ebook img

Modern Cryptography Volume 2: A Classical Introduction To Informational And Mathematical Principle PDF

202 Pages·2023·2.914 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Modern Cryptography Volume 2: A Classical Introduction To Informational And Mathematical Principle

Financial Mathematics and Fintech Zhiyong Zheng Kun Tian Fengxia Liu Modern Cryptography Volume 2 A Classical Introduction to Informational and Mathematical Principle Financial Mathematics and Fintech SeriesEditors ZhiyongZheng,RenminUniversityofChina,Beijing,Beijing,China AlanPeng,UniversityofToronto,Toronto,ON,Canada This series addresses the emerging advances in mathematical theory related to finance and application research from all the fintech perspectives. It is a series of monographs and contributed volumes focusing on the in-depth exploration of financial mathematics such as applied mathematics, statistics, optimization, and scientificcomputation,andfintechapplicationssuchasartificialintelligence,block chain,cloudcomputing,andbigdata.Thisseriesisfeaturedbythecomprehensive understanding and practical application of financial mathematics and fintech. This bookseriesinvolvescutting-edgeapplicationsoffinancialmathematicsandfintech inpracticalprogramsandcompanies. The Financial Mathematics and Fintech book series promotes the exchange of emerging theory and technology of financial mathematics and fintech between academiaandfinancialpractitioner.Itaimstoprovideatimelyreflectionofthestate ofartinmathematicsandcomputersciencefacingtotheapplicationoffinance.Asa collection, this book series provides valuable resources to a wide audience in academia, the finance community, government employees related to finance and anyone else looking to expand their knowledge in financial mathematics and fintech. Thekeywordsinthisseriesincludebutarenotlimitedto: a)Financialmathematics b)Fintech c)Computerscience d)Artificialintelligence e)Bigdata · · Zhiyong Zheng Kun Tian Fengxia Liu Modern Cryptography Volume 2 A Classical Introduction to Informational and Mathematical Principle ZhiyongZheng KunTian SchoolofMathematics SchoolofMathematics RenminUniversityofChina RenminUniversityofChina Beijing,China Beijing,China HenanAcademyofSciences Zhengzhou,China FengxiaLiu ArtificialIntelligenceResearchInstitute BeihangUniversity Beijing,China ISSN 2662-7167 ISSN 2662-7175 (electronic) FinancialMathematicsandFintech ISBN 978-981-19-7643-8 ISBN 978-981-19-7644-5 (eBook) https://doi.org/10.1007/978-981-19-7644-5 ©TheEditor(s)(ifapplicable)andTheAuthor(s)2023.Thisbookisanopenaccesspublication. OpenAccessThisbookislicensedunderthetermsoftheCreativeCommonsAttribution4.0International License(http://creativecommons.org/licenses/by/4.0/),whichpermitsuse,sharing,adaptation,distribu- tionandreproductioninanymediumorformat,aslongasyougiveappropriatecredittotheoriginal author(s)andthesource,providealinktotheCreativeCommonslicenseandindicateifchangeswere made. Theimagesorotherthirdpartymaterialinthisbookareincludedinthebook’sCreativeCommonslicense, unlessindicatedotherwiseinacreditlinetothematerial.Ifmaterialisnotincludedinthebook’sCreative Commonslicenseandyourintendeduseisnotpermittedbystatutoryregulationorexceedsthepermitted use,youwillneedtoobtainpermissiondirectlyfromthecopyrightholder. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthors,andtheeditorsaresafetoassumethattheadviceandinformationinthisbook arebelievedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsor theeditorsgiveawarranty,expressedorimplied,withrespecttothematerialcontainedhereinorforany errorsoromissionsthatmayhavebeenmade.Thepublisherremainsneutralwithregardtojurisdictional claimsinpublishedmapsandinstitutionalaffiliations. ThisSpringerimprintispublishedbytheregisteredcompanySpringerNatureSingaporePteLtd. The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721, Singapore Preface Forintegerfactorizationanddiscretelogarithmcalculation,P.W.Shorpublishedan effective quantum calculation in SIAM Journal on Computing in 1997, which is called the Shor algorithm in academic circles. Classical public key cryptosystems suchasRSA,ECCandsooncouldnotresisttheattackoftheShoralgorithm,sothe majorsecurityrisksofpublickeycryptosystemsarecompletelyexposedtotheShor algorithmandquantumcomputer. Inthepast20years,theriseanddevelopmentofpost-quantumcryptographyhave close relation with the lattice cryptosystems. The academic community believes that the hard problems on lattice, such as the shortest vector problem (SVP), the continuous shortest vector problem (SIVP) and the determination of the shortest vector problem (GapSVP) can resist quantum computing effectively, so the public key cryptosystems based on the hard problems on lattice become the core theory andtechnologyofthepost-quantumcryptography.Atpresent,therearesixkindsof publishedpost-quantumcryptosystems: 1. Ajtai-Dwork cryptosystem (1997). Ajtai constructed a collision-resistant Hash functionbythecirculantmatrixandidealmatrix,andconvertedthecollisionpoint intotheshortestvectorproblemonq-aryintegerlattice.Ajtaifirstproposedthe concept of random lattice (Gauss lattice) in 1996, and established the famous reduction principle ‘from the worst case to the average case’. The security of Ajtai-Dworkcryptosystemcouldbefullyprovedbythisreductionprinciple. 2. GGH/HNF cryptosystem (1997). In 1997, Goldereich, Goldwasser and Halevi constructed a public key cryptosystem based on the closest vector problem on the q-ary integer lattice, which was further improved by Micciancio using the Hermitenormalbasisin2005.TheideaofMicciancioisverysimple.Sincethe HNFbasisofanylatticecanbeeasilycomputedfromitsgeneratedmatrix,the GGHcryptosystemusestheHNFbasisasthepublickeydirectly. 3. NTRU cryptosystem (1998). Number Theory Research Unit (NTRU) is a quantum-resistantcomputingpublickeycryptosystemdevelopedbyJ.Hoffstein, J.PipherandJ.H.SilvermaninBrownUniversityin1998,whichhasbecome themostattractivepost-quantumcryptosystemduetoitssimplealgorithm,fast v vi Preface calculation speed and small storage space. In 2009, the National Institute of StandardsandTechnologywroteasurveyreport:thereisnocryptosystemcould consider both public key encryption and digital signature, and resist the Shor algorithmsimultaneously.TheNTRUencryptionalgorithmseemstobethemost likelychoiceamongmanylattice-basedencryptionschemes.ThePQCRYPTO program(Horizon2020ICT-645622)byEuropeanUnionhopestodevelopanew EuropeanencryptionstandardbasedontheNTRUimprovedbyStehle-Steinfeld. 4. MacElience/Niderreitercryptosystem(1998).Linearcodesaretheearliesterror- correcting codes in coding theory. Later, algebraic coding developed based on theidealtheorygreatlyenrichedandimprovedthelinearcodingtheory.Cycle codeandGoppacodearethemostimportanterror-correctingcodesinalgebraic coding.MacElienceandNiderreiterconstructedanewpublickeycryptosystem by using the asymmetry of encoding algorithm and decoding algorithm of the error-correctingcodeindependently,whichwecallMacElience/Niderreitercryp- tosystem.Sinceacode(linearcodeoralgebraiccode)canberegardedasalattice onafinitefield,thesecurityofthiscryptosystemiscloselyrelatedtotheclosest vectorproblemontheq-aryintegerlattice.Recentstudieshaveshownthatcoding theoryplaysanimportantroleinlattice-basedcryptosystems. 5. LWE cryptosystem (2005). In 2005, O. Regev of Tel Aviv University in Israel proposedthefamousLWEcryptosystembasedontheLWEdistribution.Because ofthiswork,Regevwonthehighestawardinthetheoreticalcomputerscience in 2018—the Godel Award. The LWE distribution (Learning With Errors) is a random linear system with errors having Gauss distribution. Regev’s cryp- tosystemencryptsasinglebitofplaintexteachtime.SincethesecurityoftheLWE problemhasbeenclearlyproved(seeChap.3ofthisbook),LWEcryptosystem iscurrentlythemostactiveandmainstreamresearchtopic. 6. Fully homomorphic encryption (FHE). In 1985, R.Rivest, C.Adleman and M.Dertouzosfirstproposedtheconceptofdatabankandtheconjectureoffully homomorphicencryption.Someindividualsandorganizationsencrypttheorig- inaldataandstoretheminthedatabankforprivacyprotection,whichisobviously ahugewealth.Howtocomputetheseencrypteddataeffectively?R.Rivest,C. AdlemanandM.Dertouzospresentedthefullyhomomorphicencryptionconjec- ture.In2009,C.GentryofStanfordUniversitypartiallysolvedtheRADconjec- ture.Gentry’sworkisbasedontheideallattice,thatis,anintegerlatticewhich hasaone-to-onecorrespondencetotheidealofpolynomialring.Butthecryp- tosystem of Gentry isa finite-time fully homomorphic encryption, and infinite fullyhomomorphicencryptionisstillanunsolvedpublicproblem.In2012and 2013,thesecondandthirdfullyhomomorphicencryptionalgorithmsbasedon the LWE distribution were proposed one after another. Gentry won the 2022 GodelAwardforhiscontributions. In the book Modern Cryptography, we give a detailed introduction to the basic theory of lattice and the first four kinds of lattice-based cryptosystems. The main purpose of this book is to discuss the computational complexity theory of lattice Preface vii cryptosystems, especially Ajtai’s reduction principle, and fill the gap that post- quantum cryptography focuses on the encryption and decryption algorithms, and the theoretical proof is insufficient. In Chaps. 3, 4 and 6, we introduce the LWE distribution,LWEcryptosystemandfullyhomomorphicencryptionindetail.When using stochastic analysis tools, there are many ‘ambiguity’ problems in terms of definitionsandalgorithms,suchasthe‘≈’notationappearedinalargenumberof papersandbooks,whichisunprecisemathematically.Thebiggestcharacteristicof this book is to use probability distribution to provide rigorous mathematical defi- nitionsandproofsforvariousunclearexpressions,makingitarigoroustheoretical systemtofacilitateteachinganddisseminationinclass.Chapters5and7arebased ontwopaperspublishedbytheauthorsinthejournalJournalofInformationSecurity (seereferences[63,64]).Thesematerialscanberegardedassomeimportanttopics, suchas thefurther extension and improvement of cyclic lattices,ideallattices and generalizedNTRUcryptosystems. This book contains the most cutting-edge and hottest research topics in post- quantum cryptography. Reading all the chapters requires a lot of mathematical knowledgeandagoodmathematicalfoundation.Therefore,thisbookcanbeused asatextbookforgraduatestudentsinmathematicsandcryptography,orareference book for researchers in cryptography area. Due to the rush of time, all the mate- rialsaresummarizedfromdomesticandforeignresearchpapersinthelast20years, andshortcomingsandmistakesareinevitable.Wewelcomereaderstocriticizeand correctthem. Zhengzhou,China ZhiyongZheng September2022 Contents 1 RandomLatticeTheory ......................................... 1 1.1 FourierTransform .......................................... 3 1.2 DiscreteGaussMeasure ..................................... 7 1.3 SmoothingParameter ....................................... 13 1.4 SomePropertiesofDiscreteGaussDistribution ................. 25 2 ReductionPrincipleofAjtai ..................................... 33 2.1 RandomLinearSystem ...................................... 33 2.2 SISProblem ............................................... 35 2.3 INCGDDProblem .......................................... 39 2.4 ReductionPrinciple ......................................... 46 3 LearningwithError ............................................ 53 3.1 CirculantMatrix ........................................... 53 3.2 SISandKnapsackProblemonRing ........................... 61 3.3 LWEProblem .............................................. 72 3.4 ProofoftheMainTheorem .................................. 80 3.4.1 FromLWEtoDGS ................................... 81 3.4.2 FromDGStoHardProblemsonLattice ................. 93 3.4.3 FromD-LWEtoLWE ................................ 97 4 LWEPublicKeyCryptosystem .................................. 99 4.1 LWECryptosystemofRegev ................................. 99 4.2 TheProofofSecurity ....................................... 104 4.3 PropertiesofRoundingFunction .............................. 108 4.4 GeneralLWE-BasedCryptosystem ........................... 112 4.5 ProbabilityofDecryptionErrorforGeneralDisturbance ......... 115 5 CyclicLatticesandIdealLattices ................................ 119 5.1 SomeBasicPropertiesofLattice ............................. 119 5.2 IdealMatrices .............................................. 123 ix x Contents 5.3 φ-CyclicLattice ............................................ 129 5.4 ImprovedUpperBoundforSmoothingParameter ............... 137 6 FullyHomomorphicEncryption ................................. 143 6.1 DefinitionsandExamples .................................... 144 6.2 GadgetMatrixandGadgetTechnique ......................... 148 6.3 BoundedFullyHomomorphicEncryption ...................... 154 6.4 ConstructionofGentry ...................................... 165 6.5 Attribute-BasedEncryption .................................. 170 7 AGeneralizationofNTRUencrypt ............................... 175 7.1 φ-CyclicCode ............................................. 176 7.2 AGeneralizationofNTRUencrypt ............................ 182 References ........................................................ 189

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.