"HILA5 pindakaas" : on the CCA security of lattice-based encryption with error correction

Onderzoeksoutput: Boek/rapportRapportAcademic

Uittreksel

We show that HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST's procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.
TaalEngels
Plaats van producties.l.
UitgeverijIACR
Aantal pagina's14
StatusGepubliceerd - 2017

Publicatie series

NaamCryptology ePrint Archive
Volume2017/1214

Vingerafdruk

Error correction
Encapsulation
Cryptography
Recovery

Citeer dit

@book{8e35c58ca9624a789d8004a72bf76e2d,
title = "{"}HILA5 pindakaas{"} : on the CCA security of lattice-based encryption with error correction",
abstract = "We show that HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST's procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.",
author = "D.J. Bernstein and {Groot Bruinderink}, L. and T. Lange and L.S. Panny",
year = "2017",
language = "English",
series = "Cryptology ePrint Archive",
publisher = "IACR",

}

"HILA5 pindakaas" : on the CCA security of lattice-based encryption with error correction. / Bernstein, D.J.; Groot Bruinderink, L. ; Lange, T.; Panny, L.S.

s.l. : IACR, 2017. 14 blz. (Cryptology ePrint Archive; Vol. 2017/1214).

Onderzoeksoutput: Boek/rapportRapportAcademic

TY - BOOK

T1 - "HILA5 pindakaas" : on the CCA security of lattice-based encryption with error correction

AU - Bernstein,D.J.

AU - Groot Bruinderink,L.

AU - Lange,T.

AU - Panny,L.S.

PY - 2017

Y1 - 2017

N2 - We show that HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST's procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.

AB - We show that HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST's procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.

M3 - Report

T3 - Cryptology ePrint Archive

BT - "HILA5 pindakaas" : on the CCA security of lattice-based encryption with error correction

PB - IACR

CY - s.l.

ER -