Book ChapterDOI
A Modular Analysis of the Fujisaki-Okamoto Transformation
Dennis Hofheinz,Kathrin Hövelmanns,Eike Kiltz +2 more
- Vol. 2017, pp 341-371
Reads0
Chats0
TLDR
The Fujisaki-Okamoto (FO) transformation as discussed by the authors turns any weakly secure public-key encryption scheme into a strongly secure one in the random oracle model, but it suffers from several drawbacks such as a non-tight security reduction, and the need for a perfectly correct scheme.Abstract:
The Fujisaki-Okamoto (FO) transformation (CRYPTO 1999 and Journal of Cryptology 2013) turns any weakly secure public-key encryption scheme into a strongly (i.e., \(\mathsf {IND}\text {-}\mathsf {CCA}\)) secure one in the random oracle model. Unfortunately, the FO analysis suffers from several drawbacks, such as a non-tight security reduction, and the need for a perfectly correct scheme. While several alternatives to the FO transformation have been proposed, they have stronger requirements, or do not obtain all desired properties.read more
Citations
More filters
Journal Article
Secure integration of asymmetric and symmetric encryption schemes
TL;DR: This conversion is the first generic transformation from an arbitrary one-way asymmetricryption scheme to a chosen-ciphertext secure asymmetric encryption scheme in the random oracle model.
Proceedings ArticleDOI
CRYSTALS - Kyber: A CCA-Secure Module-Lattice-Based KEM
Joppe W. Bos,Léo Ducas,Eike Kiltz,Tancrède Lepoint,Vadim Lyubashevsky,John M. Schanck,Peter Schwabe,Gregor Seiler,Damien Stehlé +8 more
TL;DR: This paper introduces Kyber, a portfolio of post-quantum cryptographic primitives built around a key-encapsulation mechanism (KEM), based on hardness assumptions over module lattices, and introduces a CPA-secure public-key encryption scheme and eventually construct, in a black-box manner, CCA-secure encryption, key exchange, and authenticated-key-exchange schemes.
Book ChapterDOI
CSIDH: an efficient Post-Quantum Commutative Group Action
TL;DR: The Diffie–Hellman scheme resulting from the group action allows for public-key validation at very little cost, runs reasonably fast in practice, and has public keys of only 64 bytes at a conjectured AES-128 security level, matching NIST’s post-quantum security category I.
Posted Content
CRYSTALS - Kyber: A CCA-secure Module-Lattice-Based KEM
Joppe W. Bos,Léo Ducas,Eike Kiltz,Tancrède Lepoint,Vadim Lyubashevsky,John M. Schanck,Peter Schwabe,Gregor Seiler,Damien Stehlé +8 more
TL;DR: Kyber as discussed by the authors is a portfolio of post-quantum cryptographic primitives built around a key-encapsulation mechanism (KEM), based on hardness assumptions over module lattices.
BIKE: Bit Flipping Key Encapsulation
Nicolas Aragon,Paulo S. L. M. Barreto,Slim Bettaieb,Loïc Bidoux,Olivier Blazy,Jean-Christophe Deneuville,Philippe Gaborit,Shay Gueron,Tim Güneysu,Carlos Aguilar Melchor,Rafael Misoczki,Edoardo Persichetti,Nicolas Sendrier,Jean-Pierre Tillich,Gilles Zémor +14 more
TL;DR: HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not, for teaching and research institutions in France or abroad, or from public or private research centers.
References
More filters
Proceedings ArticleDOI
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more
TL;DR: It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.
Proceedings ArticleDOI
On lattices, learning with errors, random linear codes, and cryptography
TL;DR: A public-key cryptosystem whose hardness is based on the worst-case quantum hardness of SVP and SIVP, and an efficient solution to the learning problem implies a quantum, which can be made classical.
Journal ArticleDOI
On lattices, learning with errors, random linear codes, and cryptography
TL;DR: A (classical) public-key cryptosystem whose security is based on the hardness of the learning problem, which is a reduction from worst-case lattice problems such as GapSVP and SIVP to a certain learning problem that is quantum.
Book ChapterDOI
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
Charles Rackoff,Daniel R. Simon +1 more
TL;DR: A formalization of chosen ciphertext attack is given in the model which is stronger than the "lunchtime attack" considered by Naor and Yung, and it is proved a non-interactive public-key cryptosystem based on non-Interactive zero-knowledge proof of knowledge to be secure against it.
Journal ArticleDOI
On Ideal Lattices and Learning with Errors over Rings
TL;DR: The ring-LWE distribution is pseudorandom as discussed by the authors, assuming that worst-case problems on ideal lattices are hard for polynomial-time quantum algorithms, which is not the case.