Abstract
Lattice-based cryptography is a promising candidate for post-quantum cryptosystems, and a large amount of research has been conducted on learning with errors (LWE) problems, which are believed to be resistant against quantum attacks. In this paper, we propose two new key encapsulation mechanisms (KEMs), called EMBLEM and R.EMBLEM, based on (ring) LWE problems. The new KEMs have two main features: (1) Their security is based on the (ring) LWE problem with small secrets, which leads to both a secret key of constant size (regardless of the LWE parameters) and a relatively large standard deviation of the discrete Gaussian distributions. (2) They rely on a new multi-bit encoding method that is suitable for (ring) LWE-based encryption schemes. Compared to Regev’s encoding method, the proposed method does not require any rounding operation for decoding, and in this sense, it is conceptually simpler and easier to understand. Concrete parameters of the KEMs targeting 128-bit security level (against classical attacks) are provided, and their performance is compared with that of previous (ring) LWE-based KEMs in the literature.
| Original language | English |
|---|---|
| Pages (from-to) | 383-399 |
| Number of pages | 17 |
| Journal | International Journal of Information Security |
| Volume | 19 |
| Issue number | 4 |
| DOIs | |
| Publication status | Published - 2020 Aug 1 |
Bibliographical note
Funding Information:This study was funded by Defense Acquisition Program Administration (DAPA) and Agency for Defense Development (ADD) (UD170109ED).
Publisher Copyright:
© 2019, Springer-Verlag GmbH Germany, part of Springer Nature.
Keywords
- Chosen-ciphertext security
- Key encapsulation mechanism
- Lattice-based cryptography
- Small secret LWE
ASJC Scopus subject areas
- Software
- Information Systems
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications