物理攻击下可证明安全的公钥密码算法研究

In traditional security proof, it is always assumed that adversaries can only observe the input and output behaviors of cryptographic algorithms and have no means to get any information about their secret states. In practice, however, the attackers can successfully extract partial secret information through various physical attacks, which poses new threats to the algorithms proven secure in the traditional model. According to the difference of attacking methods, physical attacks mainly consist of key-leakage attacks and key-tampering attacks. Motivated by the fact that crypto devices in practice may suffer from both kinds of attacks, this project intends to investigate the methods and techniques of resisting to these physical attacks from the algorithmic perspective. More precisely, the project mainly includes the following research contents: (1) Combining practical physical attacks, optimize the existing security notions against both key-leakage and tampering attacks, and further study the existence of cryptographic primitives achieving the corresponding notions and the transformation mechanism among different cryptographic primitives; (2) Study the methods of designing practical public-key cryptosystems that can resist against a wide range of physical attacks; (3) Based on our designed public-key schemes, explore the fundamental theory and methods of provable security under the scenario of physical attacks. Conclusively, the objective of the project is to comprehensively study the theoretical methods and techniques of resisting against physical attacks from the algorithmic perspective, and thus establish solid theoretical basis and technical supports for the security of cryptographic devices.

在传统的安全性证明中，通常假定攻击者只能观察到密码算法的输入和输出，而无法获得算法的任何秘密信息。然而，在现实生活中攻击者通过物理攻击可成功提取出部分秘密信息，这给传统意义下可证明安全的密码算法带来了新的安全威胁。根据攻击方式的不同，物理攻击主要包括密钥泄漏攻击和密钥篡改攻击。鉴于现实中密码设备会同时遭遇这两类攻击，本项目拟从算法层面研究同时抵御这两类物理攻击的理论方法和技术，主要内容包括：（1）结合实际攻击场景，优化完善已有抗密钥泄漏和篡改攻击的安全性定义，并进一步探讨相应安全性的可达性和不同密码原语在同一安全性下的转化机制；（2）研究高效且可抵御广泛物理攻击的公钥密码算法的设计方法；（3）结合所设计公钥密码方案，探讨物理攻击下的可证明安全理论与方法。本项目旨在从上述几个方面系统全面地研究从算法层面抵御物理攻击的理论方法与技术，从而为密码设备安全性提供坚实的理论基础和技术支撑。

随着密码学在现实生活中的广泛应用，密码算法在复杂应用或环境中面临一些新型信息泄露（如密钥泄露），这些信息给密码算法的安全性带来了新的威胁。针对此类问题，本项目主要研究了物理攻击下安全模型的建立，新模型下公钥密码算法的设计与分析，以及容忍一定信息泄露的可搜索加密的设计与分析等。围绕相关内容，本项目已取得一系列研究成果，其中包括：提出了一种新的抗泄露和篡改攻击的安全模型，并基于新提出的公钥可延展哈希证明系统设计了一个在新模型下可证明安全的公钥加密算法；提出了一种身份基可撤销加密的变体，并基于此给出了一种公钥可穿刺加密的通用构造方法；提出了准动态哈希证明系统的概念，同时为其定义了两个新型统计性质，并由此构造了首个高效、（安全损失小的）紧致规约安全的抗泄露公钥加密方案；提出了对称可撤销加密的概念，并基于此设计了第一个非交互且满足强后向安全的可搜索加密方案；针对多用户可搜索加密，提出了一种抗合谋攻击的安全模型，并基于集合约束的伪随机函数提出了一种支持多用户的非交互可搜索加密方案。截至目前，项目组共发表学术论文11篇，其中包括CCF推荐A类期刊/会议CRYPTO、TDSC，以及CCF推荐B类会议NDSS、PKC等。相关成果为复杂环境中的用户数据隐私保护提供了坚实的理论基础和技术支撑。