【打印本页】      【下载PDF全文】   View/Add Comment  Download reader   Close
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 6886次   下载 6113 本文二维码信息
码上扫一扫!
基于非完美随机源的密码学原语的安全性研究综述
姚燕青,李舟军
分享到: 微信 更多
(北京航空航天大学计算机学院 北京 中国 100191)
摘要:
密码学是信息安全的核心研究内容。传统的密码学原语理想地假设秘密服从均匀随机分布。然而,在现实世界中往往并非如此。例如,若秘密源为生物数据、物理源、部分泄漏的秘密等时,相应的分布并不服从均匀分布。这样的一些分布构成的集合称为"非完美随机源"。因此,基于非完美随机源的密码学原语是否仍具有安全性?这已成为当今密码学前沿研究领域的热点和难点课题之一。本文阐述了基于非完美随机源的密码学原语的研究背景、意义及发展历程,重点介绍了该领域的最新进展,即Dodis和Yao[CRYPTO 2015]发现的基于一般的非完美随机源的传统隐私(包括位抽取器、加密、承诺、秘密分享方案)和差分隐私的(不)可能性结果。最后,指出了当前该领域值得探索的问题。
关键词:  非完美随机源  密码学原语  安全性  传统隐私  差分隐私
DOI:10.19363/j.cnki.cn10-1380/tn.2016.02.003
Received:November 29, 2015Revised:April 19, 2016
基金项目:本课题得到国家863计划(No.2015AA016004);国家自然科学基金(Nos.61170189,61370126,61202239);北航软件开发环境国家重点实验室探索性自选课题以及校级基本科研业务费项目(No.30486301)资助。
Survey: Security of Cryptographic Primitives with Imperfect Randomness
YAO Yanqing,LI Zhoujun
School of Computer Science and Engineering, Beihang University, Beijing 100191, China
Abstract:
Cryptography is a core area in information security. Traditional cryptographic primitives take for granted the availability of perfect random sources. However, in many situations it seems unrealistic to expect a source to be perfectly random, and one must deal with various imperfect sources of randomness. Some well known examples are physical sources, biometric data, secrets with partial leakage, etc. Hence, can cryptographic primitives with imperfect randomness be secure? It has become a frontier and hot research topic in Cryptography. This paper reviews the background, significance, and the development history of this topic. It also reviews the latest advances of this topic. Namely, some general impossibility results of traditional privacy (e.g., bit extractor, encryption, commitment, secret sharing scheme) and differential privacy under a general imperfect source proposed by Dodis and Yao in CRYPTO 2015. Finally, the paper analyzes the problems worth exploring in this area.
Key words:  imperfect random sources  cryptographic primitives  security  traditional privacy  differential privacy