《计算机应用研究》|Application Research of Computers

基于NTRUSign的新型公钥基础设施的设计

New design of public key infrastructure based on NTRUSign

免费全文下载 (已被下载 次)  
获取PDF全文
作者 李子臣,梁斓,孙亚飞,杨亚涛
机构 1.西安电子科技大学 通信工程学院,西安 710071;2.北京印刷学院,北京 102600;3.北京电子科技学院,北京 100070
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2018)08-2421-04
DOI 10.3969/j.issn.1001-3695.2018.08.045
摘要 为了提高可信第三方证书授权中心(certificate authority,CA)对数字证书的管理效率,提出了一种基于NTRUSign签名算法的多证书公钥基础设施(multi-certificate public key infrastructure,MCPKI)。对证书中所使用NTRUSign签名算法公钥的部分系数进行哈希运算,并在此基础上补全剩余系数得到一个新的公钥,然后依次循环此操作,将这些公钥对应的证书形成证书链,并将证书链应用到MCPKI场景中。该方案的提出为CA在数字证书的管理问题上提供了一种新思路,用户只需向CA申请一次,便可拥有证书链上的全部证书。与传统的公钥基础设施(public key infrastructure,PKI)相比,MCPKI实现了CA对证书更加高效的管理。在MCPKI中,不仅可以自发地进行证书替换,而且实现了证书的自签发与自撤销。
关键词 证书链;证书授权中心;NTRUSign;数字证书;公钥基础设施
基金项目 国家自然科学基金资助项目(61370188)
北京市支持中央高校共建项目—青年英才计划项目
中央高校基本科研业务费专项资金资助项目
本文URL http://www.arocmag.com/article/01-2018-08-045.html
英文标题 New design of public key infrastructure based on NTRUSign
作者英文名 Li Zichen, Liang Lan, Sun Yafei, Yang Yatao
机构英文名 1.SchoolofTelecommunicationsEngineering,XidianUniversity,Xi'an710071,China;2.BeijingInstituteofGraphicCommunication,Beijing102600,China;3.BeijingElectronicScience&TechnologyInstitute,Beijing100070,China
英文摘要 In order to improve the management efficiency of digital certificate of trusted third party:certificate authority (CA), this paper presented a multi-certificate public key infrastructure which was based on the NTRUSign signature scheme.This scheme hashed some coefficients of public key of NTRUSign, and completed the remaining coefficients of it to get a new public key.Then this scheme circulated the operation above and formed a certificate chain, which could apply to the MCPKI scenario.This scheme provided a new idea for the management of digital signature for CA.Users only need to apply to the CA once, then could have all the certificates on the certificate chain.Compared with traditional PKI, MCPKI achieved a more efficient management of certificate for CA.The scheme of MCPKI not only replaces the certificates spontaneously, but also realizes the self-signed and self-revoked of the certificate.
英文关键词 certificate chain; certificate authority center; NTRUSign; digital certificate; public key infrastructure
参考文献 查看稿件参考文献
  [1] 韩水玲, 马敏, 王涛, 等. 数字证书应用系统的设计与实现[J] . 信息网络安全, 2012(9):43-45.
[2] 李星宜, 李陶深, 崔杰, 等. 基于数字证书的身份认证系统的设计与实现[J] . 计算机技术与发展, 2011, 21(12):160-163.
[3] 林璟锵, 荆继武, 张琼露, 等. PKI技术的近年研究综述[J] . 密码学报, 2015, 2(6):487-496.
[4] Zhu Wentao, Lin Jingqiang. Generating correlated digital certificates:framework and applications[J] . IEEE Trans on Information Forensics & Security, 2016, 11(6):1117-1127.
[5] Ajtai M. Generating hard instances of lattice problems[C] //Proc of the 28th Annual ACM Symposium on Theory of Computing. New York:ACM Press, 1996:99-108.
[6] Goldreich O, Goldwasser S, Halevi S. Public-key cryptosystems from lattice reduction problems[C] //Proc of Annual International Cryptology Conference. Berlin:Springer-Verlag, 1997:112-131.
[7] Hoffstein J, Pipher J, Silverman J H. NTRU:a ring-based public key cryptosystem[C] //Proc of the 3rd International Algorithmic Number Theory Symposium. Berlin:Springer-Verlag, 1998:267-288.
[8] Surhone L M, Timpledon M T, Marseken S F. NTRUSign[M] . [S. l. ] :Betascript Publishing, 2010.
[9] Regev O. On lattices, learning with errors, random linear codes, and cryptography[C] //Proc of the 37th Annual ACM Symposium on Theory of Computing. New York:ACM Press, 2005:84-93.
[10] 胡予濮. 一个新型NTRU类数字签名方案[J] . 计算机学报, 2008, 31(9):1661-1665.
[11] Gentry C. Fully homomorphic encryption using ideal lattices[C] //Proc of the 41st Annual ACM Symposium on Theory of Computing. New York:ACM Press, 2009:169-178.
[12] 杨晓元, 吴立强, 张敏情, 等. 基于理想格的适应性选择密文安全公钥加密方案[C] //中国计算机网络与信息安全学术会议. 2011.
[13] 张卷美, 曹杰, 刘年义, 等. 一种基于NTRU新型签名方案的设计[J] . 四川大学学报:工程科学版, 2015, 47(1):49-53.
[14] 姚想良. NTRU签名研究和应用[D] . 成都:电子科技大学, 2010.
[15] Harn L, Ren Jian. Generalized digital certificate for user authentication and key establishment for secure communications[J] . IEEE Trans on Wireless Communications, 2011, 10(7):2372-2379.
[16] Wang Bing. Digital certificate application research of campus network[J] . Network Security Technology & Application, 2014(7):145-147.
[17] 郭金生. CA数字证书安全平台构建与研究[J] . 现代电子技术, 2010, 33(3):49-51.
[18] 牟宁波. NTRU加密算法的一类弱密钥研究[J] . 计算机应用研究, 2014, 31(9):2784-2787.
收稿日期 2017/5/17
修回日期 2017/6/28
页码 2421-2424
中图分类号 TP309
文献标志码 A