DSTU 8961:2019在随机oracle模型中的分析

IF 0.2 Q4 ENGINEERING, ELECTRICAL & ELECTRONIC

Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia Pub Date : 2022-12-30 DOI:10.30837/rt.2022.4.211.02

S.O. Kandiy

{"title":"DSTU 8961:2019在随机oracle模型中的分析","authors":"S.O. Kandiy","doi":"10.30837/rt.2022.4.211.02","DOIUrl":null,"url":null,"abstract":"The paper provides a proof in the IND-CCA2 random oracle model of the security of the asymmetric encryption scheme described in the DSTU 8961:2019 standard, and the IND-CCA2 security of the corresponding key encapsulation mechanism. Since the standard contains only a technical description of transformations, a formalized mathematical model was introduced in Chapter 4 without unnecessary technical details that do not affect safety assessments. Since the system-wide parameters in the standard were chosen in such a way that the scheme did not contain decryption errors, it was possible to simplify significantly the proof. Section 5 provides a schematic overview of possible attack vectors on the DSTU 8961:2019, but a detailed analysis is the subject of further research. In addition to safety, the analysis also showed that the DSTU 8961:2019 has a certain disadvantage in terms of safety. The design can be significantly simplified and accelerated without loss of safety. Security, on the contrary, can be significantly increased.","PeriodicalId":41675,"journal":{"name":"Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia","volume":null,"pages":null},"PeriodicalIF":0.2000,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Analysis of DSTU 8961:2019 in random oracle model\",\"authors\":\"S.O. Kandiy\",\"doi\":\"10.30837/rt.2022.4.211.02\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The paper provides a proof in the IND-CCA2 random oracle model of the security of the asymmetric encryption scheme described in the DSTU 8961:2019 standard, and the IND-CCA2 security of the corresponding key encapsulation mechanism. Since the standard contains only a technical description of transformations, a formalized mathematical model was introduced in Chapter 4 without unnecessary technical details that do not affect safety assessments. Since the system-wide parameters in the standard were chosen in such a way that the scheme did not contain decryption errors, it was possible to simplify significantly the proof. Section 5 provides a schematic overview of possible attack vectors on the DSTU 8961:2019, but a detailed analysis is the subject of further research. In addition to safety, the analysis also showed that the DSTU 8961:2019 has a certain disadvantage in terms of safety. The design can be significantly simplified and accelerated without loss of safety. Security, on the contrary, can be significantly increased.\",\"PeriodicalId\":41675,\"journal\":{\"name\":\"Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.2000,\"publicationDate\":\"2022-12-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.30837/rt.2022.4.211.02\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"ENGINEERING, ELECTRICAL & ELECTRONIC\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.30837/rt.2022.4.211.02","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

摘要

本文在IND-CCA2随机oracle模型中证明了DSTU 8961:2019标准中描述的非对称加密方案的安全性，以及相应密钥封装机制的IND-CCA2安全性。由于该标准仅包含转换的技术描述，因此在第4章中引入了一个形式化的数学模型，没有不必要的技术细节，不会影响安全评估。由于标准中的系统范围参数的选择方式使该方案不包含解密错误，因此有可能大大简化证明。第5节提供了DSTU 8961:2019上可能的攻击向量的示意图概述，但详细分析是进一步研究的主题。除了安全性之外，分析还表明，DSTU 8961:2019在安全性方面存在一定的劣势。设计可以大大简化和加速，而不会失去安全性。相反，安全性可以显著提高。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Analysis of DSTU 8961:2019 in random oracle model

The paper provides a proof in the IND-CCA2 random oracle model of the security of the asymmetric encryption scheme described in the DSTU 8961:2019 standard, and the IND-CCA2 security of the corresponding key encapsulation mechanism. Since the standard contains only a technical description of transformations, a formalized mathematical model was introduced in Chapter 4 without unnecessary technical details that do not affect safety assessments. Since the system-wide parameters in the standard were chosen in such a way that the scheme did not contain decryption errors, it was possible to simplify significantly the proof. Section 5 provides a schematic overview of possible attack vectors on the DSTU 8961:2019, but a detailed analysis is the subject of further research. In addition to safety, the analysis also showed that the DSTU 8961:2019 has a certain disadvantage in terms of safety. The design can be significantly simplified and accelerated without loss of safety. Security, on the contrary, can be significantly increased.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia ENGINEERING, ELECTRICAL & ELECTRONIC-

自引率

33.30%

发文量