EMBLEM: (R)LWE-based key encapsulation with a new multi-bit encoding method

Minhye Seo, Suhri Kim, Dong Hoon Lee, Jong Hwan Park

Research output: Contribution to journalArticlepeer-review

4 Citations (Scopus)


Lattice-based cryptography is a promising candidate for post-quantum cryptosystems, and a large amount of research has been conducted on learning with errors (LWE) problems, which are believed to be resistant against quantum attacks. In this paper, we propose two new key encapsulation mechanisms (KEMs), called EMBLEM and R.EMBLEM, based on (ring) LWE problems. The new KEMs have two main features: (1) Their security is based on the (ring) LWE problem with small secrets, which leads to both a secret key of constant size (regardless of the LWE parameters) and a relatively large standard deviation of the discrete Gaussian distributions. (2) They rely on a new multi-bit encoding method that is suitable for (ring) LWE-based encryption schemes. Compared to Regev’s encoding method, the proposed method does not require any rounding operation for decoding, and in this sense, it is conceptually simpler and easier to understand. Concrete parameters of the KEMs targeting 128-bit security level (against classical attacks) are provided, and their performance is compared with that of previous (ring) LWE-based KEMs in the literature.

Original languageEnglish
Pages (from-to)383-399
Number of pages17
JournalInternational Journal of Information Security
Issue number4
Publication statusPublished - 2020 Aug 1

Bibliographical note

Funding Information:
This study was funded by Defense Acquisition Program Administration (DAPA) and Agency for Defense Development (ADD) (UD170109ED).

Publisher Copyright:
© 2019, Springer-Verlag GmbH Germany, part of Springer Nature.


  • Chosen-ciphertext security
  • Key encapsulation mechanism
  • Lattice-based cryptography
  • Small secret LWE

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'EMBLEM: (R)LWE-based key encapsulation with a new multi-bit encoding method'. Together they form a unique fingerprint.

Cite this