HILA5 pindakaas: on the CCA security of lattice-based encryption with error correction

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

4 Citaties (Scopus)

Uittreksel

We show that the NISTPQC submission HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST’s procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.

TaalEngels
TitelProgress in Cryptology - AFRICACRYPT 2018
Subtitel10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, Proceedings
RedacteurenA. Joux, A. Nitaj, T. Rachidi
Plaats van productieDordrecht
UitgeverijSpringer
Pagina's203-216
Aantal pagina's14
ISBN van elektronische versie978-3-319-89339-6
ISBN van geprinte versie978-3-319-89338-9
DOI's
StatusGepubliceerd - 1 jan 2018
Evenement10th International Conference on the Theory and Application of Cryptographic Techniques in Africa (Africacrypt 2018) - Marrakesh, Marokko
Duur: 7 mei 20189 mei 2018
Congresnummer: 10

Publicatie series

NaamLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10831 LNCS
ISSN van geprinte versie0302-9743
ISSN van elektronische versie1611-3349

Congres

Congres10th International Conference on the Theory and Application of Cryptographic Techniques in Africa (Africacrypt 2018)
Verkorte titelAFRICACRYPT 2018
LandMarokko
StadMarrakesh
Periode7/05/189/05/18

Vingerafdruk

Error correction
Error Correction
Encapsulation
Encryption
Cryptography
Attack
Recovery
Authenticated Encryption
Key Recovery
Public Key Encryption
Demonstrate

Trefwoorden

    Citeer dit

    Bernstein, D. J., Groot Bruinderink, L., Lange, T., & Panny, L. (2018). HILA5 pindakaas: on the CCA security of lattice-based encryption with error correction. In A. Joux, A. Nitaj, & T. Rachidi (editors), Progress in Cryptology - AFRICACRYPT 2018: 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, Proceedings (blz. 203-216). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10831 LNCS). Dordrecht: Springer. DOI: 10.1007/978-3-319-89339-6_12
    Bernstein, Daniel J. ; Groot Bruinderink, Leon ; Lange, Tanja ; Panny, Lorenz. / HILA5 pindakaas : on the CCA security of lattice-based encryption with error correction. Progress in Cryptology - AFRICACRYPT 2018: 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, Proceedings. redacteur / A. Joux ; A. Nitaj ; T. Rachidi. Dordrecht : Springer, 2018. blz. 203-216 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
    @inproceedings{e79aedbcf7364dc3ac2229f0ef13561d,
    title = "HILA5 pindakaas: on the CCA security of lattice-based encryption with error correction",
    abstract = "We show that the NISTPQC submission HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST’s procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.",
    keywords = "KEM, Post-quantum cryptography, Reaction attack, RLWE",
    author = "Bernstein, {Daniel J.} and {Groot Bruinderink}, Leon and Tanja Lange and Lorenz Panny",
    year = "2018",
    month = "1",
    day = "1",
    doi = "10.1007/978-3-319-89339-6_12",
    language = "English",
    isbn = "978-3-319-89338-9",
    series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
    publisher = "Springer",
    pages = "203--216",
    editor = "A. Joux and A. Nitaj and T. Rachidi",
    booktitle = "Progress in Cryptology - AFRICACRYPT 2018",
    address = "Germany",

    }

    Bernstein, DJ, Groot Bruinderink, L, Lange, T & Panny, L 2018, HILA5 pindakaas: on the CCA security of lattice-based encryption with error correction. in A Joux, A Nitaj & T Rachidi (redactie), Progress in Cryptology - AFRICACRYPT 2018: 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10831 LNCS, Springer, Dordrecht, blz. 203-216, Marrakesh, Marokko, 7/05/18. DOI: 10.1007/978-3-319-89339-6_12

    HILA5 pindakaas : on the CCA security of lattice-based encryption with error correction. / Bernstein, Daniel J.; Groot Bruinderink, Leon; Lange, Tanja; Panny, Lorenz.

    Progress in Cryptology - AFRICACRYPT 2018: 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, Proceedings. redactie / A. Joux; A. Nitaj; T. Rachidi. Dordrecht : Springer, 2018. blz. 203-216 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10831 LNCS).

    Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

    TY - GEN

    T1 - HILA5 pindakaas

    T2 - on the CCA security of lattice-based encryption with error correction

    AU - Bernstein,Daniel J.

    AU - Groot Bruinderink,Leon

    AU - Lange,Tanja

    AU - Panny,Lorenz

    PY - 2018/1/1

    Y1 - 2018/1/1

    N2 - We show that the NISTPQC submission HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST’s procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.

    AB - We show that the NISTPQC submission HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST’s procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.

    KW - KEM

    KW - Post-quantum cryptography

    KW - Reaction attack

    KW - RLWE

    UR - http://www.scopus.com/inward/record.url?scp=85045940909&partnerID=8YFLogxK

    U2 - 10.1007/978-3-319-89339-6_12

    DO - 10.1007/978-3-319-89339-6_12

    M3 - Conference contribution

    SN - 978-3-319-89338-9

    T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

    SP - 203

    EP - 216

    BT - Progress in Cryptology - AFRICACRYPT 2018

    PB - Springer

    CY - Dordrecht

    ER -

    Bernstein DJ, Groot Bruinderink L, Lange T, Panny L. HILA5 pindakaas: on the CCA security of lattice-based encryption with error correction. In Joux A, Nitaj A, Rachidi T, redacteurs, Progress in Cryptology - AFRICACRYPT 2018: 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, Proceedings. Dordrecht: Springer. 2018. blz. 203-216. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). Beschikbaar vanaf, DOI: 10.1007/978-3-319-89339-6_12