One sample ring-LWE with rounding and its application to key exchange

Jintai Ding; Xinwei Gao; Tsuyoshi Takagi; Yuntao Wang

doi:10.1007/978-3-030-21568-2_16

One sample ring-LWE with rounding and its application to key exchange

Jintai Ding, Xinwei Gao, Tsuyoshi Takagi, Yuntao Wang^*

^*Corresponding author for this work

Research output: Chapter in Book or Report/Conference proceeding › Conference Proceeding › peer-review

9 Citations (Scopus)

Abstract

In this paper, we introduce a new provably secure ephemeral-only RLWE+Rounding-based key exchange protocol and a proper approach to more accurately estimate the security level of the RLWE problem with only one sample. Since our scheme is an ephemeral-only key exchange, it generates only one RLWE sample from protocol execution. We carefully analyze how to estimate the practical security of the RLWE problem with only one sample, which we call the ONE-sample RLWE problem. Our approach is different from existing approaches that are based on estimation with multiple RLWE samples. Though our analysis is based on some recently developed techniques in Darmstadt, our type of practical security estimate was never done before and it produces security estimates substantial different from the estimates before based on multiple RLWE samples. We show that the new design improves the security and reduce the communication cost of the protocol simultaneously by using one RLWE+Rounding sample technique. We also present two parameter choices ensuring $$2^{-60}$$ key exchange failure probability which cover security of AES-128/192/256 with concrete security analysis and implementation. We believe that our construction is secure, simple, efficient and elegant with wide application prospects.

Original language	English
Title of host publication	Applied Cryptography and Network Security - 17th International Conference, ACNS 2019, Proceedings
Editors	Valérie Gauthier-Umaña, Moti Yung, Martín Ochoa, Robert H. Deng
Publisher	Springer Verlag
Pages	323-343
Number of pages	21
ISBN (Print)	9783030215675
DOIs	https://doi.org/10.1007/978-3-030-21568-2_16
Publication status	Published - 2019
Externally published	Yes
Event	17th International Conference on Applied Cryptography and Network Security, ACNS 2019 - Bogota, Colombia Duration: 5 Jun 2019 → 7 Jun 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11464 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	17th International Conference on Applied Cryptography and Network Security, ACNS 2019
Country/Territory	Colombia
City	Bogota
Period	5/06/19 → 7/06/19

Keywords

Diffie-Hellman
Key exchange
Lattice
One sample
Post-quantum
RLWE

Access to Document

10.1007/978-3-030-21568-2_16

Cite this

Ding, J., Gao, X., Takagi, T., & Wang, Y. (2019). One sample ring-LWE with rounding and its application to key exchange. In V. Gauthier-Umaña, M. Yung, M. Ochoa, & R. H. Deng (Eds.), Applied Cryptography and Network Security - 17th International Conference, ACNS 2019, Proceedings (pp. 323-343). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11464 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-21568-2_16

Ding, Jintai ; Gao, Xinwei ; Takagi, Tsuyoshi et al. / One sample ring-LWE with rounding and its application to key exchange. Applied Cryptography and Network Security - 17th International Conference, ACNS 2019, Proceedings. editor / Valérie Gauthier-Umaña ; Moti Yung ; Martín Ochoa ; Robert H. Deng. Springer Verlag, 2019. pp. 323-343 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{754a82698dba424bba54402894bea8c0,

title = "One sample ring-LWE with rounding and its application to key exchange",

abstract = "In this paper, we introduce a new provably secure ephemeral-only RLWE+Rounding-based key exchange protocol and a proper approach to more accurately estimate the security level of the RLWE problem with only one sample. Since our scheme is an ephemeral-only key exchange, it generates only one RLWE sample from protocol execution. We carefully analyze how to estimate the practical security of the RLWE problem with only one sample, which we call the ONE-sample RLWE problem. Our approach is different from existing approaches that are based on estimation with multiple RLWE samples. Though our analysis is based on some recently developed techniques in Darmstadt, our type of practical security estimate was never done before and it produces security estimates substantial different from the estimates before based on multiple RLWE samples. We show that the new design improves the security and reduce the communication cost of the protocol simultaneously by using one RLWE+Rounding sample technique. We also present two parameter choices ensuring $$2^{-60}$$ key exchange failure probability which cover security of AES-128/192/256 with concrete security analysis and implementation. We believe that our construction is secure, simple, efficient and elegant with wide application prospects.",

keywords = "Diffie-Hellman, Key exchange, Lattice, One sample, Post-quantum, RLWE",

author = "Jintai Ding and Xinwei Gao and Tsuyoshi Takagi and Yuntao Wang",

note = "Publisher Copyright: {\textcopyright} Springer Nature Switzerland AG 2019.; 17th International Conference on Applied Cryptography and Network Security, ACNS 2019 ; Conference date: 05-06-2019 Through 07-06-2019",

year = "2019",

doi = "10.1007/978-3-030-21568-2_16",

language = "English",

isbn = "9783030215675",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "323--343",

editor = "Val{\'e}rie Gauthier-Uma{\~n}a and Moti Yung and Mart{\'i}n Ochoa and Deng, {Robert H.}",

booktitle = "Applied Cryptography and Network Security - 17th International Conference, ACNS 2019, Proceedings",

}

Ding, J, Gao, X, Takagi, T & Wang, Y 2019, One sample ring-LWE with rounding and its application to key exchange. in V Gauthier-Umaña, M Yung, M Ochoa & RH Deng (eds), Applied Cryptography and Network Security - 17th International Conference, ACNS 2019, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11464 LNCS, Springer Verlag, pp. 323-343, 17th International Conference on Applied Cryptography and Network Security, ACNS 2019, Bogota, Colombia, 5/06/19. https://doi.org/10.1007/978-3-030-21568-2_16

One sample ring-LWE with rounding and its application to key exchange. / Ding, Jintai; Gao, Xinwei; Takagi, Tsuyoshi et al.
Applied Cryptography and Network Security - 17th International Conference, ACNS 2019, Proceedings. ed. / Valérie Gauthier-Umaña; Moti Yung; Martín Ochoa; Robert H. Deng. Springer Verlag, 2019. p. 323-343 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11464 LNCS).

Research output: Chapter in Book or Report/Conference proceeding › Conference Proceeding › peer-review

TY - GEN

T1 - One sample ring-LWE with rounding and its application to key exchange

AU - Ding, Jintai

AU - Gao, Xinwei

AU - Takagi, Tsuyoshi

AU - Wang, Yuntao

N1 - Publisher Copyright: © Springer Nature Switzerland AG 2019.

PY - 2019

Y1 - 2019

N2 - In this paper, we introduce a new provably secure ephemeral-only RLWE+Rounding-based key exchange protocol and a proper approach to more accurately estimate the security level of the RLWE problem with only one sample. Since our scheme is an ephemeral-only key exchange, it generates only one RLWE sample from protocol execution. We carefully analyze how to estimate the practical security of the RLWE problem with only one sample, which we call the ONE-sample RLWE problem. Our approach is different from existing approaches that are based on estimation with multiple RLWE samples. Though our analysis is based on some recently developed techniques in Darmstadt, our type of practical security estimate was never done before and it produces security estimates substantial different from the estimates before based on multiple RLWE samples. We show that the new design improves the security and reduce the communication cost of the protocol simultaneously by using one RLWE+Rounding sample technique. We also present two parameter choices ensuring $$2^{-60}$$ key exchange failure probability which cover security of AES-128/192/256 with concrete security analysis and implementation. We believe that our construction is secure, simple, efficient and elegant with wide application prospects.

AB - In this paper, we introduce a new provably secure ephemeral-only RLWE+Rounding-based key exchange protocol and a proper approach to more accurately estimate the security level of the RLWE problem with only one sample. Since our scheme is an ephemeral-only key exchange, it generates only one RLWE sample from protocol execution. We carefully analyze how to estimate the practical security of the RLWE problem with only one sample, which we call the ONE-sample RLWE problem. Our approach is different from existing approaches that are based on estimation with multiple RLWE samples. Though our analysis is based on some recently developed techniques in Darmstadt, our type of practical security estimate was never done before and it produces security estimates substantial different from the estimates before based on multiple RLWE samples. We show that the new design improves the security and reduce the communication cost of the protocol simultaneously by using one RLWE+Rounding sample technique. We also present two parameter choices ensuring $$2^{-60}$$ key exchange failure probability which cover security of AES-128/192/256 with concrete security analysis and implementation. We believe that our construction is secure, simple, efficient and elegant with wide application prospects.

KW - Diffie-Hellman

KW - Key exchange

KW - Lattice

KW - One sample

KW - Post-quantum

KW - RLWE

UR - http://www.scopus.com/inward/record.url?scp=85067255219&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-21568-2_16

DO - 10.1007/978-3-030-21568-2_16

M3 - Conference Proceeding

AN - SCOPUS:85067255219

SN - 9783030215675

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 323

EP - 343

BT - Applied Cryptography and Network Security - 17th International Conference, ACNS 2019, Proceedings

A2 - Gauthier-Umaña, Valérie

A2 - Yung, Moti

A2 - Ochoa, Martín

A2 - Deng, Robert H.

PB - Springer Verlag

T2 - 17th International Conference on Applied Cryptography and Network Security, ACNS 2019

Y2 - 5 June 2019 through 7 June 2019

ER -

Ding J, Gao X, Takagi T, Wang Y. One sample ring-LWE with rounding and its application to key exchange. In Gauthier-Umaña V, Yung M, Ochoa M, Deng RH, editors, Applied Cryptography and Network Security - 17th International Conference, ACNS 2019, Proceedings. Springer Verlag. 2019. p. 323-343. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-21568-2_16

One sample ring-LWE with rounding and its application to key exchange

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this