NewHope without reconciliation

In this paper we introduce NewHope-Simple, a variant of the NewHope RingLWE-based key exchange that is using a straight-forward transformation from Ring-LWE encryption to a passively secure KEM (or key-exchange scheme). The main advantage of NewHopeSimple over NewHope is simplicity. In particular, it avoids the error-reconciliation mechanism originally proposed by Ding. The explanation of his method, combined with other tricks, like unbiasing the key following Peikert’s tweak and using the quantizer D4 to extract one key bit from multiple coefficients, takes more than three pages in the NewHope paper. The price for that simplicity is small: one of the exchanged messages increases in size by 6.25% from 2048 bytes to 2176 bytes. The security of NewHope-Simple is the same as the security of NewHope; the performance is very similar.

[1]  Alex van Poppelen Cryptographic decoding of the Leech lattice , 2016, IACR Cryptol. ePrint Arch..

[2]  Abhishek Banerjee,et al.  Pseudorandom Functions and Lattices , 2012, EUROCRYPT.

[3]  O. Antoine,et al.  Theory of Error-correcting Codes , 2022 .

[4]  Stefan Katzenbeisser,et al.  Reverse Fuzzy Extractors: Enabling Lightweight Mutual Authentication for PUF-Enabled RFIDs , 2012, Financial Cryptography.

[5]  John Lach,et al.  A Sub-0 . 5 V Lattice-Based Public-Key Encryption Scheme for RFID Platforms in 130 nm CMOS , 2011 .

[6]  Sorin A. Huss,et al.  On the Design of Hardware Building Blocks for Modern Lattice-Based Encryption Schemes , 2012, CHES.

[7]  Jintai Ding New cryptographic constructions using generalized learning with errors problem , 2012, IACR Cryptol. ePrint Arch..

[8]  Michael Schneider,et al.  Estimating the Security of Lattice-based Cryptosystems , 2010, IACR Cryptol. ePrint Arch..

[9]  Chris Peikert Some Recent Progress in Lattice-Based Cryptography , 2009, TCC.

[10]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[11]  Tim Güneysu,et al.  High-Performance Ideal Lattice-Based Cryptography on 8-Bit ATxmega Microcontrollers , 2015, LATINCRYPT.

[12]  Ahmad-Reza Sadeghi,et al.  Efficient Helper Data Key Extractor on FPGAs , 2008, CHES.

[13]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[14]  Frederik Vercauteren,et al.  Compact Ring-LWE Cryptoprocessor , 2014, CHES.

[15]  RegevOded,et al.  On Ideal Lattices and Learning with Errors over Rings , 2013 .

[16]  Frederik Vercauteren,et al.  High-Speed Polynomial Multiplication Architecture for Ring-LWE and SHE Cryptosystems , 2015, IEEE Transactions on Circuits and Systems I: Regular Papers.

[17]  Erdem Alkim,et al.  Post-quantum Key Exchange - A New Hope , 2016, USENIX Security Symposium.

[18]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[19]  Chris Peikert,et al.  Better Key Sizes (and Attacks) for LWE-Based Encryption , 2011, CT-RSA.

[20]  Zhengzhong Jin,et al.  Optimal Key Consensus in Presence of Noise , 2016, IACR Cryptol. ePrint Arch..

[21]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.

[22]  N. J. A. Sloane,et al.  Sphere Packings, Lattices and Groups , 1987, Grundlehren der mathematischen Wissenschaften.

[23]  Craig Costello,et al.  Frodo: Take off the Ring! Practical, Quantum-Secure Key Exchange from LWE , 2016, IACR Cryptol. ePrint Arch..

[24]  A. Blokhuis SPHERE PACKINGS, LATTICES AND GROUPS (Grundlehren der mathematischen Wissenschaften 290) , 1989 .

[25]  Jintai Ding,et al.  A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem , 2012, IACR Cryptol. ePrint Arch..

[26]  Tim Güneysu,et al.  Practical Lattice-Based Cryptography: A Signature Scheme for Embedded Systems , 2012, CHES.

[27]  Michael Naehrig,et al.  Improved Security for a Ring-Based Fully Homomorphic Encryption Scheme , 2013, IMACC.

[28]  Zhe Liu,et al.  Efficient Ring-LWE Encryption on 8-Bit AVR Processors , 2015, CHES.

[29]  Tim Güneysu,et al.  Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware , 2013, Selected Areas in Cryptography.

[30]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[31]  Chris Peikert,et al.  Lattice Cryptography for the Internet , 2014, PQCrypto.