HILA5 pindakaas: on the CCA security of lattice-based encryption with error correction

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

6 Citations (Scopus)
2 Downloads (Pure)

Abstract

We show that the NISTPQC submission HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST’s procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.

Original languageEnglish
Title of host publicationProgress in Cryptology - AFRICACRYPT 2018
Subtitle of host publication10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, Proceedings
EditorsA. Joux, A. Nitaj, T. Rachidi
Place of PublicationDordrecht
PublisherSpringer
Pages203-216
Number of pages14
ISBN (Electronic)978-3-319-89339-6
ISBN (Print)978-3-319-89338-9
DOIs
Publication statusPublished - 1 Jan 2018
Event10th International Conference on the Theory and Application of Cryptographic Techniques in Africa (Africacrypt 2018) - Marrakesh, Morocco
Duration: 7 May 20189 May 2018
Conference number: 10

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10831 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference10th International Conference on the Theory and Application of Cryptographic Techniques in Africa (Africacrypt 2018)
Abbreviated titleAFRICACRYPT 2018
CountryMorocco
CityMarrakesh
Period7/05/189/05/18

Keywords

  • KEM
  • Post-quantum cryptography
  • Reaction attack
  • RLWE

Fingerprint Dive into the research topics of 'HILA5 pindakaas: on the CCA security of lattice-based encryption with error correction'. Together they form a unique fingerprint.

  • Cite this

    Bernstein, D. J., Groot Bruinderink, L., Lange, T., & Panny, L. (2018). HILA5 pindakaas: on the CCA security of lattice-based encryption with error correction. In A. Joux, A. Nitaj, & T. Rachidi (Eds.), Progress in Cryptology - AFRICACRYPT 2018: 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, Proceedings (pp. 203-216). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10831 LNCS). Springer. https://doi.org/10.1007/978-3-319-89339-6_12