CAREER: Efficient Cryptography with Provable Security Guarantees

职业：具有可证明安全保证的高效密码学

• 批准号: 0093065
• 负责人: Alexander Russell
• 金额: $ 30.5万
• 依托单位: University of Connecticut
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2001
• 资助国家: 美国
• 起止时间: 2001-09-01 至 2006-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0093065&HistoricalAwards=false
• 关键词: CAREER; Efficient; Cryptography; Provable; Security

This research develops efficient cryptographic tools which offer provable security guarantees. Such tools rectify the widely-recognized deficiency associated with extant provably-secure cryptosystems: their prohibitive computing demands. Indeed, despite the highly amplified security offered by provably-secure systems, efficiency considerations have prevented their widespread adoption; as a result, tools in common use typically involve ad-hoc methods designed with speed, rather than security, as their first priority. This re-search resolves this difficulty, constructing cryptographic tools (like encryption engines, digital signature schemes, and pseudo-random generators) which can simultaneously boast provable security guarantees and competitive efficiency. This program is undertaken in concert with an educational initiative which develops security and general information technology course material at the University of Connecticut. Security in provably-secure constructions is generally accumulated by repeated application of some underlying cryptographic primitive (a one-way function, for example). For a fixed underlying primitive, the computing time required to "generate enough security" to, say, encrypt a long message, depends essentiallyon (i.) the quantity of security which can be quickly extracted from a single application of the underlying primitive, and (ii.) the total quantity of security necessary for the encryption process. This research ad-dresses both of these issues, developing provably-secure frameworks for cryptography which fully exploit the security capacity of underlying primitives and utilize this distilled security in the most effective manner.Issue (i.) is addressed by the development of quantitative bounds for the security capacity of one-way functions and bounds on the computational complexity of extracting security from general one-way functions. Issue (ii.) is addressed by the development of a new family of cryptographic primitives, balancing provable security and competitive efficiency. For encryption, a focal point of the research, this is attained by coupling strong (information-theoretic) pseudo-random constructions with semantically secure encryption machinery. Such methods have direct applicability to encryption, cryptographically strong hashing, and pseudo

这项研究开发了高效的加密工具，提供可证明的安全保证。此类工具纠正了与现有可证明安全的密码系统相关的广泛认可的缺陷：其令人望而却步的计算需求。 事实上，尽管可证明安全的系统提供了高度增强的安全性，但效率方面的考虑阻碍了它们的广泛采用。因此，常用的工具通常涉及以速度而非安全性为首要考虑的临时方法。 这项研究解决了这个难题，构建了可以同时拥有可证明的安全保证和竞争效率的加密工具（如加密引擎、数字签名方案和伪随机生成器）。该计划是与康涅狄格大学开发安全和通用信息技术课程材料的教育计划相结合的。 可证明安全结构中的安全性通常是通过重复应用某些底层加密原语（例如单向函数）来积累的。对于固定的底层原语，“生成足够的安全性”以加密长消息所需的计算时间本质上取决于（i.）可以从底层原语的单个应用程序中快速提取的安全性数量，以及(ii.) 加密过程所需的安全总量。 这项研究解决了这两个问题，开发了可证明安全的密码学框架，充分利用底层原语的安全能力，并以最有效的方式利用这种提炼的安全性。问题（i.）是通过定量界限的发展来解决的单向函数的安全能力以及从一般单向函数中提取安全性的计算复杂性的界限。 问题 (ii.) 通过开发新的密码原语系列来解决，平衡可证明的安全性和竞争效率。对于加密这一研究的焦点，这是通过将强（信息论）伪随机结构与语义安全加密机制相结合来实现的。这些方法可直接应用于加密、强密码散列和伪加密。