基于Niederreiter编码的混合加密方案的改进

基于编码的密码方案具有抗量子的特性和较快的加解密速度，是当今抗量子密码方案的备用方案之一。现有基于编码的混合加密方案已经达到选择密文攻击不可区分（IND-CCA）安全，其缺点是加密收发双方共享秘密密钥的公钥尺寸较大。针对基于Niederreiter编码的混合加密方案公钥尺寸大的的问题，首先对Niederreiter编码方案的私钥进行随机拆分，然后对Niederreiter编码方案的明文进行随机拆分，最后对Niederreiter编码方案的加解密过程进行了改进。经过分析得出，改进方案的公钥尺寸小于Maurich方案的公钥尺寸，在80比特的安全级下，改进方案的公钥从原方案的4801比特降低到240比特；在128比特的安全级下，改进方案的公钥从原方案的9857比特降低到384比特。虽然改进后的方案比原方案过程复杂，但其存储代价和计算代价变小，方案的实用性增强。

Improvement of hybrid encryption scheme based on Niederreiter coding

Coding-based encryption scheme, with the advantages of anti-quantum feature and fast encryption and decryption speed, is one of the candidate schemes for anti-quantum cryptography. The existing coding-based hybrid encryption schemes have the INDistinguishability under Chosen Ciphertext Attack (IND-CCA) security, which have the disadvantage that the public key size used to encrypt the shared secret key of the sender and receiver is large. The problem of large size of public key in hybrid encryption scheme based on Niederreiter coding was solved by the following three steps. Firstly, the private key of Niederreiter coding scheme was randomly split. Then, the plaintext of Niederreiter coding scheme was split randomly. Finally, the encryption and decryption processes of Niederreiter coding scheme were improved. It is concluded through analysis that, the public key size of the improved scheme is less than that of Maurich scheme. Compared with Maurich scheme, the public key of the improved scheme is reduced from 4801 bits of the original scheme to 240 bits under the security level of 80 bits, and the public key of the improved scheme is reduced from 9857 bits to 384 bits under the security level of 128 bits. Although the improved scheme is more complicated than the original scheme, its storage cost and calculation cost are smaller, and the practicability of the improved scheme is enhanced.