Abstract
Akiyama, Goto, Okumura, Takagi, Nuida and Hanaoka introduced an indeterminate equation analogue of learning with errors (IE-LWE) problem as a new computationally hard problem and constructed a candidate of post-quantum cryptosystem, called “Giophantus”. Giophantus satisfies the indistinguishability under chosen plaintext attack (IND-CPA) if IE-LWE problem is computationally infeasible. Akiyama et al., Shimizu and Ikematsu proposed improved Giophantus to the post-quantum standardization project. Beullens, Castryck and Vercauteren proposed an evaluation at one attack against IND-CPA security of Giophantus. However, Akiyama et al. assert that recommended parameters can resist Vercauteren et al.’s attack. Therefore, the security analysis on Giophantus is still needed.
In this paper, we propose a new kind of evaluation attack against IND-CPA security of Giophantus. Our attack solves IE-LWE problem by combining a part of Vercauteren et al.’s attack with a lattice attack on low rank lattices, e.g., 6-rank lattices for recommended parameters. Moreover, we investigate a way to avoid our attack and some variants of our attack. We give some remarks on modification of the IE-LWE problem. Our experimental analysis shows that our attack can solve IE-LWE problem efficiently, and that Giophantus does not satisfy IND-CPA security unless IE-LWE problem is modified appropriately.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Akiyama, K., Goto, Y., Okumura, S., Takagi, T., Nuida, K., Hanaoka, G.: A public-key encryption scheme based on non-linear indeterminate equations. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 215–234. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72565-9_11
Akiyama, K., et al.: Indeterminate equation publickey cryptosystem (\(\rm Giophantus^{\rm tm}\rm \)), in the round-1-submissions of NIST PQC standardization (2017). https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/
Akiyama, K., et al.: A public-key encryption scheme based on non-linear indeterminate equations (Giophantus). IACR Cryptology ePrint Archive 2017, 1241 (2017). http://eprint.iacr.org/2017/1241
Albrecht, M.R., Göpfert, F., Virdia, F., Wunderer, T.: Revisiting the expected cost of solving uSVP and applications to LWE. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 297–322. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_11
Beullens, W., Castryck, W., Vercauteren, F.: IND-CPA attack on Giophantus, in the official-comments to Giophantus for NIST round-1-submissions (2018). https://csrc.nist.gov/CSRC/media/Projects/Post-Quantum-Cryptography/documents/round-1/official-comments/Giophantus-official-comment.pdf
Bosma, W., Cannon, J.J., Playoust, C.: The MAGMA algebra system I: the user language. J. Symb. Comput. 24(3/4), 235–265 (1997). https://doi.org/10.1006/jsco.1996.0125
Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_12
Eisenträger, K., Hallgren, S., Lauter, K.: Weak instances of PLWE. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 183–194. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13051-4_11
Elias, Y., Lauter, K.E., Ozman, E., Stange, K.E.: Provably weak instances of Ring-LWE. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 63–92. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_4
Gentry, C.: Key recovery and message attacks on NTRU-composite. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 182–194. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_12
Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054868
Kudo, M.: Attacks against search Poly-LWE. IACR Cryptology ePrint Archive 2016, 1153 (2016). http://eprint.iacr.org/2016/1153
Lindner, R., Peikert, C.: Better key sizes (and attacks) for LWE-based encryption. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 319–339. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_21
McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. The Deep Space Network Progress Report, DSN PR 42-44, January and February 1978, pp. 114–116 (1987)
NIST: Post-quantum cryptography standardization. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Post-Quantum-Cryptography-Standardization
Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27–47. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_4
Xagawa, K.: Practical cryptanalysis of a public-key encryption scheme based on non-linear indeterminate equations at SAC 2017. IACR Cryptology ePrint Archive 2017, 1224 (2017). http://eprint.iacr.org/2017/1224
Yasuda, T., Sakurai, K.: A multivariate encryption scheme with rainbow. In: Qing, S., Okamoto, E., Kim, K., Liu, D. (eds.) ICICS 2015. LNCS, vol. 9543, pp. 236–251. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29814-6_19
Acknowledgement
This work is partially supported by JSPS KAKENHI Grant(B) (JP17K18450), Grant (C)(JP15K00183), Microsoft Research Asia, CREST(JPMJCR1404) at Japan Science and Technology Agency, the Japan-Taiwan Collaborative Research Program at Japan Science and Technology Agency, and Project for Establishing a Nationwide Practical Education Network for IT Human Resources Development, Education Network for Practical Information Technologies.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Muroi, A., Okumura, S., Miyaji, A. (2020). An Improved Security Analysis on an Indeterminate Equation Public Key Cryptosystem by Evaluation Attacks. In: Paterson, K., Stebila, D. (eds) Selected Areas in Cryptography – SAC 2019. SAC 2019. Lecture Notes in Computer Science(), vol 11959. Springer, Cham. https://doi.org/10.1007/978-3-030-38471-5_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-38471-5_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-38470-8
Online ISBN: 978-3-030-38471-5
eBook Packages: Computer ScienceComputer Science (R0)