Abstract
Plenty of lattice-based cryptosystems use ternary or quinary sparse short vectors to accelerate the computing procedure. The hybrid attack, proposed by Howgrave-Graham, utilizes the sparsity of the short non-zero vector. Some improved hybrid attack presents a state-of-the-art performance in solving SVPs with ternary short vectors. However, the efficiency of the hybrid attack decreases when the short vector becomes quinary. Although there are several works for the ternary case, few of them focus on the situation that the infinite norm is larger than 1.
In this paper, we propose a new attack for lattice-based schemes using quinary short vectors, called the ESHybrid attack. Our attack is based on the structure of the hybrid attack, with the Meet-LWE algorithm [25] that replaces the traditional meet-in-the-middle structure. To solve the open question that Meet-LWE can not be applied to the hybrid attack, we propose the Error-Splitting (ES) technique. This technique utilizes the structure of quinary vectors and also makes the Meet-LWE procedure faster. We give a complete analysis of the complexity of this algorithm. The evaluation from practical parameter sets ensures that our ESHybrid attack is faster than the ordinary lattice reduction approach and the existing hybrid attack.
This work was done when all authors belonged to The University of Tokyo, and was supported by JST CREST Grant Number JPMJCR2113, Japan.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Akiyama, K., Goto, Y., Okumura, S., Takagi, T., Nuida, K., Hanaoka, G.: A public-key encryption scheme based on non-linear indeterminate equations. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 215–234. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72565-9_11
Albrecht, M.R.: On dual lattice attacks against small-secret LWE and parameter choices in hElib and SEAL. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 103–129. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56614-6_4
Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. J. Math. Cryptol. 9(3), 169–203 (2015)
Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. Cryptology ePrint Archive, Paper 2015/046 (2015)
Albrecht, M.R., et al.: Estimate all the LWE, NTRU schemes! In: Catalano, D., De Prisco, R. (eds.) SCN 2018. LNCS, vol. 11035, pp. 351–367. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98113-0_19
Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange - a new hope. In: 25th USENIX Security Symposium, USENIX Security 16, pp. 327–343. USENIX Association (2016)
Babai, L.: On Lovász’ lattice reduction and the nearest lattice point problem. In: Mehlhorn, K. (ed.) STACS 1985. LNCS, vol. 182, pp. 13–20. Springer, Heidelberg (1985). https://doi.org/10.1007/BFb0023990
Becker, A., Ducas, L., Gama, N., Laarhoven, T.: New directions in nearest neighbor searching with applications to lattice sieving. In: SODA 2016, pp. 10–24. SIAM (2016)
Bernstein, D.J., Chuengsatiansup, C., Lange, T., van Vredendaal, C.: NTRU prime: reducing attack surface at low cost. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 235–260. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72565-9_12
Bi, L., Lu, X., Luo, J., Wang, K.: Hybrid dual and meet-LWE attack. In: Nguyen, K., Yang, G., Guo, F., Susilo, W. (eds.) Information Security and Privacy. ACISP 2022. LNCS, vol. 13494, pp. 168–188. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-22301-3_9
Bi, L., Xianhui, L., Luo, J., Wang, K., Zhang, Z.: Hybrid dual attack on LWE with arbitrary secrets. Cybersecur. 5(1), 15 (2022)
Chen, Y.: Réduction de Réseau et Sécurité Concrète Chiffrement Complètement Homomorphe. PhD thesis, École normale supérieure (2013)
Chen, Y., Nguyen, P.Q.: BKZ 2.0: better lattice security estimates. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 1–20. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_1
Cheon, J.H., Hhan, M., Hong, S., Son, Y.: A hybrid of dual and meet-in-the-middle attack on sparse and ternary secret LWE. IEEE Access 7, 89497–89506 (2019)
Espitau, T., Joux, A., Kharchenko, N.: On a dual/Hybrid approach to small secret LWE. In: Bhargavan, K., Oswald, E., Prabhakaran, M. (eds.) INDOCRYPT 2020. LNCS, vol. 12578, pp. 440–462. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-65277-7_20
Esser, A., Girme, R., Mukherjee, A., Sarkar, S.: Memory-efficient attacks on small lwe keys. Cryptology ePrint Archive, Paper 2023/243 (2023)
Furst, M.L., Kannan, R.: Succinct certificates for almost all subset sum problems. SIAM J. Comput. 18(3), 550–558 (1989)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC 2009, pp. 169–178. ACM (2009)
Halevi, S., Shoup, V.: Design and implementation of helib: a homomorphic encryption library. Cryptology ePrint Archive, Paper 2020/1481 (2020)
HEAAB library. https://github.com/snucrypto/HEAAN
Hirschhorn, P.S., Hoffstein, J., Howgrave-Graham, N., Whyte, W.: Choosing NTRUEncrypt parameters in light of combined lattice reduction and MITM approaches. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 437–455. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01957-9_27
Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054868
Howgrave-Graham, N.: A hybrid lattice-reduction and meet-in-the-middle attack against NTRU. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 150–169. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74143-5_9
Howgrave-Graham, N., Silverman, J.H., Whyte, W.: A meet-in-the-middle attack on an ntru private key. In: Technical report, vol. 4622 of Technical report, pp. 150–169. NTRU Cryptosystems (2003)
May, A.: How to meet ternary LWE keys. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12826, pp. 701–731. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84245-1_24
Schnorr, C.-P.: A hierarchy of polynomial time lattice basis reduction algorithms. Theor. Comput. Sci. 53, 201–224 (1987)
Microsoft SEAL (release 4.1). https://github.com/Microsoft/SEAL. Microsoft Research, Redmond, WA
Wunderer, T.: A detailed analysis of the hybrid lattice-reduction and meet-in-the-middle attack. J. Math. Cryptol. 13(1), 1–26 (2019)
Wunderer, T.: On the security of lattice-based cryptography against lattice reduction and hybrid attacks. PhD thesis, Technischen Universität Darmstadt (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Zhu, H., Kamada, S., Kudo, M., Takagi, T. (2023). Improved Hybrid Attack via Error-Splitting Method for Finding Quinary Short Lattice Vectors. In: Shikata, J., Kuzuno, H. (eds) Advances in Information and Computer Security. IWSEC 2023. Lecture Notes in Computer Science, vol 14128. Springer, Cham. https://doi.org/10.1007/978-3-031-41326-1_7
Download citation
DOI: https://doi.org/10.1007/978-3-031-41326-1_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-41325-4
Online ISBN: 978-3-031-41326-1
eBook Packages: Computer ScienceComputer Science (R0)