| 引用本文: |
-
杨亚涛,张思瑶,陈亮宇,刘国鑫.全同态加密算法FINAL自举模块的优化设计[J].信息安全学报,已采用 [点击复制]
- Yang Ya-tao,ZHANG Siyao,CHEN Liangyu,LIU Guoxin.Optimization on Bootstrapping Module in FINAL Fully Homomorphic Encryption Algorithm[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 构建基于格问题的密码系统已成为当前后量子密码领域中的一项关键技术,特别是基于NTRU问题构建的高效全同态加密方案,因其在性能和安全性方面的显著优势,受到了学术界的广泛关注。然而,当前的研究表明,在实现同态操作的过程中,现有的方案普遍需要对NTRU问题中的参数进行“过度拉伸”,这一操作会增加方案受到格基攻击的风险。为了解决NTRU参数过度拉伸所引发的安全性问题,同时进一步提高自举模块的运算速度,本文针对基于NTRU和 LWE问题构造的全同态加密方案 FINAL,提出一种利用NTWE问题的特性对FINAL方案自举模块中密钥切换部分进行优化的方案。与仅基于 NTRU 和LWE问题的FINAL方案相比,本文方案具有更小、更紧凑的结构,同时在参数选择方面还提供了更强的灵活性。安全性方面,在NTRU问题的决策性变体假设下,通过设置低于NTRU问题“疲劳点”的参数,本方案证明了其抵抗选择明文攻击的安全性。通过运算性能分析,本文提出的自举算法运算速度比 FINAL 方案快17%,比 TFHE 算法快39%。此外,与FINAL方案相比,本文方案缩减了密钥的长度,降低至37.4 MB。在保持高效性的同时,本文进一步提升了方案的灵活性和安全性,具有较好的应用前景。 |
| 关键词: 全同态加密 自举 密钥切换 NTRU LWE TFHE |
| DOI: |
| 投稿时间:2024-05-10修订日期:2024-08-30 |
| 基金项目:北京市自然科学基金 |
|
| Optimization on Bootstrapping Module in FINAL Fully Homomorphic Encryption Algorithm |
|
Yang Ya-tao1, ZHANG Siyao2, CHEN Liangyu2, LIU Guoxin2
|
| (1.Beijing Electronics Science and Technology Institute;2.Beijing Electronic Science and Technology Institute) |
| Abstract: |
| Constructing cryptographic systems based on lattice problems has become a key technology in the current field of post-quantum cryptography. Notably, the development of efficient fully homomorphic encryption (FHE) schemes, particularly those constructed over the Number Theory Research Unit (NTRU) problem, has garnered widespread attention from the academic community due to their significant advantages in performance and security. However, most of the existing proposals need the so-called 'overstretched' parameters of NTRU problem to enable homomorphic operations, thereby increasing the risk of the system being subjected to lattice-based attacks. To address the security issues arising from the overstretching of NTRU parameters and to further accelerate the computational speed of the bootstrapping module, an optimization scheme has been proposed for the key switching part within the FHE scheme known as FINAL, which is constructed based on the NTRU problem and Learning with Errors (LWE) problems. And this optimization leverages the characteristics of the NTWE problem, which can be seen as a natural combination of the NTRU and module-LWE problems. The proposed schemes based on the NTWE problem have a smaller and more compact structure compared to schemes based solely on NTRU problem. Furthermore, the parameter selection in NTWE-based schemes offers greater flexibility compared to schemes based solely on LWE problem. In terms of security, the scheme is proven to be resistant to the chosen-plaintext attacks under a standard hybrid argument of the decisional NTRU problem by setting parameters that are below the ‘fatigue point’. A computational performance analysis has revealed that the bootstrapping algorithm, which has been optimized, is operates at a speed 17% faster than the FINAL scheme and 39% faster than the TFHE scheme. In addition, the proposed scheme reduces the key length from 71 MB to 37.4 MB. By reducing the key length while simultaneously enhancing flexibility and security, the proposed scheme exhibits promising prospects for practical applications. |
| Key words: fully homomorphic encryption algorithm bootstrapping key switching number theory research unit learning with errors fully homomorphic encryption over the torus |
