4416                                                      软件学报  2025  年第  36  卷第  10  期


                 [26]   Jin ZZ, Zhao YL. Generic and practical key establishment from lattice. In: Deng RH, Gauthier-Umana V, Ochoa M, Yung M, eds. Proc.
                     of the 17th Int’l Conf. on Applied Cryptography and Network Security. Bogota: Springer, 2019. 302–322. [doi: 10.1007/978-3-030-21568-
                     2_15]
                 [27]   Zhang J, Yu Y, Fan SQ, Zhang ZF, Yang K. Tweaking the asymmetry of asymmetric-key cryptography on lattices: KEMs and signatures
                     of smaller sizes. In: Kiayias A, Kohlweiss M, Wallden P, Zikas V, eds. Proc. of the 23rd IACR Int’l Conf. on Practice and Theory of
                     Public-key Cryptography. Edinburgh: Springer, 2020. 37–65. [doi: 10.1007/978-3-030-45388-6_2]
                 [28]   Chinese Association for Cryptologic Research. Public key algorithms selected to the second round competition of national cryptographic
                     algorithm competitions. 2020 (in Chinese). http://sfjs.cacrnet.org.cn/site/term/list_77_1.html
                 [29]   Chinese  Association  for  Cryptologic  Research.  Announcement  of  the  selection  results  of  the  national  cryptographic  algorithm
                     competition. 2020 (in Chinese). https://www.cacrnet.org.cn/site/content/854.html
                 [30]   Micciancio D. Generalized compact knapsacks, cyclic lattices, and efficient one-way functions. Computational Complexity, 2007, 16(4):
                     365–411. [doi: 10.1007/s00037-007-0234-9]
                 [31]   Bruna J, Regev O, Song MJ, Tang Y. Continuous LWE. In: Proc. of the 53rd Annual ACM SIGACT Symp. on Theory of Computing.
                     ACM, 2021. 694–707. [doi: 10.1145/3406325.3451000]
                 [32]   Gupte A, Vafa N, Vaikuntanathan V. Continuous LWE is as hard as LWE & applications to learning Gaussian mixtures. In: Proc. of the
                     63rd  IEEE  Annual  Symp.  on  Foundations  of  Computer  Science.  Denver:  IEEE,  2022.  1162–1173.  [doi: 10.1109/FOCS54457.2022.
                     00112]
                 [33]   Peikert  C.  An  efficient  and  parallel  Gaussian  sampler  for  lattices.  In:  Rabin  T,  ed.  Proc.  of  the 30th  Annual  Cryptology  Conf.  on
                     Advances in Cryptology (CRYPTO 2010). Santa Barbara: Springer, 2010. 80–97. [doi: 10.1007/978-3-642-14623-7_5]
                 [34]   Gentry C, Peikert C, Vaikuntanathan V. Trapdoors for hard lattices and new cryptographic constructions. In: Proc. of the 40th Annual
                     ACM Symp. on Theory of Computing. Victoria: ACM, 2008. 197–206. [doi: 10.1145/1374376.1374407]
                 [35]   Micciancio D, Regev O. Worst-case to average-case reductions based on Gaussian measures. SIAM Journal on Computing, 2007, 37(1):
                     267–302. [doi: 10.1137/S0097539705447360]
                 [36]   Applebaum B, Cash D, Peikert C, Sahai A. Fast cryptographic primitives and circular-secure encryption based on hard learning problems.
                     In: Halevi S, ed. Proc. of the 29th Annual Int’l Cryptology Conf. on Advances in Cryptology (CRYPTO 2009). Santa Barbara: Springer,
                     2009. 595–618. [doi: 10.1007/978-3-642-03356-8_35]

                 附中文参考文献:
                 [28]   中国密码学会. 全国密码算法设计竞赛进入第      2  轮公钥算法. 2020. http://sfjs.cacrnet.org.cn/site/term/list_77_1.html
                 [29]   中国密码学会. 关于全国密码算法设计竞赛算法评选结果的公示. 2020. https://www.cacrnet.org.cn/site/cont-ent/854.html


                             王洋(1990－), 男, 博士, 助理研究员, 主要研究                王明强(1970－), 男, 博士, 教授, 博士生导师, 主
                            领域为格密码, 量子信息, 量子计算.                          要研究领域为公钥密码算法的分析与设计, 椭圆
                                                                         曲线, 格密码, 量子信息, 量子计算.