Cryptanalysis of lattice-based key exchange on small integer solution problem and its improvement

Wang et al. introduced a new variant of small integer solution (SIS), namely, bilateral inhomogeneous small integer solution (Bi-ISIS) which is based on lattice cryptography, and constructed a Bi-ISIS-based key exchange (KE) protocol. In this paper, we indicate that Wang et al.’s Bi-ISIS-based KE protocol is not secure because a common shared key can be recovered directly by using linear algebraic methods. Furthermore, we analysis two simple variants of the Bi-ISIS-based KE and show that they are also insecure. To avoid the shared key attack, we present an improvement of the Bi-ISIS-based KE, whose security is reduced to the learning with error problem over modules (M-LWE).

[1]  Siu-Ming Yiu,et al.  Multi-key privacy-preserving deep learning in cloud computing , 2017, Future Gener. Comput. Syst..

[2]  Brij Bhooshan Gupta,et al.  Enhancing the Browser-Side Context-Aware Sanitization of Suspicious HTML5 Code for Halting the DOM-Based XSS Vulnerabilities in Cloud , 2017, Int. J. Cloud Appl. Comput..

[3]  Xiaodong Liu,et al.  Requirements model driven adaption and evolution of Internetware , 2014, Science China Information Sciences.

[4]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[5]  Miklós Ajtai,et al.  Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.

[6]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[7]  Daniele Micciancio,et al.  Worst-case to average-case reductions based on Gaussian measures , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[8]  G. P. Biswas,et al.  Cryptanalysis of Wang et al.’s lattice-based key exchange protocol☆ , 2016 .

[9]  Dan Boneh,et al.  Homomorphic Signatures for Polynomial Functions , 2011, EUROCRYPT.

[10]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[11]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[12]  B. B. Gupta,et al.  Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags , 2017, The Journal of Supercomputing.

[13]  Jintai Ding,et al.  A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem , 2012, IACR Cryptol. ePrint Arch..

[14]  David Cash,et al.  Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems , 2009, CRYPTO.

[15]  Chris Peikert,et al.  Lattice Cryptography for the Internet , 2014, PQCrypto.

[16]  Albrecht Petzoldt,et al.  Post-Quantum Cryptography: State of the Art , 2017, The New Codebreakers.

[17]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[18]  Jin Li,et al.  Secure attribute-based data sharing for resource-limited users in cloud computing , 2018, Comput. Secur..

[19]  Jin Li,et al.  Insight of the protection for data security under selective opening attacks , 2017, Inf. Sci..

[20]  Kousha Etessami,et al.  Recursive Markov chains, stochastic grammars, and monotone systems of nonlinear equations , 2005, JACM.

[21]  Yan Zhu,et al.  Lattice-based key exchange on small integer solution problem , 2014, Science China Information Sciences.

[22]  Kostas E. Psannis,et al.  Secure integration of IoT and Cloud Computing , 2018, Future Gener. Comput. Syst..

[23]  G. Lakpathi,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2016 .

[24]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[25]  Jianfeng Ma,et al.  VKSE-MO: verifiable keyword search over encrypted data in multi-owner settings , 2017, Science China Information Sciences.

[26]  Kristin E. Lauter,et al.  Postquantum Cryptography - State of the Art , 2017, IEEE Secur. Priv..

[27]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.

[28]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[29]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[30]  Pei Zhang,et al.  Cryptanalysis of a lattice based key exchange protocol , 2015, Science China Information Sciences.

[31]  Oded Regev,et al.  Lattice-Based Cryptography , 2006, CRYPTO.

[32]  Jintai Ding,et al.  Authenticated Key Exchange from Ideal Lattices , 2015, EUROCRYPT.

[33]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[34]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[35]  Fatos Xhafa,et al.  L-EncDB: A lightweight framework for privacy-preserving data queries in cloud computing , 2015, Knowl. Based Syst..

[36]  Suresh Jagannathan,et al.  CompCertTSO: A Verified Compiler for Relaxed-Memory Concurrency , 2013, JACM.

[37]  Damien Stehlé,et al.  Worst-case to average-case reductions for module lattices , 2014, Designs, Codes and Cryptography.