Page 274 - 《软件学报》2021年第9期
P. 274

2898                                 Journal of Software  软件学报 Vol.32, No.9,  September 2021

         方面的研究较少.因此,抗随机数后门攻击的密钥协商协议、签名算法、签密算法等方向都是未来的研究方向.
         最后,现有的抗随机数后门攻击密码算法大多数只能在随机预言模型下得到证明,在标准模型下可证明安全的
         抗随机数后门攻击密码算法为数不多.标准模型下,高效的抗随机数后门攻击密码算法还待进一步研究.


         References:
         [1]     Bellare M, Tackmann B. Nonce-based cryptography: Retaining security when randomness fails. In: Fischlin M, Coron JS, eds. Proc.
             of the Advances in Cryptology (EUROCRYPT 2016). Berlin: Springer-Verlag, 2016. 729−757. [doi:  10.1007/978-3-662-49890-
             3_28]
         [2]     Boldyreva A, Patton C, Shrimpton T. Hedging public-key encryption in the real world. In: Katz J, Shacham H, eds. Proc. of the
             Advances in Cryptology (CRYPTO 2017). Berlin: Springer-Verlag, 2017. 462−494. [doi: 10.1007/978-3-319-63697-9_16]
         [3]     Huang Z, Lai J, Chen W, Au MH, Peng Z, Li J. Hedged nonce-based public-key encryption: Adaptive security under randomness
             failures. In: Abdalla M, Dahab R, eds. Proc. of the Public-key Cryptography (PKC 2018). Berlin: Springer-Verlag, 2018. 253−279.
             [doi: 10.1007/978-3-319-76578-5_9]
         [4]     Rogaway P.  Nonce-based symmetric  encryption.  In:  Roy B, Meier  W,  eds. Proc. of  the Fast Software  Encryption (FSE 2004).
             Berlin: Springer-Verlag, 2004. 348−358. [doi: 10.1007/978-3-540-25937-4_22]
         [5]     Dodis Y, Ganesh C, Golovnev A, Juels A, Ristenpart T. A formal treatment of backdoored pseudorandom generators. In: Oswald E,
             Fischlin  M,  eds. Proc. of the  Advances in Cryptology  (EUROCRYPT 2015).  Berlin: Springer-Verlag, 2015. 101−126. [doi:  10.
             1007/978-3-662-46800-5_5]
         [6]     Zhang HG, Mao SW, Wu  WQ,  et  al. Overview  of  quantum computation complexity theory. Chinese  Journal  of Computers,
             2016,39(12):2403−2428 (in Chinese with English abstract).
         [7]     Shor PW. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Journal on
             Computing, 1997,26(5):1484−1509. [doi: 10.1137/S0097539795293172]
         [8]     Degabriele JP, Farshim P, Poettering B. A more cautious approach to security against mass surveillance. In: Leander G, ed. Proc. of
             the Fast Software Encryption (FSE 2015). Berlin: Springer-Verlag, 2015. 579−598. [doi: 10.1007/978-3-662-48116-5_28]
         [9]     Degabriele JP, Paterson  KG, Schuldt JCN,  Woodage J.  Backdoors in pseudorandom  number generators: Possibility  and
             impossibility results. In: Robshaw M, Katz J, eds. Proc. of the Advances in Cryptology (CRYPTO 2016). Berlin: Springer-Verlag,
             2016. 403−432. [doi: 10.1007/978-3-662-53018-4_15]
        [10]     Hoang VT, Katz J, O’Neill A, Zaheri M. Selective-opening security in the presence of randomness failures. In: Cheon J, Takagi T,
             eds. Proc. of the Advances in Cryptology (ASIACRYPT 2016). Berlin: Springer-Verlag, 2016. 278−306. [doi: 10.1007/978-3-662-
             53890-6_10]
        [11]     https://www.debian.org/security/2008/dsa-1571
        [12]     Heninger N, Durumeric Z, Wustrow E, et al. Mining your Ps and Qs: Detection of widespread weak keys in network devices. In:
             Proc. of the USENIX Security Symp., Vol.8. 2012. 1. [doi: 10.1179/026708401101517953]
        [13]     Fischlin M, Janson  C,  Mazaheri S.  Backdoored  Hash functions: Immunizing  HMAC  and  HKDF. In: Proc.  of the IEEE 31st
             Computer Security Foundations Symp. IEEE, 2018. 105−118. [doi: 10.1109/CSF.2018.00015]
        [14]     Auerbach B, Bellare M, Kiltz E.  Public-key encryption  resistant to  parameter  subversion and  its realization  from
             efficiently-embeddable groups. In: Abdalla M, Dahab R, eds. Proc. of the Public-key Cryptography (PKC 2018). Berlin: Springer-
             Verlag, 2018. 348−377. [doi: 10.1007/978-3-319-76578-5_12]
        [15]     Checkoway S, Niederhagen R, Everspaugh A, et al. On the practical exploitability of dual EC in TLS implementations. In: Proc. of
             the 23rd USENIX Security Symp. 2014. 319−335.
        [16]     Checkoway S, Maskiewicz J, Garman C, et al. A systematic analysis of the juniper dual EC incident. In: Proc. of the 2016 ACM
             SIGSAC Conf. on Computer and Communications Security. ACM, 2016. 468−479. [doi: 10.1145/2976749.2978395]
        [17]     Kamara  S, Katz  J. How  to encrypt with a malicious  random number  generator.  In: Nyberg K, ed.  Proc.  of the  Fast  Software
             Encryption (FSE 2008). Berlin: Springer-Verlag, 2008. 303−315. [doi: 10.1007/978-3-540-71039-4_19]
        [18]     Bellare M, Brakerski Z, Naor M, et al. Hedged public-key encryption: How to protect against bad randomness. In: Matsui M, ed.
             Proc. of the  Advances in  Cryptology (ASIACRYPT 2009).  Berlin: Springer-Verlag, 2009. 232−249. [doi: 10.1007/978-3-642-
             10366-7_14]
   269   270   271   272   273   274   275   276   277   278   279