Ajtai和Dwork构造了一种概率公用密钥体系.这种密码系统的安全性建立在一种格问题复杂性的最坏情形上.该文的结果证明这种密码系统是很容易被误用的.如果这种系统被用于广泛使用的key-escrow体系中(特别是美国的一些体系中),密码系统的终端用户就可以利用这种误用来传送一些非法信息,而不必担心安全机构通过构造用户的密钥来破译这些非法信息.同样地,这种密码系统的终端用户也必须相信密码系统的制造商,因为非法制造商制造的加密或解密系统在用户一无所知的情况下,可利用这种误用把用户的密钥泄漏出去.%Ajtai and Dwork have introduced a probabilistic public-key encryption scheme which is secure under the assumption that a certain computational problem on lattices is hard on the worst-case. In this paper, the author demonstrates how Ajtai-Dwork cryptosystem can be abused. Using this kind of abuses, users can communicate secrets in a key escrowed Ajtai-Dwork cryptosystem without fearing that their secrets will be revealed later by reconstructing their escrowed private-keys. However, it is also shown that users have to trust their implementers because unscrupulous implementers of Ajtai-Dwork cryptosystem may leak their private-keys without their awareness. The author shows how one can make Ajtai-Dwork cryptosystem abuse-free.
展开▼
