来 学嘉 教授
主页：
办公室电话：+86-21-3420-5440
办公地点：SEIEE-3-423
电子邮件：lai-xj@cs.sjtu.edu.cn
实验室： 信息安全理论实验室


研究兴趣
教育背景
工作经验
教授课程
论文发表
项目资助
获奖信息
学术服务


Block cipher design and analysis
Hash functions
DNA computing and DNA cipher
White-box cryptography
Terminal security in cloud
One-Time-Password system

B.Sc. In El. Ing. In 1982, Xidian Univ.
M.Sc. Math. In 1984 at the Xidian Univ.
Ph.D. of sc. Techn in 1992 at ETH Zurich

93: R3 security engineering
97: Entrust Tech.
01: SWIS Group
04: SJTU

Crypto Engineering
Discrete Mathematics
Cryptography and Computer Security
IT-security Standard

1. MC公钥密码体制，电子学报, 1986, 14(4): 91～ 94
2. X. Lai, Condition for the Nonsingularity of a Feedback Shift-Register over a General Finite Field'', IEEE Trans. Info. Th., IT-33, No. 5, pp. 747--749, September 1987.
3. X. Lai and J. L. Massey, `''A Proposal for a New Block Encryption Standard'', Advances in Cryptology -- EUROCRYPT'90, Proceedings, LNCS 473, pp. 389-404, Springer-Verlag, Berlin, 1991.
4. H.Bonnenberg, A.Curiger, X. Lai, N.Felber, H.kaeslin, ''VLSI Implementation of a New Block Cipher'', Proceedings of ICCD'91, pp 510--513, WASHINGTON, 1991, IEEE Computer Society Press.
5. X. Lai, J. L. Massey and S. Murphy, ''Markov Ciphers and Differential Cryptanalysis'', Advances in Cryptology -- EUROCRYPT'91, Proceedings, LNCS 547, pp. 17-38, Springer-Verlag, Berlin, 1992.
6. X. Lai and J. L. Massey, ''Hash Functions based on Block Ciphers'', Advances in Cryptology -- EUROCRYPT'92 Proceedings, LNCS 658, pp. 55-70, Springer-Verlag, 1993.
7. X. Lai, R. Rueppel and J. Woollven, "A Fast cryptographic checksum algorithm based on stream ciphers", Advances in Cryptology -- AUSCRYPT'92 Proceedings, LNCS 718 pp. 339-348 Springer-Verlag, 1993.
8. X. Lai , "On the design and security of block ciphers", ETH Series in Information Processing, (Edt: J. L. Massey), Vol. 1, Hartung-Gorre Verlag, Konstanz, 1992.
9. W. Hohl, T. Meier, X. Lai and C. Waldvogel, "Security of iterated hash functions based on block ciphers'', Advances in Cryptology -- CRYPTO'93 Proceedings, LNCS 773, pp. 379-390, Springer-Verlag, 1994.
10. X. Lai, "Higher order derivatives and differential cryptanalysis'', pp. 227-233 in Communications and Cryptography, Edt. R.E. Blahut, Kluwer Academic Publishers, 1994.
11. X. Lai, "Design principles for practical secret-key block ciphers'' Proceedings of CHINACRYPT'94, Nov. 11--15, 1994, Xian, China, Science Publisher 1994.
12. X. Lai, "Additive and Linear structures of cryptographic functions'', Fast Software Encryption, Proceedings of 1994 Leuven Algorithm Workshop, LNCS 1008, pp. 75-85, Springer-Verlag, 1995.
13. X. Lai and R. Rueppel, "Attacks on the HKM/HFX cryptosystem'', Fast Software Encryption, Proceedings, LNCS 1039, pp. 1-14, Springer-Verlag, 1996.
14. L. Knudsen, X. Lai and B. Preneel, "Attacks on fast double block length hash functions", J. Cryptology, (1998) 11: 59-72.
15. Xuejia Lai, Public Key Infrastructure: Managing the e-Business Security, Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures， Pages: 505 - 505, Kluwer, B.V. Deventer, 2000, ISBN:0-7923-7914-4 .
16. Xuejia LAI - Advanced security technologies in networking, Proceedings of NATO Workshop on Advanced Security Technologies in Networking, 29 May - 2 June, 2001, Portoloz, Slovenia. B. Jerman-BIazic et ai (Eds.) 1 IOS Press. 2001，pp 21-29.
17. X. Lai, "Security Requirements on Authentication Protocols Using Challenge-Response", J. of Graduate school of Chinese Academy of Science, Vol.19, No 3, pp 246-253, Sep. 2002.
18. Xiaoyun Wang, Dengguo Feng, Xuejia Lai, Hongbo Yu: Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD.rump session of Crypto'04, Cryptology ePrint Archive, Report2004/199, 2004.
19. Xiaoyun Wang, Xuejia Lai, Dengguo Feng: Cryptanalysis of the Hash Functions MD4 and RIPEMD, EUROCRYPT 2005, LNCS 3494, pp.1-18, Springer-Verlag, 2005.
20. Kefei Chen, Robert Deng, Xuejia Lai and Jianying Zhou (Editors), Information Security Practice and Experience , Proceedings of ISPEC 2006, LNCS 3903, Springer, 2006.
21. 肖国镇,卢明欣,秦磊,来学嘉. 密码学的新领域--DNA密码, 科学通报 51卷10期, p.1139-1144. 2006年5月.
22. XIAO Guozhen, LU Mingxin, QIN Lei, LAI Xuejia, New field of Cryptography: DNA Cryptography. Chinese Science Bulletin, 2006, 51(12):1413-1420.
23. 卢明欣, 来学嘉（并列第一作者）, 肖国镇，秦磊. 基于DNA技术的对称加密方法。中国科学E辑:信息科学,2007年 第37卷第2期:175-182.
24. LU Mingxin, LAI Xuejia, XIAO Guozhen，QIN Lei. Symmetric-Key Cryptosystem with DNA technology. Science in China Series F: Information Sciences. June 2007 vol.50,no.3,pp 324-333.
25. Jie Liang, Xuejia Lai. Improved Collision Attack on Hash Function MD5. Journal of Computer Science&Technology. Jan. 2007, Vol.22, No.1, pp.79-87.
26. 谢勇，来学嘉，邓子健, EFI及其安全性研究, 信息安全与通信保密, 2007年第8期 175-177,(文章编号 1002-0802(2007)08-0175-03.
27. Zhongmei Wan, Xuejia Lai, Cryptanalysis and Improvement of Two Proxy Signature Schemes, Proceedings of ChianCrypt'2007, pp 151-158.
28. Zijian Deng, Xuejia Lai. A new architecture of sensitive file management based on Dual-Core and EFI. IEEE SITIS 2007. pp 170-176.
29. Xizhe Zhang, Yong Xie, Xuejia Lai, Shensheng Zhang, Zijian Deng, A Multi-core Security Architecture based on EFI, Proceddings of International Symposium on Information Security 2007, OTM 2007, Part II, LNCS 4804-1675.
30. 谢勇, 来学嘉, 张熙哲，基于双核EFI 的安全框架，计算机工程 >> 2008年34卷22期，177-178页,181页。
31. Zheng Gong, Xuejia Lai, Kefei Chen, "A synthetic indifferentiability analysis of some block-cipher-based hash functions," Designs, Codes and Cryptography 48:3 September 2008.
32. Zijian Deng, Xuejia Lai, Dake He. A linguistic reputation system applied in Peer-to-Peer. IEEE ICALIP2008. pp 273 - 278. (EI:,ISTP: BIB51)
33. 邓子健， 来学嘉，何大可. 基于双核处理器和EFI的安全文件管理结构(已录用，待修改). 西南交通大学学报. (EI)
34. 邓子健，来学嘉，何大可. 基于EFI和双核处理器的DRM Agent.计算机应用研究. 2009，26(1)：352-355.
35. 邓子健，来学嘉，何大可. 基于自然语言的P2P信誉系统。计算机工程，2009，35（12）：32-33.
36. 邓子健，来学嘉，何大可. 支持权利二次交易的DRM模型.计算机工程，第35卷20期，20-22，2009年10月。
37. Lu, Xian Hui, Lai, Xue Jia, He, Da Ke and Li, Guo Min, Security analysis of a public key encryption scheme based on attack classification (Chinese), J. Wuhan Univ. Natur. Sci. Ed. 54 (2008), no. 5, 543--546; MR**.
38. CHEN Jia, XUE Dongyue, LAI Xuejia, An Analysis of International Data Encryption Algorithm(IDEA) Security against Differential Cryptanalysis，Wuhan University Journal of Natural Sciences, Vol.13 No.6, 641-768, Dec. 2008.
39. Zhong-mei Wan, Xue-jia Lai, Jian Weng, Xuan Hong, Yu Long and Wei-wei Jia， On constructing certificateless proxy signature from certificateless signature，J. Shanghai Jiaotong Univ. (Sci.), 2008, 13(6): 692-694.
40. Yiyuan Luo and Xuejia Lai,，On the security of multivariate hash functions，J. Shanghai Jiaotong Univ. (Sci.), 2009, 14(2): 219-222.
41. 杨晓元, 黎茂棠, 韩益亮, 魏立线, 来学嘉. "基于ACJT的广义群签密方案"[J]. 《计算机工程与应用》,2008,44(31):128-131.
42. Kefei Chen, Ling Dong and Xuejia Lai, Security Analysis of Cryptographic Protocols Based on Trusted Freshness, Journal of KIISC, Vol. 18 No.6 (B) pp.219-232, December 2008.
43. Xian-hui Lu, Xue-jia Lai and Da-ke He The gap between intractable problem and adaptive chosen ciphertext security， J. Shanghai Jiaotong Univ. (Sci.) 14(1):90-93, 2009.
44. Ling Dong, Ke-fei Chen and Xue-jia Lai， Formal analysis of authentication in 802.11i , J. Shanghai Jiaotong Univ. (Sci.) 14(1):122-128, 2009.
45. 董玲,陈克非,来学嘉.密码协议分析的信任多集方法.软件学报,2009,20(11):3060-3076
46. Dong, Ling, Chen, Kefei, Lai, Xuejia, Wen, Mi， When is a key establishment protocol correct? ，SECURITY AND COMMUNICATION NETWORKS, 2(6), pp 567-579, NOV-DEC 2009/12(SCIE).
47. Xiaorui Sun and Xuejia Lai, Improved Integral Attacks on MISTY1, Proceedings of SAC2009, LNCS 5867, pp.266-280, Springer, 2009.
48. Xiaorui Sun and Xuejia Lai, The Key-Dependent Attack on Block Ciphers, Proceedings of Asiacrypt2009，LNCS 5912, pp19-36. Springer，2009.
a) 孙晓锐，来学嘉，分组密码的密钥相关攻击
49. Xianhui Lu, Xuejia Lai, Dake He, Improved efficiency of Kiltz07-KEM, Information Processing Letters， Volume 109, Issue 18, 31 August 2009, Pages 1093-1096
50. 罗一鸣, 来学嘉，P2P 网络中基于电子货币的权利转移方案, 计算机应用与软件，第27卷第4期，2010年4月，3-6页,47页
51. 葛颖彦，来学嘉，VoIP系统中RTP攻击的实现与防范，信息安全与通信保密，2009年第11 期，98-99。
52. 黄佳琳, 来学嘉， 随机性测试的淘汰能力和相关性，信息安全与通信保密, 2009年第10 期，43-46.
a) Eliminating Ability and Correlation of Random Statistical Test Information Security and Communications Privacy"(ISCP) .
53. 杨默涵, 来学嘉，布尔函数代数次数的计算方法，密码学进展，中国密码学会2009年会论文集，35-42.
54. Yaying Xiao and Xuejia Lai，A Secure Implementation of White-Box AES， 2nd International Conference on Computer Science and its Applications 10-12 Dec. 2009，CSA '09，Jeju, Korea (South) ISBN: 978-1-4244-4945-3，DOI 10.1109/CSA.2009.** （ MPIS2009.）
55. 肖雅莹, 来学嘉, 白盒密码及SMS4算法的白盒实现, 密码学进展，中国密码学会2009年会论文集，24-34。
56. Zhong-mei WAN, Jian WENG, Xue-jia LAI, Sheng-li LIU, Ji-guo Li，On the Relation between Identity-Based Proxy Re-Encryption and Mediated Identity-Based Encryption，Journal of Information Science and Engineering, Vol. 27 No. 1, pp. 243-259 (January 2011)
57. Zhong-mei WAN, Xue-jia LAI, Jian WENG, Sheng-li LIU, Yu LONG, Xuan HONG， Identity-based key-insulated proxy signature, Journal of Electronis（China）, Vol.26(6):853-858, 2009.
58. Zhong-mei WAN, Xue-jia LAI, Jian WENG, Sheng-li LIU, Xuan HONG， Certificateless Key-Insulated Signature Without Random Oracles， Journal of Zhejiang Univ Sci A，2009 Vol.10, No.12, p. 1790~1800。
59. Zhongming Wu, Yiyuan Luo, Xuejia Lai and Bo Zhu， Improved Cryptanalysis of FOX Block Cipher，Proceedings of INTRUST 2009, LNCS 6163, 236-249, Springer, 2010.
60. Bo Zhu, Kefei Chen and Xuejia Lai, Bitwise Higher Order Differential Cryptanalysis, Proceedings of INTRUST 2009，LNCS 6163, 250-262, Springer, 2010.
61. 方习文，来学嘉，基于线性自组装的DNA减法模运算，科学通报,2010,55: 957-963
62. Fang XiWen，Lai XueJia， DNA modular subtraction algorithm based on linear self-assembly, Chinese Sci Bull, May 2010, Vol.55 No 15：1574-1580，doi: 10.1007/s11434-010-3125-4.
63. 吴中明, 朱红儒, 来学嘉，一种安全P2P网络的信任评估机制，信息网络安全，108期（2009.12）, 69-71.
64. XueJia Lai, MingXin Lu, Lei Qin, JunSong Han & XiWen Fang，Asymmetric encryption and signature method with DNA technology, Science China Information Sciences, Volume 53 Number 3, 506 - 514, 2010， DOI: 10.1007/s11432-010-0063-3
65. 来学嘉, 卢明欣, 秦磊, 韩峻松, 方习文, 基于DNA技术的非对称加密与签名方法, 中国科学F辑:信息科学，2010 Vol. 40 (2): 240-248.
66. 来学嘉, 肖雅莹，白盒密码的设计与研究，信息安全与通信保密, 2010年第2 期,45-48.
67. Yiyuan Luo, Qi Chai, Guang Gong and Xuejia Lai，A Lightweight Stream Cipher WG-7 for RFID Encryption and Authentication，Proceedings of IEEE GLOBECOM 2010，
68. Yiyuan Luo, Xuejia Lai, Zheng Gong, Pseudorandomness Analysis of the (Extended) Lai-Massey Scheme, Information Processing Letters 111 (2010), pp. 90-96， DOI information: 10.1016/j.ipl.2010.10.012.
69. Jinmin Zhong and Xuejia Lai，Preimage Attack on Reduced DHA-256，Journal of Information Science and Engineering，Vol.27, No.4, July 2011.
70. Jinmin Zhong, Xuejia Lai, One-Block Preimage Attack on 27-Step DHA-256，2010 IEEE International Conference on Progress in Informatics and Computing conference (PIC-2010)，pp. 579 - 583.
71. 程正杰，陈克非，来学嘉，基于细粒度新鲜性的密码协议分析，《北京大学学报（自然科学版）》第46卷 第5期 第763～770页, 2010.
72. Zhengjie Cheng, Kefei Chen, Xuejia Lai，Security Analysis of Cryptographic Protocols with trusted party，JWIS 2010。
73. Jialin Huang, Xuejia Lai, Measuring random tests by conditional entropy and optimal execution order, Proceedings of INTRUST 2010, pp.148-159, LNCS 6802, Springer 2011.
74. 卢明欣，来学嘉，方习文，DNA密码研究综述，中国密码学发展报告2010，电子工业出版社2011。
75. 来学嘉，方习文，卢明欣，DNA计算与DNA密码，信息安全与技术，2010.11, 18-23.
76. Zhongmei Wan, Xuejia Lai, Jian Weng, Jiguo Li, Certificateless Strong Key-insulated Signature，International Conference on Information Science and Technology, March 26-28, 2011 Nanjing, China，ICIST Proceedings，270-276.
77. Ming Duan, Xuajia Lai, Higher Order Differential Cryptanalysis Framework and Its Applications，International Conference on Information Science and Technology，March 26-28, 2011 Nanjing, China，ICIST Proceedings，291-297.
78. Ming Duan, Xuajia Lai, "Improved Zero-sum Distinguisher for Full Round Keccak-f Permutation", Chinese Science Bulletin， 2012 Vol. 57 (6): 694-697，doi: 10.1007/s11434-011-4909-x (IF 1.087)
79. Yiyuan Luo, Xuejia Lai, Zheng Gong, Indifferentiability of Domain Extension Modes for Hash Functions，Proceedings of INTRUST 2011, pp 138-155., LNCS 7222, Springer 2012.
80. Ming Duan, Xuejia Lai, Mohan Yang, Xiaorui Sun and Bo Zhu， Distinguishing Properties and Applications of Higher Order Derivatives of Boolean Functions，Information Sciences, major revision
81. Jinmin Zhong and Xuejia Lai, Improved Preimage Attack on One-block MD4, Journal of Systems and Software, Volume 85, Issue 4, April 2012, Pages 981-994. (IF 1.282)
82. 林旭，来学嘉，基于纠删编码的P2P存储系统的数据维护算法，信息安全与技术，26-31，2011.09
83. 魏东泽，来学嘉，一种安全的高可靠性P2P云存储备份模型初探, 信息安全与技术，32-35，2011.09
84. Bing Wang, Xuejia Lai, Hongru Zhu, Minpeng Qi，A mixed structure of Streaming in WiiSE-DSN Network, International Conference on E-Business and E-Government - International Conference on E-Business and E-Government - ICEE , 2011，DOI: 10.1109/ICEBEG.2011.**.
85. Weijia Xue, Xuejia Lai, Unified Impossible Differential Cryptanalysis of ARIA, China Communication, August 2012, Vol.9, No.8, 129-134.
86. Yiyuan Luo, Zhongming Wu, Xuejia Lai, Guang Gong，An Improved Unified Method for Finding Impossible Differentials of Block Cipher Structures.
87. Xiwen Fang, Xuejia Lai，Nondeterministic polynomial time discrete logarithm algorithm in the tile assembly model，.
88. Xiwen Fang, Xuejia Lai，DNA-chip-based Dynamic Broadcast Encryption Scheme with Constant-size Ciphertexts and Decryption Keys
89. Xiwen Fang， Xuejia Lai， Modular Multiplication Algorithm in Tile Self-Assembly Model， in submission
90. GONG Zheng, LUO Yiyuan, LAI Xuejia and CHEN Kefei， On the Security of Double-Block-Length Hash Functions with Rate 1， Chinese Journal of Electronics。 Vol.21, No.3, July 2012，566-570.
91. 林婷婷, 来学嘉， 白盒密码研究综述，2012密码学进展
92. 林婷婷, 来学嘉, 对白盒SMS4实现的一种有效攻击, 软件学报, 2012
93. Jialin Huang and Xuejia Lai，Chosen-Plaintext Linear Attacks on Serpent，IET Information Security，accepted，2012.
94. Jialin Huang and Xuejia Lai， "Revisiting Key Schedule's Diffusion In Relation With Round Function's Diffusion"， Designs, Codes and Cryptography. minor revisions，2012.
95. Jialin Huang and Xuejia Lai, What is the Effective Key Length for a Block Cipher: an Attack on Every Block Cipher, SCIENCE CHINA Information Sciences，accepted, 2013.



NSFC
DNA computing and its application in cryptography (**) 2013-2016
Higher-order differential analysis of crypto algorithms (**) 2011-2013
DNA Crypto Systems (**) 2008-2010
Hash function design and analusis (**) 2006-2008
Asiacrypt 2012 () 2012
Asiacrypt 2006 () 2006
"十二五”国家密码发展基金, 2012-2013
"十一五”国家密码发展基金, 2006-2010
教育部博士点基金， 哈希函数分析中若干问题的研究， 2010-2012
广东省部产学研项目, 安全云存储系统, 2010-2011
中国银联, 移动支付安全标准研制, 2011
中国移动研究院, WiiSE安全方案, 2008