基于格的后量子密钥交换研究

Cryptosystems based on classical number-theoretical assumptions, such as integer factoring and discrete logarithm, can be broken by quantum algorithms efficiently in theory, while the rapid development of quantum computers is becoming threats of classical cryptosystems in practice. Thus, the design of post-quantum cryptosystems is an important (or even urgent) research direction of cryptography, wherein the most urgent is the need for post-quantum key exchange protocols, which is a hot topic in recent years. In this paper we mainly focus on the post-quantum protocols from computational hard problems on lattices, such as LWE, ring-LWE, and module-LWE, especially the most-basic unauthenticated key exchange protocols, such as BCNS15, NewHope/NewHope-simple, Frodo, and Kyber.KE. We will introduce the key techniques, the choice of parameters, communication costs, computation efficiency and security of these protocols.