Progress in Cryptology – AFRICACRYPT 2014

In this paper we survey new results for rank-based cryptography: cryptosystems which are based on error-correcting codes embedded with the rank metric. These new results results first concern the LRPC cryptosystem, a cryptosystem based on a new class of decodable rank codes: the LRPC codes (for Low Rank Parity Check codes) which can be seen as an analog of the classical LDPC codes but for rank metric. The LRPC cryptosystem can benefit from very small public keys of less than 2,000 bits and is moreover very fast. We also present new optimized attacks for solving the general case of the rank syndrome decoding problem, together with a zero-knowledge authentication scheme and a new signature scheme based on a mixed errors-erasures decoding of LRPC codes, both these systems having public keys of a few thousand bits. These new recent results highlight that rank-based cryptography has many good features that can be used for practical cryptosystems.

[1]  C. D. Walter,et al.  Montgomery exponentiation needs no final subtractions , 1999 .

[2]  Mitsuru Matsui,et al.  Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis , 2000, Selected Areas in Cryptography.

[3]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[4]  Kaisa Nyberg,et al.  Multidimensional Extension of Matsui's Algorithm 2 , 2009, FSE.

[5]  Hwajeong Seo,et al.  Multi-precision Multiplication for Public-Key Cryptography on Embedded Microprocessors , 2012, WISA.

[6]  Claus-Peter Schnorr,et al.  Lattice Basis Reduction: Improved Practical Algorithms and Solving Subset Sum Problems , 1991, FCT.

[7]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[8]  Mihir Bellare,et al.  Simulation without the Artificial Abort: Simplified Proof and Improved Concrete Security for Waters' IBE Scheme , 2009, EUROCRYPT.

[9]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[10]  Andrey Bogdanov,et al.  Zero Correlation Linear Cryptanalysis with Reduced Data Complexity , 2012, FSE.

[11]  Susan Hohenberger,et al.  Key-Private Proxy Re-encryption , 2009, CT-RSA.

[12]  Sven Schäge,et al.  Tight Proofs for Signature Schemes without Random Oracles , 2011, EUROCRYPT.

[13]  Sébastien Canard,et al.  Improving the Security of an Efficient Unidirectional Proxy Re-Encryption Scheme , 2011, J. Internet Serv. Inf. Secur..

[14]  Kazuo Ohta,et al.  E2 - A new 128-bit block cipher , 2000 .

[15]  Jacob C. N. Schuldt,et al.  Wildcarded Identity-Based Encryption , 2010, Journal of Cryptology.

[16]  Pascal Paillier,et al.  Discrete-Log-Based Signatures May Not Be Equivalent to Discrete Log , 2005, ASIACRYPT.

[17]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[18]  Hwajeong Seo,et al.  Optimized Multi-Precision Multiplication for Public-Key Cryptography on Embedded Microprocessors , 2013 .

[19]  Santanu Sarkar,et al.  Approximate Integer Common Divisor Problem Relates to Implicit Factorization , 2011, IEEE Transactions on Information Theory.

[20]  Kazumaro Aoki,et al.  Security of E2 against Truncated Differential Cryptanalysis , 1999, Selected Areas in Cryptography.

[21]  Andrey Bogdanov,et al.  Integral and Multidimensional Linear Distinguishers with Correlation Zero , 2012, ASIACRYPT.

[22]  Kaisa Nyberg,et al.  Zero-correlation linear cryptanalysis of reduced-round LBlock , 2012, Des. Codes Cryptogr..

[23]  Cryptanalysis of a Reduced Version of the Block Cipher E2 , 1999, FSE.

[24]  Ping Li,et al.  Impossible Differential Cryptanalysis on Feistel Ciphers with SP and SPS Round Functions , 2010, ACNS.

[25]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[26]  Nigel P. Smart,et al.  Identity-Based Encryption Gone Wild , 2006, ICALP.

[27]  Andrey Bogdanov,et al.  Zero-Correlation Linear Cryptanalysis with FFT and Improved Attacks on ISO Standards Camellia and CLEFIA , 2013, Selected Areas in Cryptography.

[28]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[29]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[30]  C. D. Walter,et al.  Simple Power Analysis of Unified Code for ECC Double and Add , 2004, CHES.

[31]  Michael Scott,et al.  Optimizing Multiprecision Multiplication for Public Key Cryptography , 2007, IACR Cryptol. ePrint Arch..

[32]  Kaisa Nyberg,et al.  New Links Between Differential and Linear Cryptanalysis , 2015, IACR Cryptol. ePrint Arch..

[33]  Phong Q. Nguyen,et al.  The LLL Algorithm - Survey and Applications , 2009, Information Security and Cryptography.

[34]  Mitsuru Matsui,et al.  On Correlation Between the Order of S-boxes and the Strength of DES , 1994, EUROCRYPT.

[35]  Dan Boneh,et al.  Collusion-Secure Fingerprinting for Digital Data (Extended Abstract) , 1995, CRYPTO.

[36]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[37]  Vincent Rijmen,et al.  Linear hulls with correlation zero and linear cryptanalysis of block ciphers , 2014, Des. Codes Cryptogr..

[38]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[39]  Eli Biham,et al.  On Matsui's Linear Cryptanalysis , 1994, EUROCRYPT.

[40]  Christof Paar,et al.  Enabling Full-Size Public-Key Algorithms on 8-Bit Sensor Nodes , 2007, ESAS.

[41]  Torsten Schütze,et al.  Automotive Security : Cryptography for Car 2 X Communication , 2011 .

[42]  C. D. Walter,et al.  Distinguishing Exponent Digits by Observing Modular Subtractions , 2001, CT-RSA.

[43]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[44]  Ç. Koç,et al.  Incomplete reduction in modular arithmetic , 2002 .