生成元相关的三重迭代置换的伪随机性

研究了当生成元相关情形时,三重迭代置换的伪随机性,并证明了Ψ~3(f·f,g)及Ψ~3(f,g,g)是伪随机置换。     

ψ函数的超伪随机性证明及其应用

本文解决了文献（５）提出了一个未决问题ψ（ｆ，ｆ＾２，ｆ，ｆ，ｆ）是超伪随机置换，证明了该置换能抵抗Ｏ（２＾６０）阶选择明文一密文攻击，并利用已证明的结果构造安全的消息认证码。     

适用于准循环LDPC码译码器的新型循环移位置换结构设计

循环移位置换单元是准循环LDPC码的部分并行译码器的重要组成部分。该文研究并证明了Reverse Banyan交换结构在实现信息循环移位时各个基本交换单元的连接规律。基于该规律设计了基于可预置选路算法的无阻塞循环移位置换结构。相比Benes交换结构和Reverse Banyan交换结构,提高了信息循环移位交换的速率,且占用较少的硬件资源和面积。最后设计了一个出线转换单元,该单元适用于各种循环移位交换结构。     

Lai-Massey结构伪随机特性研究

该文深入研究了Lai-Massey结构的伪随机特性。首先,证明了基于仿射几乎正形置换设计的3轮Lai- Massey模型并不具有伪随机特性,给出了Lai-Massey结构设计者所得结论的一个反例。其次,证明了双射为任意正形置换时,至少3轮Lai-Massey结构才具有伪随机特性;证明了双射为仿射正形置换时,至少4轮的Lai-Massey结构才具有超伪随机特性。结论表明,为构造伪随机特性更好的Lai-Massey结构实例,双射最好设计为非线性的正形置换或几乎正形置换。     

基于伪随机置换的朋友发现系统

近年来,随着移动社交软件的迅速发展,便携式移动终端已经渗透到人们生活的方方面面。在这些软件中,人们经常用到其中的一项功能—朋友发现,但是目前这个功能对于用户并不安全,大量隐私信息被云服务商所获取。针对此现象,文章基于目前隐私集合比较的现状,运用伪随机置换和安全多方计算协议并加以改进,设计出基于伪随机置换的朋友发现系统,本系统使用户找到他们集合的交集而且不泄露除交集以外的信息,具有一定推广价值。     

基于线性反馈移位寄存器和分组密码的伪随机数生成方法

随机数在信息安全中起着非常重要的作用。对基于线性反馈移位寄存器的两类随机数生成算法进行了研究,发现这两类算法生成的随机数具有很好的随机性,但其安全性没有考虑。在此基础上,结合线性反馈移位寄存器与高级加密标准(AES, Advanced Encryption Standard),提出了一种产生伪随机数的算法,并对新算法的安全性和随机性进行了分析。分析发现新算法所产生的随机数具有很好的随机性,其安全性依赖于AES的安全性。     

随机置换的有关概率问题

基于随机选取0,1,…n?1的置换建立了概率模型,求出了这种随机选取意义下置换后Zn中点与原相邻点之间距离(简称距离)的分布律以及距离为a(1≤a≤n?1)的点个数的数学期望与方差,当距离a和置换阶数n互素时,得到了距离为a的点个数的分布律。依据这些结论分析了随机置换的相关密码安全性问题,对在密码设计中采用全距置换的意义提供了新的解释。     

基于变结构混沌的伪随机序列发生器

为产生随机性能良好的伪随机序列,提出了一个新的变结构混沌系统。该混沌系统在一个开关函数控制下其系统结构随时间随机地转换,所产生的混沌信号是两个不同的混沌信号的混合,具有良好的复杂性。基于该变结构混沌系统设计了一种伪随机序列发生器,采用NIST标准和STS-2．0b测试套件对其产生的伪随机序列进行了统计性能测试,测试结果表明该伪随机序列发生器具有良好的随机性,可应用于计算机、通信、信息加密等领域中。     

一种基于循环移位矩阵的LDPC码构造方法

具有准循环结构的低密度奇偶校验码(QC-LDPC Codes)是目前被广泛采用的一类LDPC码。本文提出了一种结合PEG算法构造基于循环移位矩阵的QC-LDPC码的方法。该方法首先将QC-LDPC码传统的基于比特的二分图简化为基于Block的二分图,然后在该图中采用PEG算法遵循的环路最大原则确定每一个循环移位矩阵的位置,最后根据QC-LDPC码的环路特性为每一个循环移位矩阵挑选循环移位偏移量。利用该算法,本文构造了长度从1008bit到8064bit,码率从1/2到7/8各种参数的LDPC码。仿真结果表明,本文构造的LDPC码性能优于目前采用有限几何、两个信息符号的RS码、组合数学等常用的代数方法构造的QC-LDPC码。     

基于移位矩阵优化的LDPC码构造

环的存在对准循环LDPC（Low Density Parity Code）码的译码效率造成很大影响,拥有尽可能好的girth分布的校验矩阵对于码的性能改善有着重要的意义。首先对准循环LDPC码校验矩阵的girth分布进行分析,然后在母矩阵和移位矩阵之间设定一个合理的约束关系,使得构造后的校验矩阵最小环长及平均最小环长追求最大化,最后提出了一种易于实现的具有高girth的QC-LDPC（Quasi cyclic-Low Density Parity Code）码构造方法。仿真结果表明,该方法尽量减少码中的短循环,能构造实用化的好码。     

Certifying Permutations: Noninteractive zero-knowledge based on any trapdoor permutation

In cryptographic protocols it is often necessary to verify/certify the tools in use. This work demonstrates certain subtleties in treating a family of trapdoor permutations in this context, noting the necessity to check certain properties of these functions. The particular case we illustrate is that of noninteractive zero-knowledge. We point out that the elegant recent protocol of Feige, Lapidot, and Shamir for proving NP statements in noninteractive zero-knowledge requires an additional certification of the underlying trapdoor permutation, and suggest a method for certifying permutations which fills this gap.A preliminary version of this paper appeared in Advances in Cryptology—Crypto 92 Proceedings, Lecture Notes in Computer Science, Vol. 740, E. Brickell, ed., Springer-Verlag, Berlin, 1992. This work was done while Mihir Bellare was at the IBM T.J. Watson Research Center, Yorktown Heights, NY.     

关于正形置换的构造

本文主要介绍了构造正形置换的一些方法。     

基于多时间服务器的时控性加密体制研究

时控性加密(TRE)是一种被称为“向未来发送消息”的密码原语,接收方在未来指定时间之前无法解密密文。目前,大部分TRE方案采用非交互式单时间服务器方法,系统用户能够正常解密,依赖于单一时间服务器在预定解密时间计算并广播的时间陷门。如果单一的时间服务器遭受攻击,或被腐败,则容易直接威胁TRE的安全应用。因此,需要将1个时间服务器“分散”成多个。但已有多时间服务器TRE方案既没有给出安全性分析,也没有给出严格的安全性证明。为此,该文给出一种随机预言机模型下基于双线性迪菲·赫尔曼(BDH)问题的多时间服务器的TRE模型MTSTRE,构造出一种可证明安全的具体和通用方案,并严格证明所提具体方案在自适应选择明文攻击下是安全的。效率分析表明,与已有最有效的多时间服务器TRE解决方案相比,所提具体方案的计算效率也略有提高。     

The Impossibility of Basing One-Way Permutations on Central Cryptographic Primitives

We know that trapdoor permutations can be used to construct all kinds of basic cryptographic primitives, including trapdoor functions, public-key encryption, private information retrieval, oblivious transfer, key agreement, and those known to be equivalent to one-way functions such as digital signature, private-key encryption, bit commitment, pseudo-random generator and pseudo-random functions. On the other hand, trapdoor functions are not as powerful as trapdoor permutations, so the structural property of permutations seems to be something special that deserves a more careful study. In this paper we investigate the relationships between one-way permutations and all these basic cryptographic primitives. Following previous works, we focus on an important type of reductions called black-box reductions. We prove that no such reductions exist from one-way permutations to either trapdoor functions or private information retrieval. Together with previous results, all the relationships with one-way permutations have now been established, and we know that no such reductions exist from one-way permutations to any of these primitives except trapdoor permutations. This may have the following meaning, with respect to black-box reductions. We know that one-way permutations imply none of the primitives in "public cryptography," where additional properties are required on top of "one-wayness" \cite{IR89}, so permutations cannot be traded for any of these additional properties. On the other hand, we now know that none of these additional properties can be traded for permutations either. Thus, being a permutation seems to be something orthogonal to those additional properties on top of one-wayness. Like previous non-reducibility results, our proofs follow the oracle separation paradigm of Impagliazzo and Rudich.     

一个基于CPK的高效签密方案

基于组合公钥原理,该文提出一个新的签密方案CPK-SC,抛弃了传统基于身份签密方案中的配对运算,并通过使用对称密码算法解决了传统基于身份签密方案只能处理定长消息的限制。与已有的基于双线性对的签密方案相比,CPK-SC方案计算量小、生成密文短,适用于计算和通信资源受限环境,具有广泛的应用前景。在判定性Diffie-Hellman(DDH)假设下,论文通过随机预言模型证明了CPK-SC的安全性。     

基于图像旋转相关的空间目标ISAR等效旋转中心估计算法

为了消除逆合成孔径雷达(ISAR)越分辨单元徙动(MTRC)引起的图像散焦,需要估计目标的等效旋转中心。该文以空间目标为研究对象,提出了一种基于图像旋转相关的ISAR旋转中心估计算法。首先,分析了ISAR的瞬时成像机理;其次,将采用相同运动补偿后的回波数据分段成像,得到不同视角的2幅图像;然后,基于定标后的图像像素旋转和图像相关,估计等效旋转中心。当假定的等效旋转中心与真实的旋转中心一致时,2幅图像相关性最大,据此得到旋转中心位置。仿真实验表明,该算法能够有效利用图像整体信息,估计出高精度的目标等效旋转中心,利于提高成像质量。     

Construction and Count of 1-Resilient Rotation Symmetric Boolean Functions on pr Variables

Construction and count of 1-resilient Rotation symmetric Boolean functions （RSBFs） on pr variables are demonstrated. It is proved that constructions of 1-resilient RSBFs on pr variables are equivalent to solving an equation system. An accurate enumeration formula of all 1-resilient RSBFs on pr variables is also proposed. Some examples are given, and the exact numbers of 1-resilient RSBFs on 8 and 9 variables are obtained respectively.     

构造具有良好密码学性质的旋转对称布尔函数

该文提出构造具有良好密码学性质的2m元旋转对称布尔函数的新方法。该类函数是平衡的,具有最大代数免疫度、最优代数次数和高非线性度,是一类能够同时满足多种密码学指标的优良函数。     

Construction and Count of 1-Resilient Rotation Symmetric Boolean Functions on 4p Variables

This paper studies the properties of orbit matrix and gives a formula to compute the number of these orbit matrices on 4p variables, where p is an odd prime. It has been demonstrated that the construction of 1-resilient Rotation symmetric Boolean functions (RSBFs) on 4p variables is equivalent to solving an equation system. By the proposed method, all 1-resilient RSBFs on 12 variables can be constructed. We present a counting formula for the total number of all 1-resilient RSBFs on 4p variables. As application of our method, some 1-resilient RSBFs on 12 variables are presented.     

On the Construction of Pseudorandom Permutations: Luby—Rackoff Revisited

Luby and Rackoff [26] showed a method for constructing a pseudorandom permutation from a pseudorandom function. The method is based on composing four (or three for weakened security) so-called Feistel permutations, each of which requires the evaluation of a pseudorandom function. We reduce somewhat the complexity of the construction and simplify its proof of security by showing that two Feistel permutations are sufficient together with initial and final pairwise independent permutations. The revised construction and proof provide a framework in which similar constructions may be brought up and their security can be easily proved. We demonstrate this by presenting some additional adjustments of the construction that achieve the following: • Reduce the success probability of the adversary. • Provide a construction of pseudorandom permutations with large input-length using pseudorandom functions with small input-length. Received 2 August 1996 and revised 26 July 1997