零密钥认证与零知识证明分析

2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC) Pub Date : 2022-10-01 DOI:10.1109/CyberC55534.2022.00012

Huan Lin, Zhehan Wang, Tong Xu, S. Zhou, Yang Hong, Jun Steed Huang

{"title":"零密钥认证与零知识证明分析","authors":"Huan Lin, Zhehan Wang, Tong Xu, S. Zhou, Yang Hong, Jun Steed Huang","doi":"10.1109/CyberC55534.2022.00012","DOIUrl":null,"url":null,"abstract":"Recently passwordless authentication such as zero-key authentication or zero-knowledge access control is becoming popular among businesses prioritizing their users' and employees' security and digital experience. A challenge-response mechanism and public key infrastructure (PKI) cryptography are employed to perform the zero-key authentication or zero- knowledge access control that authorizes user access to an online service without a password or any shared secret required. Using a large quantum computer, a quantum algorithm could break the hard mathematical problems underlying PKI. The National Institute of Standards and Technology (NIST) has launched a program and competition to standardize one or more post-quantum cryptographic (PQC) algorithms to fight against quantum attacks. In this paper, we have conducted the first-ever mathematical analysis of lattice-based and polynomial-based PQC by introducing the relationship between automorphism and homomorphism. This analysis can help enterprises and organizations leverage NIST-selected PQC algorithms to safeguard their online services from quantum attacks. We performed the simulation to illustrate brute force broken probability for polynomial-based or multivariate-based PQC to validate our mathematical analysis of PQC.","PeriodicalId":234632,"journal":{"name":"2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Analysis of Zero-Key Authentication and Zero-Knowledge Proof\",\"authors\":\"Huan Lin, Zhehan Wang, Tong Xu, S. Zhou, Yang Hong, Jun Steed Huang\",\"doi\":\"10.1109/CyberC55534.2022.00012\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently passwordless authentication such as zero-key authentication or zero-knowledge access control is becoming popular among businesses prioritizing their users' and employees' security and digital experience. A challenge-response mechanism and public key infrastructure (PKI) cryptography are employed to perform the zero-key authentication or zero- knowledge access control that authorizes user access to an online service without a password or any shared secret required. Using a large quantum computer, a quantum algorithm could break the hard mathematical problems underlying PKI. The National Institute of Standards and Technology (NIST) has launched a program and competition to standardize one or more post-quantum cryptographic (PQC) algorithms to fight against quantum attacks. In this paper, we have conducted the first-ever mathematical analysis of lattice-based and polynomial-based PQC by introducing the relationship between automorphism and homomorphism. This analysis can help enterprises and organizations leverage NIST-selected PQC algorithms to safeguard their online services from quantum attacks. We performed the simulation to illustrate brute force broken probability for polynomial-based or multivariate-based PQC to validate our mathematical analysis of PQC.\",\"PeriodicalId\":234632,\"journal\":{\"name\":\"2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)\",\"volume\":\"59 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CyberC55534.2022.00012\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CyberC55534.2022.00012","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

最近，在优先考虑用户和员工的安全和数字体验的企业中，零密钥认证或零知识访问控制等无密码认证越来越受欢迎。使用质询-响应机制和公钥基础设施(PKI)加密技术来执行零密钥认证或零知识访问控制，授权用户访问在线服务而无需密码或任何共享秘密。使用大型量子计算机，量子算法可以打破PKI背后的困难数学问题。美国国家标准与技术研究院(NIST)发起了一项计划和竞赛，旨在标准化一种或多种后量子加密(PQC)算法，以对抗量子攻击。在本文中，我们通过引入自同态和同态的关系，首次对基于格和多项式的PQC进行了数学分析。这种分析可以帮助企业和组织利用nist选择的PQC算法来保护他们的在线服务免受量子攻击。我们进行了仿真来说明基于多项式或基于多变量的PQC的蛮力破坏概率，以验证我们对PQC的数学分析。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Analysis of Zero-Key Authentication and Zero-Knowledge Proof

Recently passwordless authentication such as zero-key authentication or zero-knowledge access control is becoming popular among businesses prioritizing their users' and employees' security and digital experience. A challenge-response mechanism and public key infrastructure (PKI) cryptography are employed to perform the zero-key authentication or zero- knowledge access control that authorizes user access to an online service without a password or any shared secret required. Using a large quantum computer, a quantum algorithm could break the hard mathematical problems underlying PKI. The National Institute of Standards and Technology (NIST) has launched a program and competition to standardize one or more post-quantum cryptographic (PQC) algorithms to fight against quantum attacks. In this paper, we have conducted the first-ever mathematical analysis of lattice-based and polynomial-based PQC by introducing the relationship between automorphism and homomorphism. This analysis can help enterprises and organizations leverage NIST-selected PQC algorithms to safeguard their online services from quantum attacks. We performed the simulation to illustrate brute force broken probability for polynomial-based or multivariate-based PQC to validate our mathematical analysis of PQC.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)

自引率

0.00%

发文量