Modulo Multiplication Group Group under multiplication modulo n

本文简要介绍了属性基加密(ABE)领域的核心概念,并深入探讨了模乘群(Modulo Multiplication Group)在该领域的应用,提供了一个清晰易懂的入门指南。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

好的,我可以为您写一段NTRU数字签名功能的MATLAB代码,不过在此之前我需要了解一些关于NTRU数字签名的知识,以便于更好地进行编码设计和测试。 NTRU数字签名是一种基于格的密码学签名方案,它是通过对一个向量多项式的系数进行转换和控制,来实现数字签名的安全性和效率。该方案使用了R-LWE(Ring-Learning with Errors)问题,这种问题是基于格的加密中的一种难题,由此实现了数字签名的安全性。 针对您的要求,我参考了已有的NTRU数字签名相关代码进行编写,以下是MATLAB代码,包括了密钥生成、签名过程和验证过程: ``` function [pk, sk] = ntru_keygen(N, p, q) % N: poly length % p: plaintext modulus % q: ciphertext modulus % holds: holds coefficients of private key polynomial % f: public key % generate Gaussian random polynomials f and g f = generate_poly(N, p); g = generate_poly(N, p); % calculate inverse of g [~,~,inv_g] = poly_gcd_ring(g,p); % calculate private key holds = mod(conv(f, inv_g), p); sk = {holds, g}; % calculate public key f_q = mod(conv(f,g),q); pk = {f_q, q}; end function ret = generate_poly(N, p) % Generates random polynomial mod p with coefficients in [-p/2, p/2]. ret = randi(p,N,1)-floor(p/2)'; end function [gcd, x, y] = poly_gcd_ring(a, p) % compute gcd of the polynomials a and x^p - x in the ring Zp[x] b = [1, zeros(1, p-1), -1]; [~, r] = poly_div_ring(a, b, p); if sum(r(1:p)) ~= 0 || numel(r) ~= p error('In poly_gcd_ring: unexpected result.'); end [p,q,~,gcd] = poly_ext_euclid_ring(a, b, p); i = find(sign(gcd) < 0, 1); gcd = mod(gcd, p); if ~isempty(i) && ~isempty(gcd) && sign(gcd(i)) < 0 gcd = -gcd; q = -q; end x = q(:,1); y = q(:,2); end function [q,r] = poly_div_ring(a,b,p) % polynomial division in the ring Zp[x] % Returns the quotient q and residual r, such that a = b*q + r] while numel(a) >= numel(b) && ~all(a==0) %a is longer than b shift = numel(a) - numel(b); a = mod(a, p); leading_coeff = mod(b(1) * modinv(b(1), p), p); a_coeff = mod(a(1) * modinv(b(1), p), p); quotient_coeff = mod(a_coeff * leading_coeff, p); quotient = [zeros(1,shift-1), quotient_coeff]; b_shifted = [zeros(1, shift), b]; a = mod(a - mod(conv(b_shifted, quotient), p), p); end q = a; r = mod(a, p); end function [p_qinv, qinv] = poly_ext_euclid_ring(a, b, p) % extended GCD in the polynomial ring Zp[x] % Given two polynomials a, b and a prime p, returns the Bezout coefficients p and q. % initialization p_qinv = {... {1, zeros(1, numel(b)-1)}; {zeros(1, numel(b)-1), 1}; }; r = {a; b}; while sum(r{end} ~= 0) q = poly_div_ring(r{end-1}, r{end}, p); r = [r, q]; p_qinv = [p_qinv, {poly_sub_ring(p_qinv{end-1}, poly_mul_ring(q, p_qinv{end}), p)}]; end qinv = p_qinv{end-1}; end function ret = modinv(value, modulus) % calculate inverse modulo modulus [~, r, s] = gcd(value, modulus); if r < 0 r = r + modulus; end ret = mod(s, modulus); if mod(value*ret,modulus) ~=1 error('In modinv: computing incorrect result.'); end end function ret = poly_sub_ring(a, b, p) % polynomial subtraction in the ring Zp[x] % Returns [a - b] mod ({x^p - x}) ret = mod([a, zeros(1,numel(b)-numel(a))] - [b, zeros(1,numel(a)-numel(b))], p); end function ret = poly_mul_ring(a, b) % polynomial multiplication in the ring Zp[x] n1 = numel(a) - 1; n2 = numel(b) - 1; x = zeros(1, n1+n2+1); for i = 1:n1+1 for j = 1:n2+1 x(i+j-1) = x(i+j-1) + a(i)*b(j); end end ret = x; end function [sig] = ntru_sign(message, sk) % sk: private key % f: public key % p: plaintext modulus % q: ciphertext modulus holds = sk{1}; g = sk{2}; % calculate polynomial h from message h = mod(-1 * message * holds, sk{2}); % add random polynomial e to h e = generate_poly(numel(h), sk{2}); h = mod(h + e, sk{2}); % calculate inverse of g [~,~,inv_g] = poly_gcd_ring(g,sk{2}); % calculate signature sig = mod(conv(h, inv_g), sk{2}); end function [result] = ntru_verif(message, sig, pk) % verifies NTRU signature--returns true if signature is valid, false otherwise. % sk: private key % f: public key % p: plaintext modulus % q: ciphertext modulus f_q = pk{1}; q = pk{2}; % calculate polynomial a from signature a = mod(sig .* f_q, q); % calculate inverse of f [~,~,inv_f] = poly_gcd_ring(f_q,q); % calculate polynomial b from message b = mod(inv_f .* message, q); % check if a = b result = isequal(a,b); end % Test example fprintf('Testing NTRU signature\n'); N = 10; p = 3; q = 7; % Generate keys [pk, sk] = ntru_keygen(N, p, q); % Set message message = [1, 0, 1, 1, 0, 1, 0, 0, 1, 1]; % Generate signature sig = ntru_sign(message, sk); % Verify signature verif = ntru_verif(message, sig, pk); if verif fprintf('Signature is valid!\n'); else error('Invalid signature'); end ``` 请尝试使用上述代码进行测试,同时也欢迎您提出宝贵的意见和建议,帮助我们改进和优化代码。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值