Advertisement

Analysis of Error-Correcting Codes for Lattice-Based Key Exchange

  • Tim Fritzmann
  • Thomas Pöppelmann
  • Johanna Sepulveda
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11349)

Abstract

Lattice problems allow the construction of very efficient key exchange and public-key encryption schemes. When using the Learning with Errors (LWE) or Ring-LWE (RLWE) problem such schemes exhibit an interesting trade-off between decryption error rate and security. The reason is that secret and error distributions with a larger standard deviation lead to better security but also increase the chance of decryption failures. As a consequence, various message/key encoding or reconciliation techniques have been proposed that usually encode one payload bit into several coefficients. In this work, we analyze how error-correcting codes can be used to enhance the error resilience of protocols like NewHope, Frodo, or Kyber. For our case study, we focus on the recently introduced NewHope Simple and propose and analyze four different options for error correction: (i) BCH code; (ii) combination of BCH code and additive threshold encoding; (iii) LDPC code; and (iv) combination of BCH and LDPC code. We show that lattice-based cryptography can profit from classical and modern codes by combining BCH and LDPC codes. This way we achieve quasi-error-free communication and an increase of the estimated post-quantum bit-security level by 20.39% and a decrease of the communication overhead by 12.8%.

Keywords

Post-quantum key exchange NewHope Simple Error-correcting codes 

Notes

Acknowledgments

We thank the anonymous reviewers for their valuable comments and suggestions. This work was partly funded by the Fraunhofer High Performance Center for Secure Connected Systems of Munich.

Supplementary material

References

  1. 1.
    Alkim, E., et al.: NewHope: Algorithm Specifications and Supporting Documentation (2017). https://newhopecrypto.org/data/NewHope_2017_12_21.pdf
  2. 2.
    Alkim, E., et al.: FrodoKEM - Learning with Errors Key Encapsulation: Algorithm Specifications and Supporting Documentation (2017). https://frodokem.org/files/FrodoKEM-specification-20171130.pdf
  3. 3.
    Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: NewHope without reconciliation. IACR Cryptology ePrint Archive 2016, 1157 (2016)Google Scholar
  4. 4.
    Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange - a new hope. In: 25th USENIX Security Symposium, USENIX Security 16, 10–12 August 2016, Austin, TX, USA, pp. 327–343 (2016)Google Scholar
  5. 5.
    Avanzi, R., et al.: CRYSTALS-Kyber: Algorithm Specifications and Supporting Documentation (2017). https://www.pq-crystals.org/kyber/data/kyber-specification.pdf
  6. 6.
    Bai, S., Galbraith, S.D.: An improved compression technique for signatures based on learning with errors. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 28–47. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-04852-9_2CrossRefGoogle Scholar
  7. 7.
    Barreto, P.S., Longa, P., Naehrig, M., Ricardini, J.E., Zanon, G.: Sharper Ring-LWE signatures. IACR Cryptology ePrint Archive 2016, 1026 (2016)Google Scholar
  8. 8.
    Berlekamp, E.R.: Nonbinary BCH decoding. In: International Symposium on Information Theory, San Remo, Italy (1966)Google Scholar
  9. 9.
    Bos, J.W., et al.: Frodo: take off the ring! practical, quantum-secure key exchange from LWE. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 24–28 October 2016, Vienna, Austria, pp. 1006–1018 (2016).  https://doi.org/10.1145/2976749.2978425
  10. 10.
    Bos, J.W., et al.: CRYSTALS - Kyber: a CCA-secure module-lattice-based KEM. IACR Cryptology ePrint Archive 2017, 634 (2017)Google Scholar
  11. 11.
    Cheon, J.H., Kim, D., Lee, J., Song, Y.S.: Lizard: Cut off the tail! // practical post-quantum public-key encryption from LWE and LWR. IACR Cryptology ePrint Archive 2016, 1126 (2016)Google Scholar
  12. 12.
    Chien, R.T.: Cyclic decoding procedures for Bose-Chaudhuri-Hocquenghem codes. IEEE Trans. Inf. Theory 10(4), 357–363 (1964).  https://doi.org/10.1109/TIT.1964.1053699CrossRefzbMATHGoogle Scholar
  13. 13.
    Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal Gaussians. Cryptology ePrint Archive, Report 2013/383 (2013)Google Scholar
  14. 14.
    Fan, J.: Constrained Coding and Soft Iterative Decoding. The Springer International Series in Engineering and Computer Science. Springer, Heidelberg (2012)Google Scholar
  15. 15.
    Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_34CrossRefGoogle Scholar
  16. 16.
    Gallager, R.G.: Low-density parity-check codes. IRE Trans. Inf. Theory 8(1), 21–28 (1962).  https://doi.org/10.1109/TIT.1962.1057683MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Gitlin, R., Hayes, J., Weinstein, S.: Data Communications Principles. Applications of Communications Theory. Springer, Heidelberg (2012)Google Scholar
  18. 18.
    Hamburg, M.: Supporting documentation: ThreeBears (2017). https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  19. 19.
    Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0054868CrossRefGoogle Scholar
  20. 20.
    Hu, X., Eleftheriou, E., Arnold, D., Dholakia, A.: Efficient implementations of the sum-product algorithm for decoding LDPC codes. In: Proceedings of the Global Telecommunications Conference, GLOBECOM 2001, 25–29 November 2001, San Antonio, TX, USA, p. 1036 (2001).  https://doi.org/10.1109/GLOCOM.2001.965575
  21. 21.
    Lin, S., Costello, D.J.: Error Control Coding, 2nd edn. Prentice-Hall Inc., Upper Saddle River (2004)zbMATHGoogle Scholar
  22. 22.
    Lindner, R., Peikert, C.: Better key sizes (and attacks) for LWE-based encryption. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 319–339. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19074-2_21CrossRefGoogle Scholar
  23. 23.
    Lu, X., Liu, Y., Jia, D., Xue, H., He, J., Zhang, Z.: Supporting documentation: LAC (2017). https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  24. 24.
    Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1–23. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_1CrossRefGoogle Scholar
  25. 25.
    National Institute of Standards and Technology: Announcing request for nominations for public-key post-quantum cryptographic algorithms (2016). https://csrc.nist.gov/news/2016/public-key-post-quantum-cryptographic-algorithms
  26. 26.
    Qian, C., Lei, W., Wang, Z.: Low complexity LDPC decoder with modified Sum-Product algorithm. Tsinghua Sci. Technol. 18(1), 57–61 (2013).  https://doi.org/10.1109/TST.2013.6449408CrossRefzbMATHGoogle Scholar
  27. 27.
    Richardson, T.: Error floors of LDPC codes. In: Proceedings of the Annual Allerton Conference on Communication Control and Computing, pp. 1426–1435. The University; 1998 (2003)Google Scholar
  28. 28.
    Saarinen, M.O.: HILA5: On reliability, reconciliation, and error correction for Ring-LWE encryption. IACR Cryptology ePrint Archive 2017, 424 (2017)Google Scholar
  29. 29.
    Saarinen, M.J.O.: Supporting documentation: HILA5 (2017). https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  30. 30.
    Safak, M.: Digital Communications. Wiley, Hoboken (2017)Google Scholar
  31. 31.
    Targhi, E.E., Unruh, D.: Post-quantum security of the Fujisaki-Okamoto and OAEP transforms. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9986, pp. 192–216. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53644-5_8CrossRefzbMATHGoogle Scholar
  32. 32.
    Zhao, Y., Jin, Z., Gong, B., Sui, G.: Supporting documentation: KCL (2017). https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Technische Universität MünchenMunichGermany
  2. 2.Infineon Technologies AGMunichGermany

Personalised recommendations