How to Encrypt with the LPN Problem

We present a probabilistic private-key encryption scheme named LPN-C whose security can be reduced to the hardness of the Learning from Parity with Noise (LPN) problem. The proposed protocol involves only basic operations in GF(2) and an error-correcting code. We show that it achieves indistinguishability under adaptive chosen plaintext attacks (IND-P2-C0). Appending a secure MAC renders the scheme secure under adaptive chosen ciphertext attacks. This scheme enriches the range of available cryptographic primitives whose security relies on the hardness of the LPN problem.

[1]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[2]  Matthew J. B. Robshaw,et al.  An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[3]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[4]  Moni Naor,et al.  Nonmalleable Cryptography , 2000, SIAM Rev..

[5]  Yannick Seurin,et al.  Good Variants of HB+ Are Hard to Find , 2008, Financial Cryptography.

[6]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[7]  Yannick Seurin,et al.  HB#: Increasing the Security and Efficiency of HB+ , 2008, EUROCRYPT.

[8]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[9]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[10]  Jonathan Katz,et al.  Complete characterization of security notions for probabilistic private-key encryption , 2000, STOC '00.

[11]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[12]  Jonathan Katz,et al.  Parallel and Concurrent Security of the HB and HB+ Protocols , 2006, EUROCRYPT.

[13]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.

[14]  Elwyn R. Berlekamp,et al.  On the inherent intractability of certain coding problems (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[15]  Hugo Krawczyk,et al.  On the Existence of Pseudorandom Generators , 1988, CRYPTO.

[16]  Julien Bringer,et al.  HB^+^+: a Lightweight Authentication Protocol Secure against Some Attacks , 2006, Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06).

[17]  Jonathan Katzand,et al.  Parallel and Concurrent Security of the HB and HB + Protocols , 2006 .

[18]  Hideki Imai,et al.  An Algorithm for Solving the LPN Problem and Its Application to Security Evaluation of the HB Protocols for RFID Authentication , 2006, INDOCRYPT.

[19]  Willi Meier,et al.  TCHo: A Hardware-Oriented Trapdoor Cipher , 2007, ACISP.

[20]  Jonathan Katz,et al.  Analyzing the HB and HB+ Protocols in the "Large Error" Case , 2006, IACR Cryptol. ePrint Arch..

[21]  Johan Håstad,et al.  Some optimal inapproximability results , 2001, JACM.

[22]  Éric Levieil,et al.  An Improved LPN Algorithm , 2006, SCN.

[23]  Jonathan Katz,et al.  Characterization of Security Notions for Probabilistic Private-Key Encryption , 2005, Journal of Cryptology.

[24]  T. R. N. Rao,et al.  Private-key algebraic-code encryptions , 1989, IEEE Trans. Inf. Theory.

[25]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, Journal of Cryptology.

[26]  Reihaneh Safavi-Naini,et al.  Information Security and Privacy, 11th Australasian Conference, ACISP 2006, Melbourne, Australia, July 3-5, 2006, Proceedings , 2006, ACISP.

[27]  Kwangjo Kim,et al.  Securing HB+ against GRS Man-in-the-Middle Attack , 2007 .

[28]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[29]  Leonid A. Levin,et al.  No better ways to generate hard NP instances than picking uniformly at random , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[30]  Hideki Imai,et al.  A Novel Algorithm for Solving the LPN Problem and its Application to Security Evaluation of the HB Protocol for RFID Authentication , 2006, IACR Cryptol. ePrint Arch..

[31]  Richard J. Lipton,et al.  Cryptographic Primitives Based on Hard Learning Problems , 1993, CRYPTO.

[32]  Jorge Munilla,et al.  HB-MP: A further step in the HB-family of lightweight authentication protocols , 2007, Comput. Networks.

[33]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2009, JACM.

[34]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[35]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.