基于格的类DH密钥交换协议设计与挑战

王克; 韩将; 谢惠琴; 江浩东; 陈隆; 张振峰

doi:10.12263/DZXB.20250033

您当前的位置：

首页 >

文章列表页 >

基于格的类DH密钥交换协议设计与挑战

综述评论 | 更新时间：2025-08-18

- 基于格的类DH密钥交换协议设计与挑战
- Design and Challenges of Lattice-Based DH Like Key Exchange Protocols
- 电子学报 2025年53卷第5期页码：1677-1691
- 作者机构：
  
  1.北京电子科技学院密码科学与技术系，北京 100070
  2.贵州大学公共大数据国家重点实验室，贵州贵阳 550025
  3.中国科学院大学，北京 100190
  4.中国科学院软件研究所可信计算与信息保障实验室，北京 100190
  5.河南省网络密码技术重点实验室，河南郑州 450001
- 作者简介：
  
  [ "王克男，1992年出生于河南省南阳市.现为北京电子科技学院密码科学与技术系讲师.主要研究方向为基于格的公钥密码算法分析. E-mail: wangke_unique@163.com" ]
  [ "韩将男，1986年出生于山东省青岛市.现为中国科学院软件研究所可信计算与信息保障实验室博士研究生.主要研究方向为抗量子密码研究.E-mail: kenglong@126.com" ]
  [ "谢惠琴女，1992年出生于福建省宁德市.现为北京电子科技学院密码科学与技术系副教授.主要研究方向为量子密码与量子算法.E-mail: xiehuiqindky@163.com" ]
  [ "江浩东男，1990年出生于河南省南阳市.现为战略支援部队信息工程大学副教授.主要研究方向为抗量子密码研究.E-mail: hdjiang13@gmail.com" ]
  [ "陈隆男，1988年出生于安徽省黄山市.现为中国科学院软件研究所可信计算与信息保障实验室副研究员.主要研究方向为抗量子密码研究.E-mail: chenlong@iscas.ac.cn" ]
  [ "张振峰男，1972年出生于河南省南阳市.现为中国科学院软件研究所可信计算与信息保障实验室研究员.主要研究方向为密码学与数据安全.E-mail: zhenfeng@iscas.ac.cn" ]
- 基金信息：
  
  中央高校基本科研业务费资金(3282023002);公共大数据国家重点实验室开放基金(PBD2024-0513);北京市自然科学基金(4234084);国家重点研发计划(2021YFB3100100)
- DOI：10.12263/DZXB.20250033
  中图分类号： TN918;TP309
- 收稿：2025-01-08，
  
  修回：2025-04-20，
  
  纸质出版：2025-05-25
- 稿件说明：
移动端阅览
王克, 韩将, 谢惠琴, 等. 基于格的类DH密钥交换协议设计与挑战[J]. 电子学报, 2025, 53(05): 1677-1691.

WANG Ke, HAN Jiang, XIE Hui-qin, et al. Design and Challenges of Lattice-Based DH Like Key Exchange Protocols[J]. Acta Electronica Sinica, 2025, 53(05): 1677-1691.
王克, 韩将, 谢惠琴, 等. 基于格的类DH密钥交换协议设计与挑战[J]. 电子学报, 2025, 53(05): 1677-1691. DOI：10.12263/DZXB.20250033

WANG Ke, HAN Jiang, XIE Hui-qin, et al. Design and Challenges of Lattice-Based DH Like Key Exchange Protocols[J]. Acta Electronica Sinica, 2025, 53(05): 1677-1691. DOI：10.12263/DZXB.20250033

摘要

迪菲-赫尔曼（Diffie-Hellman，DH）密钥交换协议，作为一种被广泛采用的密码学协议，在多种加密应用场景中发挥着关键作用.然而，鉴于量子计算技术的快速发展，DH协议面临量子攻击的重大威胁，迫切需要开发具备抗量子安全性的替代方案.其中，基于格的密钥交换协议是构建抗量子密钥交换协议的主要方法之一.本文首先系统梳理了基于格的类DH密钥交换协议的设计，然后指出了该类协议与传统DH协议的两大显著差异：其一，协议严格禁止密钥重用，以避免由此引发的两种潜在密钥恢复攻击，这一限制显著影响了协议的灵活性与效率；其二，协议通常需要额外的交互，这不仅增加了通信复杂度和延迟，还导致其在实际应用环境中的效率下降.这些差异使得基于格的类DH密钥交换协议在直接替代传统DH协议时难以继承全部优势.为减轻抗量子迁移的成本，并实现与现有系统的无缝对接，探索设计支持密钥重用的非交互式类DH密钥交换协议，已成为当前密码学领域的一个重要研究方向.此类协议旨在保留DH协议的高效性与易用性，同时增强对量子攻击的抵抗力.最后，通过对此类协议优势与挑战进行深入剖析，本文明确了未来研究的方向，旨在进一步优化协议设计，提升性能，推动抗量子迁移技术的发展.

Abstract

The Diffie-Hellman (DH) key exchange protocol

as a widely adopted cryptographic protocol

plays a key role in various encryption application scenarios. However

given the rapid development of quantum computing technology

The DH protocol faces significant threats from quantum attacks and there is an urgent need to develop alternative solutions with post-quantum security. Among them

lattice-based key exchange protocols are one of the main methods for building post-quantum key exchange protocols. This paper first systematically reviews the design of lattice-based DH-like key exchange protocols

and then points out two major distinctions between this type of protocol and the DH protocol: firstly

the protocol strictly prohibits key reuse to avoid two potential key recovery attacks that may arise from it

which significantly affects the flexibility and efficiency of the protocol; Secondly

protocols often require additional interactions

which not only increase communication complexity and latency

but also lead to a decrease in efficiency in practical application environments. These differences make it difficult for lattice based class DH key exchange protocols to inherit all the advantages when directly replacing traditional DH protocols. To reduce the cost of post-quantum migration and achieve seamless integration with existing systems

exploring the design of non-interactive class DH key exchange protocols that support key reuse has become an important research direction in the current field of cryptography. Such protocols aim to preserve the efficiency and usability of DH protocols while enhancing resistance to quantum attacks. Finally

through a thorough analysis of the advantages and challenges of such key exchange protocols

future research directions have been clarified. Aimed at further optimizing protocol design and improving performance

promote the development of post-quantum transfer technology.

关键词

Keywords

references

DIFFIE W , HELLMAN M . New directions in cryptography [J ] . IEEE Transactions on Information Theory , 1976 , 22 ( 6 ): 644 - 654 .

KUMARI N , MOHAPATRA A K . A comprehensive and critical analysis of TLS 1.3 [J ] . Journal of Information and Optimization Sciences , 2022 , 43 ( 4 ): 689 - 703 .

BIENSTOCK A , FAIROZE J , GARG S , et al . A more complete analysis of the signal double ratchet algorithm [M ] // Advances in Cryptology-CRYPTO 2022 . Cham : Springer Nature Switzerland , 2022 : 784 - 813 .

MOUSAVI S J , CHAHARSOOGHI K , ALI MONTAZER G . Using blockchain to improve the security of the X3DH key exchange protocol [J ] . International Journal of Information and Communication Technology Research , 2023 , 15 ( 3 ): 11 - 20 .

DOWLING B , RÖSLER P , SCHWENK J . Flexible authenticated and confidential channel establishment (fACCE): Analyzing the noise protocol framework [M ] // Public-Key Cryptography-PKC 2020 . Cham : Springer International Publishing , 2020 : 341 - 373 .

范桁 . 量子计算纠错取得突破性进展 [J ] . 物理学报 , 2023 , 72 ( 7 ): 7 - 9 .

FAN H . Breakthrough of error correction in quantum computing [J ] . Acta Physica Sinica , 2023 , 72 ( 7 ): 7 - 9 . (in Chinese)

MAVROEIDIS V , VISHI K , MATEUSZ D , et al . The impact of quantum computing on present cryptography [J ] . International Journal of Advanced Computer Science and Applications , 2018 , 9 ( 3 ): 405 - 414 .

CHOI Y R , CHOI Y S , et al . Analysis of NIST PQC standardization process and round 4 selected/non-selected algorithms [J ] . Jouranl of Information and Security , 2024 , 24 ( 2 ): 71 - 78 .

燕云飞 , 李斌 , 魏源鑫 , 等 . Dilithium算法的FPGA高效扩展性优化 [J ] . 计算机科学 , 2024 , 51 ( S1 ): 838 - 846 .

YAN Y F , LI B , WEI Y X , et al . Efficient scalability optimization of dilithium algorithm based on FPGA [J ] . Computer Science , 2024 , 51 ( S1 ): 838 - 846 . (in Chinese)

吕顺森 , 李斌 , 翟嘉琪 , 等 . Crystal-Kyber算法的FPGA高效并行优化 [J ] . 电子学报 , 2024 , 52 ( 5 ): 1679 - 1689 .

LU¨ S S , LI B , ZHAI J Q , et al . FPGA efficient parallel optimization of crystal-kyber [J ] . Acta Electronica Sinica , 2024 , 52 ( 5 ): 1679 - 1689 . (in Chinese)

REGEV O . On lattices, learning with errors, random linear codes, and cryptography [J ] . Journal of the ACM , 2009 , 56 ( 6 ): 1 - 40 .

LYUBASHEVSKY V , PEIKERT C , REGEV O . On ideal lattices and learning with errors over rings [M ] // Advances in Cryptology-EUROCRYPT 2010 . Berlin : Springer Berlin Heidelberg , 2010 : 1 - 23 .

DING J T , XIE X , LIN X D . A simple provably secure key exchange scheme based on the learning with errors problem [EB/OL ] . ( 2014-07-29 )[ 2025-01-07 ] . https://eprint.iacr.org/2012/688 https://eprint.iacr.org/2012/688 .

宋敏特 , 侯凯 , 茹占强 , 等 . 一种面向PUF的模糊提取器设计与实现 [J ] . 中国科学院大学学报(中英文) , 2024 , 41 ( 1 ): 127 - 135 .

SONG M T , HOU K , RU Z Q , et al . Design and implementation of fuzzy extractor for PUF [J ] . Journal of University of Chinese Academy of Sciences , 2024 , 41 ( 1 ): 127 - 135 . (in Chinese)

CANETTI R , FULLER B , PANETH O , et al . Reusable fuzzy extractors for low-entropy distributions [J ] . Journal of Cryptology , 2020 , 34 ( 1 ): 2 .

VAN HERREWEGE A , KATZENBEISSER S , MAES R , et al . Reverse fuzzy extractors: Enabling lightweight mutual authentication for PUF-Enabled RFIDs [M ] // Financial Cryptography and Data Security . Berlin : Springer Berlin Heidelberg , 2012 : 374 - 389 .

PEIKERT C . Lattice cryptography for the Internet [M ] // Post-Quantum Cryptography . Cham : Springer International Publishing , 2014 : 197 - 219 .

BOS J W , COSTELLO C , NAEHRIG M , et al . Post-quantum key exchange for the TLS protocol from the ring learning with errors problem [C ] // 2015 IEEE Symposium on Security and Privacy . Piscataway : IEEE , 2015 : 553 - 570 .

GAO X W , DING J T , SARASWATHY R V , et al . Comparison analysis and efficient implementation of reconciliation-based RLWE key exchange protocol [J ] . International Journal of High Performance Computing and Networking , 2019 , 13 ( 2 ): 141 .

BOS J , COSTELLO C , DUCAS L , et al . Frodo: Take off the ring! practical, quantum-secure key exchange from LWE [C ] // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM , 2016 : 1006 - 1018 .

ALKIM E , DUCAS L , PÖPPELMANN T , et al . Post-quantum key exchange:A new hope [C ] // Proceedings of the 25th USENIX Security Symposium (USENIX Security 16) . Piscataway : IEEE , 2016 : 327 - 343 .

PAQUIN C , STEBILA D , TAMVADA G . Benchmarking post-quantum cryptography in TLS [M ] // Post-Quantum Cryptography . Cham : Springer International Publishing , 2020 : 72 - 91 .

SAARINEN M O . HILA5: On reliability, reconciliation, and error correction for ring-LWE encryption [M ] // Selected Areas in Cryptography-SAC 2017 . Cham : Springer International Publishing , 2017 : 192 - 212 .

YADAV S . An extensive study on lattice-based cryptography and its applications for RLWE-based problems [J ] . Universal Research Reports , 2023 , 10 ( 3 ): 104 - 110 .

DHARMINDER D , REDDY C B , DAS A K , et al . Post-quantum lattice-based secure reconciliation enabled key agreement protocol for IoT [J ] . IEEE Internet of Things Journal , 2023 , 10 ( 3 ): 2680 - 2692 .

JIA W J , XUE G H , WANG B C , et al . Module-LWE-based key exchange protocol using error reconciliation mechanism [J ] . Security and Communication Networks , 2022 , 2022 ( 1 ): 8299232 .

MARIA NAVIN J R , SURESH P , PRADEEP K R . Implementation of OpenSSL API’s for TLS 1.2 operation [J ] . International Journal of Advanced Computer Research (IJACR) , 2013 , 3 ( 12 ): 179 - 183 .

FELSCH D , GROTHE M , SCHWENK J , et al . The dangers of key reuse: Practical attacks on ipsec ike [C ] // Proceedings of the 27th USENIX Security Symposium . Baltimore : USENIX Association , 2018 : 567 - 583 .

KIRKWOOD D , LACKEY B C , MCVEY J , et al . Failure is not an Option: Standardization Issues for Post-Quantum Key Agreement [R ] . Workshop on Cybersecurity in a Post-Quantum World . 2015 : 21 .

DING J T , ALSAYIGH S , SARASWATHY R V , et al . Leakage of signal function with reused keys in RLWE key exchange [C ] // 2017 IEEE International Conference on Communications (ICC) . Piscataway : IEEE , 2017 : 1 - 6 .

DING J T , FLUHRER S , RV S . Complete attack on RLWE key exchange with reused keys, without signal leakage [M ] // Information Security and Privacy . Cham : Springer International Publishing , 2018 : 467 - 486 .

BINDEL N , STEBILA D , VEITCH S . Improved attacks against key reuse in learning with errors key exchange [M ] // Progress in Cryptology - LATINCRYPT 2021 . Cham : Springer International Publishing , 2021 : 168 - 188 .

DING J T , BRANCO P , SCHMITT K . Key exchange and authenticated key exchange with reusable keys based on RLWE assumption [J ] . IACR Cryptology ePrint Archive , 2019 , 2019 : 665 .

QIN Y , DING R Y , CHENG C , et al . Light the signal: Optimization of signal leakage attacks against LWE-Based key exchange [M ] // Computer Security-ESORICS 2022 . Cham : Springer International Publishing , 2022 : 677 - 697 .

LI Z W , XU J , HU L . Signal leakage attack meets depth first search: An improved approach on DXL key exchange protocol [EB/OL ] . ( 2023-11-06 )[ 2025-01-07 ] . https://eprint.iacr.org/2023/1709 https://eprint.iacr.org/2023/1709 .

LIU C , ZHENG Z X , ZOU G N . Key reuse attack on newhope key exchange protocol [M ] // Information Security and Cryptology - ICISC 2018 . Cham : Springer International Publishing , 2019 : 163 - 176 .

DABRA V , BALA A , KUMARI S . Flaw and amendment of a two-party authenticated key agreement protocol for post-quantum environments [J ] . Journal of Information Security and Applications , 2021 , 61 : 102889 .

ISLAM S H . Provably secure two-party authenticated key agreement protocol for post-quantum environments [J ] . Journal of Information Security and Applications , 2020 , 52 : 102468 .

PURSHARTHI K , MISHRA D . On the security of ring learning with error-based key exchange protocol against signal leakage attack [J ] . Security and Privacy , 2023 , 6 ( 5 ): e310 .

DHARMINDER D . LWEDM: Learning with error based secure mobile digital rights management system [J ] . Transactions on Emerging Telecommunications Technologies , 2021 , 32 ( 2 ): e4199 .

郭渊博 , 尹安琪 . 基于格的口令认证密钥交换协议综述 [J ] . 通信学报 , 2022 , 43 ( 12 ): 172 - 187 .

GUO Y B , YIN A Q . Research on password-authenticated key exchange protocol over lattices [J ] . Journal on Communications , 2022 , 43 ( 12 ): 172 - 187 . (in Chinese)

尹安琪 , 汪定 , 郭渊博 , 等 . 可证明安全的抗量子高效口令认证密钥交换协议 [J ] . 计算机学报 , 2022 , 45 ( 11 ): 2321 - 2336 .

YIN A Q , WANG D , GUO Y B , et al . Provably secure quantum resistance efficient password-authenticated key exchange protocol [J ] . Chinese Journal of Computers , 2022 , 45 ( 11 ): 2321 - 2336 . (in Chinese)

尹安琪 , 曲彤洲 , 郭渊博 , 等 . 格上基于密文标准语言的可证明安全两轮口令认证密钥交换协议 [J ] . 电子学报 , 2022 , 50 ( 5 ): 1140 - 1149 .

YIN A Q , QU T Z , GUO Y B , et al . Provably secure two-round PAKE based on ciphertext standard language over lattices [J ] . Acta Electronica Sinica , 2022 , 50 ( 5 ): 1140 - 1149 . (in Chinese)

尹安琪 , 郭渊博 , 汪定 , 等 . 可证明安全的抗量子两服务器口令认证密钥交换协议 [J ] . 通信学报 , 2022 , 43 ( 3 ): 14 - 29 .

YIN A Q , GUO Y B , WANG D , et al . Provably secure quantum resistance two-server pass-word-authenticated key exchange protocol [J ] . Journal on Communications , 2022 , 43 ( 3 ): 14 - 29 . (in Chinese)

李子臣 , 谢婷 , 张卷美 . 基于RLWE问题的后量子口令认证密钥交换协议 [J ] . 电子学报 , 2021 , 49 ( 2 ): 260 - 267 .

LI Z C , XIE T , ZHANG J M . Post quantum password-based authentication key exchange protocol based on ring learning with errors problem [J ] . Acta Electronica Sinica , 2021 , 49 ( 2 ): 260 - 267 . (in Chinese)

DING R Y , CHENG C , QIN Y . Further analysis and improvements of a lattice-based anonymous PAKE scheme [J ] . IEEE Systems Journal , 2022 , 16 ( 3 ): 5035 - 5043 .

DABRA V , BALA A , KUMARI S . LBA-PAKE: Lattice-based anonymous password authenticated key exchange for mobile devices [J ] . IEEE Systems Journal , 2021 , 15 ( 4 ): 5067 - 5077 .

WANG Q X , WANG D , CHENG C , et al . Quantum2FA: Efficient quantum-resistant two-factor authentication scheme for mobile devices [J ] . IEEE Transactions on Dependable and Secure Computing , 2023 , 20 ( 1 ): 193 - 208 .

FLUHRER S R . Cryptanalysis of ring-LWE based key exchange with key share reuse [J ] . IACR Cryptology EPrint Archive , 2016 , 2016 : 85 .

WANG K , JIANG H D . Analysis of two countermeasures against the signal leakage attack [M ] // Progress in Cryptology-AFRICACRYPT 2019 . Cham : Springer International Publishing , 2019 : 370 - 388 .

MOODY D , ALAGIC G , ALPERIN-SHERIFF J M , et al . Status report on the first round of the nist post-quantum cryptography standardization process [R ] . Technical report, National Institute of Standards and Technology , 2019 .

GAO X W , DING J T , LI L , et al . Practical randomized RLWE-based key exchange against signal leakage attack [J ] . IEEE Transactions on Computers , 2018 , 67 ( 11 ): 1584 - 1593 .

张晓涵 , 程池 , 余天润 . 对密钥不匹配攻击的进一步理论分析: 以NTRU-HRSS为例 [J ] . 电子学报 , 2023 , 51 ( 4 ): 1081 - 1092 .

ZHANG X H , CHENG C , YU T R . Further theoretical analysis of key mismatch attacks: A case study of NTRU-HRSS [J ] . Acta Electronica Sinica , 2023 , 51 ( 4 ): 1081 - 1092 . (in Chinese)

TANAKA Y , UENO R , XAGAWA K , et al . Multiple-valued plaintext-checking side-channel attacks on post-quantum KEMs [J ] . IACR Transactions on Cryptographic Hardware and Embedded Systems , 2023 : 473 - 503 .

QIN Y , CHENG C , ZHANG X H , et al . A systematic approach and analysis of key mismatch attacks on lattice-based NIST candidate KEMs [M ] // Advances in Cryptology-ASIACRYPT 2021 . Cham : Springer International Publishing , 2021 : 92 - 121 .

MI R Q , JIANG H D , ZHANG Z F . Bit security analysis of lattice-based KEMs under plaintext-checking attacks [M ] // Selected Areas in Cryptography-SAC 2023 . Cham : Springer Nature Switzerland , 2024 : 255 - 274 .

GUO Q , MÅRTENSSON E . Do not bound to a single position: Near-optimal multi-positional mismatch attacks against kyber and saber [M ] // Post-Quantum Cryptography . Cham : Springer Nature Switzerland , 2023 : 291 - 320 .

SHAO M Y , LIU Y J , ZHOU Y B . Pairwise and parallel: Enhancing the key mismatch attacks on kyber and beyond [C ] // Proceedings of the 19th ACM Asia Conference on Computer and Communications Security . New York : ACM , 2024 : 548 - 559 .

GUO Q , MÅRTENSSON E , et al . The perils of limited key reuse: Adaptive and parallel mismatch attacks with post-processing against kyber [J ] . IACR Communications in Cryptology , 2024 , 1 : 3 - 72 .

YADAV S , DABRA V , MALIK P , et al . Flaw and amendment of Dharminder et al.’s authentication protocol for satellite communication[J ] . Security and Privacy , 2024 , 7 ( 4 ): e383 .

DHARMINDER D , DADSENA P K , GUPTA P , et al . A post quantum secure construction of an authentication protocol for satellite communication [J ] . International Journal of Satellite Communications and Networking , 2023 , 41 ( 1 ): 14 - 28 .

MISHRA D , PURSHARTHI K . Cryptanalysis with improvement on lattice-based authenticated key exchange protocol for mobile satellite communication networks [J ] . Security and Privacy , 2024 , 7 ( 5 ): e407 .

AZARDERAKHSH R , JAO D , LEONARDI C . Post-quantum static-static key agreement using multiple protocol instances [M ] // Selected Areas in Cryptography- SAC 2017 . Cham : Springer International Publishing , 2017 : 45 - 63 .

ISLAM S H , BASU S . PB-3PAKA: Password-based three-party authenticated key agreement protocol for mobile devices in post-quantum environments [J ] . Journal of Information Security and Applications , 2021 , 63 : 103026 .

BASU S , SEYHAN K , ISLAM S H , et al . MLWR-2PAKA: A hybrid module learning with rounding-based authenticated key agreement protocol for two-party communication [J ] . IEEE Systems Journal , 2023 , 17 ( 4 ): 6093 - 6103 .

AKLEYLEK S , SEYHAN K . A probably secure Bi-GISIS based modified AKE scheme with reusable keys [J ] . IEEE Access , 2020 , 8 : 26210 - 26222 .

SEYHAN K , NGUYEN T N , AKLEYLEK S , et al . Bi-GISIS KE: Modified key exchange protocol with reusable keys for IoT security [J ] . Journal of Information Security and Applications , 2021 , 58 : 102788 .

PURSHARTHI K , MISHRA D . A computationally efficient and randomized RLWE-based key exchange scheme [J ] . Cluster Computing , 2024 , 27 ( 2 ): 1599 - 1610 .

BRENDEL J , FISCHLIN M , GÜNTHER F , et al . Towards post-quantum security for signal’s X3DH handshake [M ] // Selected Areas in Cryptography . Cham : Springer International Publishing , 2021 : 404 - 430 .

DOBSON S , GALBRAITH S D . Post-quantum signal key agreement from SIDH [M ] // Post-Quantum Cryptography . Cham : Springer International Publishing , 2022 : 422 - 450 .

刘一丹 , 程庆丰 . 同源密码方案综述 [J ] . 密码学报 , 2023 , 10 ( 4 ): 667 - 684 .

LIU Y D , CHENG Q F . A survey of isogeny-based cryptographic schemes [J ] . Journal of Cryptologic Research , 2023 , 10 ( 4 ): 667 - 684 . (in Chinese)

CAMPOS F , CHÁVEZ-SAAB J , CHI-DOMÍNGUEZ J J , et al . Optimizations and practicality of high-security CSIDH [J ] . IACR Communications in Cryptology , 2024 , 1 : 1 - 21 .

LYUBASHEVSKY V . Converting newhope/lwe key exchange to a diffe-hellman-like algorithm [J ] . Crypto Stack Exchange , 2017 , 1 : 2 .

DE KOCK B . A Non-Interactive Key Exchange Based on Ring-Learning with Errors [D ] . Eindhoven : Eindhoven University of Technology , 2018 .

GUO S Y , KAMATH P , ROSEN A , et al . Limits on the efficiency of (ring) LWE-based non-interactive key exchange [J ] . Journal of Cryptology , 2021 , 35 ( 1 ): 1 .

HESSE J , HOFHEINZ D , KOHL L , et al . Towards tight adaptive security of non-interactive key exchange [M ] // Theory of Cryptography . Cham : Springer International Publishing , 2021 : 286 - 316 .

GAJLAND P , DE KOCK B , QUARESMA M , et al . SWOOSH: Efficient lattice-based non-interactive key exchange [C ] // Proceedings of the 33rd USENIX Security Symposium (USENIX Security 24) . Philadelphia : USENIX , 2024 : 487 - 504 .

LANGREHR R . On the multi-user security of LWE-based NIKE [M ] // Theory of Cryptography . Cham : Springer Nature Switzerland , 2023 : 33 - 62 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

对密钥不匹配攻击的进一步理论分析——以NTRU-HRSS为例

格上基于密文标准语言的可证明安全两轮口令认证密钥交换协议