| Key exchange protocols allow parties to establish a common session key in an unsecured channel,which is used as the key of the symmetric cryptographic algorithm to guarantee the confidentiality and the integrity of the subsequent communication.Key exchange has been one of the primitives like encryption and signature.Since no application in the most basic Diffie-Hellman protocol of quantum information and computing.The scholars revolve around how to combining traditional key exchange protocol and quantum knowledge had exten-sive and in-depth research.However,due to the diversity and complexity key exchange protocol,how to reasonably to combine and prove their security is not a simple job.Key encapsulation mechanisms(KEM)make both sides of the session can safely share a random session key.It is one of the effective solutions for key dis-tribution and key management problems in large-scale networks,which can copy with the problem of space constraints when using public key to encrypt plaintext.Shoup initially proposed the concept of key encapsulation mechanism,he divided the encryption process into two parts which were KEM and DEM.Nowadays.the KEM-DEM hybrid encryption is the most efficient encryption scheme.In the meantime,Shoup provided several classical KEM scheme,such as ECIES-KEM,PSEC-KEM,ACE-KEM,RSA-KEM and so on.Later,Dent introduced the general construction method of KEM:constructing a strong security KEM by transforming a weak security public-key encryption scheme.In recent years.KEM has displayed a big advantage because of its tenseness and efficiency.It has been adopted by many standards and drafts.New KEM has continued to pour out,and their security has been proved.But the CCA-secure schemes that can be proved in the standard model are few in number,even with strong tools such as the Cramer Shoup framework such schemes seem to be hard to obtain.In the thesis,we first describe a secure Diffie-Hellman type key exchange pro-tocol.The protocol forces the prover to behave as follows:the prover must construct an n qubit state of his choice,measure each qubit in the Hadamard or standard basis as directed by the verifier,and report the measurement results to the verifier.The soundness of this protocol is enforced based on the assumption that the learning with errors problem is computationally intractable for efficient quantum machines.Then we introduce four generic problems about the notion of a noisy key agreement,called A and B State Recovery,Noisy Key Search,and Noisy Key Distinguishing(NKD).Those solutions must be hard in the quantum computing model.Informally speaking,these can be viewed as noisy,quantum-resistant counterparts of the problems arising from the classical Diffie-Hellman type protocols.Last but not least,we construct,the key exchange protocol com-pared with the traditional protocol verification one party can choose measurement base,to ensure fair.Both sides of communicating and the longer the length of the session key,more important is combined with relative knowledge of quantum information and computing makes it stronger applicability.And we present a generic transform from a secure key exchange protocol and a secure NKA proto-col to an IND-CCA secure KEM in the quantum random oracle model,with a security bound related to the insecurity of the NKD problem. |
PDF Full Text Request