Abstract
In this paper, we propose a lattice-based encryption scheme with a short ciphertext size. Our scheme is somewhat hybrid of the NTRU type encryptions and RLWE based encryptions. In particular, the ciphertext of the scheme is a ring element as NTRU type encryptions, yet it can be compressible as RLWE based encryption schemes. Furthermore, we present a key-encapsulation mechanism that is more efficient than a direct construction from our encryption scheme.
The IND-CPA security of the schemes is based on the RLWE assumption and the NTRU assumption. Our parameterizations show that the schemes enjoy almost the same public key size as the NIST PQC finalist lattice-based candidates, yet the ciphertext size is only about \(37\%\) of them.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
Informally, we say an encryption scheme is one-way secure if it is infeasible to decrypt ciphertexts of random plaintexts.
- 3.
Public key compression in the NTRU type encryption schemes will increases the decryption failure probability, yet it is theoretically feasible.
- 4.
We use the normal form definition of RLWE here, and \(\chi \) should close to discrete gaussian over \(R_q\).
- 5.
For the sake of simplicity, we just use the notation s here, yet letting s= pf +1 for some integer p and small coefficient ring element \(f\in R_q\) results in more efficient decryption.
- 6.
For an integer \(x\in \mathbb {Z}_q\), the notion \(\lceil x\rfloor _t:= \big \lceil \frac{t}{q} x \big \rfloor \), and it applies to the ring elements coefficient-wise.
- 7.
This is the case since the element r is with small coefficients and we have \(\big \lceil \frac{q}{2}\big \rceil \cdot 2r = r \mod q\) for the odd modulus q, and \(\big \lceil \frac{q}{2}\big \rceil \cdot 2r = 0 \mod q\) when q is even number.
References
NIST:PQC post-quantum cryptography standardization (2020). https://csrc.nist.gov/Projects/post-quantum-cryptography/round-3-submissions
Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: 28th ACM STOC, pp. 99–108. ACM Press, May 1996
Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange - a new hope. In: Holz, T., Savage, S. (eds.) USENIX Security 2016, pp. 327–343. USENIX Association, August 2016
Applebaum, B., Cash, D., Peikert, C., Sahai, A.: Fast cryptographic primitives and circular-secure encryption based on hard learning problems. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 595–618. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_35
Avanzi, R., et al.: CRYSTALS-kyber. Submission to the NIST post-quantum cryptography standardization project. NIST National Institute of Standards and Technology (2020)
Bos, J.W., et al.: Frodo: take off the ring! Practical, quantum-secure key exchange from LWE. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 1006–1018. ACM Press, October 2016
Bos, J.W., et al.: Frodo: take off the ring! practical, quantum-secure key exchange from LWE. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016, pp. 1006–1018. ACM (2016)
Brakerski, Z., Langlois, A., Peikert, C., Regev, O., Stehlé, D.: Classical hardness of learning with errors. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) 45th ACM STOC, pp. 575–584. ACM Press, June 2013
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_28
Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_34
Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Ladner, R.E., Dwork, C. (eds.) 40th ACM STOC, pp. 197–206. ACM Press, May 2008
Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054868
Hofheinz, D., Hövelmanns, K., Kiltz, E.: A modular analysis of the Fujisaki-Okamoto transformation. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 341–371. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70500-2_12
Jan-Pieter D’Anvers, S.S.R. Karmakar, A., Vercauteren, F.: SABER: submission to the NIST post-quantum cryptography standardization project. NIST National Institute of Standards and Technology (2020)
Jiang, H., Zhang, Z., Chen, L., Wang, H., Ma, Z.: IND-CCA-secure key encapsulation mechanism in the quantum random oracle model, revisited. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 96–125. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_4
Jin, Z., Zhao, Y.: Optimal key consensus in presence of noise. Cryptology ePrint Archive, Report 2017/1058 (2017). http://eprint.iacr.org/2017/1058
Lindner, R., Peikert, C.: Better key sizes (and attacks) for LWE-based encryption. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 319–339. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_21
Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1–23. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_1
Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In: Mitzenmacher, M. (ed.) 41st ACM STOC, pp. 333–342. ACM Press, May–June 2009
Peikert, C.: Lattice cryptography for the internet. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 197–219. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11659-4_12
Peikert, C., Regev, O., Stephens-Davidowitz, N.: Pseudorandomness of ring-LWE for any ring and modulus. In: Hatami, H., McKenzie, P., King, V. (eds.) 49th ACM STOC, pp. 461–473. ACM Press, June 2017
Poppelmann, T., et al.: Newhope. Submission to the NIST post-quantum cryptography standardization project. NIST National Institute of Standards and Technology (2019)
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC, pp. 84–93. ACM Press, May 2005
Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: 35th FOCS, pp. 124–134. IEEE Computer Society Press, November 1994
Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27–47. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_4
van Hoof, I., Kirshanova, E., May, A.: Quantum key search for ternary LWE. IACR Cryptol. ePrint Arch. 2021:865 (2021)
Zhang, J., Zhang, Z., Ding, J., Snook, M., Dagdelen, Ö.: Authenticated key exchange from ideal lattices. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 719–751. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_24
Zhang, Z., et al.: NTRU. Technical report, NIST National Institute of Standards and Technology (2020)
Acknowledgement
We would like to thank the anonymous reviewers of SAC 2021 for their insightful advices. Parhat Abla would like to thank Abduxukur Turgun for his support and fruitfull discussion.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Abla, P., Wang, M. (2022). Zaytun: Lattice Based PKE and KEM with Shorter Ciphertext Size. In: AlTawy, R., Hülsing, A. (eds) Selected Areas in Cryptography. SAC 2021. Lecture Notes in Computer Science, vol 13203. Springer, Cham. https://doi.org/10.1007/978-3-030-99277-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-99277-4_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-99276-7
Online ISBN: 978-3-030-99277-4
eBook Packages: Computer ScienceComputer Science (R0)