可证明安全性理论与方法研究.pdf

1000-9825/2005/16(10)1743 ©2005 Journal of Software Vol.16, No.10 ∗ + (( ), 100080) Research on Theory and Approach of Provable Security FENG Deng-Guo+ (State Key Laboratory of Information Security (Institute of Software, The Chinese Academy of Sciences), Beijing 100080, China) + Corresponding author: Phn: +86-10 Fax: +86-10 E-mail: fdg@263.net, Received 2004-07-06; Accepted 2005-08-24 Feng DG. Research on theory and approach of provable security. Journal of Software, 2005,16(10):1743−1756. DOI: 10.1360/jos161743 Abstract : This paper presents a survey on the theory of provable security and its applications to the design and analysis of security protocols. It clarifies what the provable security is, explains some basic notions involved in the theory of provable security and illustrates the basic idea of random oracle model. It also reviews the development and advances of provably secure public-key encryption and digital signature schemes, in the random oracle model or the standard model, as well as the applications of provable security to the design and analysis of session-key distribution protocols and their advances. Key words: provable security; cryptosystem; security protocol; random oracle model; standard model : ,: , ,RO(random oracle) , ,. : ; ; ;RO(random oracle) ; : TP309 : A :(1) , ; ,10 ,;(2) , , ; . :(1)