsack problem in public key design also plays an important role; however, when a large-scale problem, the optimal solution is extremely difficult.Traditional methods for solving knapsack problem can be summarized as accurate algorithm and approximation algorithm. Algorithm is a series of clear instructions to solve the problem; the merits of an algorithm can be used space complexity and time complexity to measure. Algorithm can be understood as a complete problem-solving steps and basic operation of the provisions of the order of operations that constitute, or in accordance with the requirements as designed, limited, the exact sequence is calculated, and such steps and sequences can solve a class of problems. Exact algorithm knapsack problem dynamic programming, backtracking, branch and bound method, approximation algorithm genetic algorithm, greedy, particle swarm optimization, ant colony algorithm, since the exact algorithm time complexity and space complexity disadvantages.Under normal circumstances, the knapsack problem can be expressed as follows:... |
PDF Full Text Request