Skip to main content
Springer Nature Link
Log in

Cryptanalysis of the Randomized Version of a Lattice-Based Signature Scheme from PKC’08

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10946))

Included in the following conference series:

Abstract

In PKC’08, Plantard, Susilo and Win proposed a lattice-based signature scheme, whose security is based on the hardness of the closest vector problem with the infinity norm (CVP\(_\infty \)). This signature scheme was proposed as a countermeasure against the Nguyen-Regev attack, which improves the security and the efficiency of the Goldreich, Goldwasser and Halevi scheme (GGH). Furthermore, to resist potential side channel attacks, the authors suggested modifying the deterministic signing algorithm to be randomized. In this paper, we propose a chosen message attack against the randomized version. Note that the randomized signing algorithm will generate different signature vectors in a relatively small cube for the same message, so the difference of any two signature vectors will be relatively short lattice vector. Once collecting enough such short difference vectors, we can recover the whole or the partial secret key by lattice reduction algorithms, which implies that the randomized version is insecure under the chosen message attack.

This work was supported in part by the NNSF of China (No. 61572490 and No. 11471314), and in part by the National Center for Mathematics and Interdisciplinary Sciences, CAS.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ajtai, M.: The shortest vector problem in L2 is NP-hard for randomized reductions (extended abstract). In: Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing, STOC 1998, pp. 10–19. ACM, New York (1998). https://doi.org/10.1145/276698.276705

  2. Babai, L.: On Lovász’ lattice reduction and the nearest lattice point problem. Combinatorica 6(1), 1–13 (1986). https://doi.org/10.1007/BF02579403

    Article  MathSciNet  MATH  Google Scholar 

  3. Boas, P.V.E.: Another NP-complete problem and the complexity of computing short vectors in lattices. Mathematics Department Report 81–04. University of Amsterdam (1981)

    Google Scholar 

  4. Chen, Y., Nguyen, P.Q.: BKZ 2.0: better lattice security estimates. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 1–20. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_1

    Chapter  Google Scholar 

  5. Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal Gaussians. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 40–56. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_3

    Chapter  Google Scholar 

  6. Ducas, L., Lyubashevsky, V., Prest, T.: Efficient identity-based encryption over NTRU lattices. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 22–41. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45608-8_2

    Chapter  Google Scholar 

  7. Ducas, L., Nguyen, P.Q.: Learning a zonotope and more: cryptanalysis of NTRUSign countermeasures. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 433–450. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_27

    Chapter  Google Scholar 

  8. Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, STOC 2008, pp. 197–206. ACM, New York (2008). https://doi.org/10.1145/1374376.1374407

  9. Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 112–131. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052231

    Chapter  Google Scholar 

  10. Hoffstein, J., Howgrave-Graham, N., Pipher, J., Silverman, J.H., Whyte, W.: NTRUSign: digital signatures using the NTRU lattice. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 122–140. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36563-X_9

    Chapter  Google Scholar 

  11. Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054868

    Chapter  Google Scholar 

  12. Klein, P.: Finding the closest lattice vector when it’s unusually close. In: Proceedings of the Eleventh Annual ACM-SIAM Symposium on Discrete Algorithms, SODA 2000, pp. 937–941. Society for Industrial and Applied Mathematics, Philadelphia (2000). http://dl.acm.org/citation.cfm?id=338219.338661

  13. Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261(4), 515–534 (1982). https://doi.org/10.1007/BF01457454

  14. Liu, M., Nguyen, P.Q.: Solving BDD by enumeration: an update. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 293–309. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36095-4_19

    Chapter  Google Scholar 

  15. Micciancio, D.: Improving lattice based cryptosystems using the Hermite normal form. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 126–145. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44670-2_11

    Chapter  Google Scholar 

  16. Mitzenmacher, M., Upfal, E.: Probability and Computing: Randomized Algorithms and Probabilistic Analysis. Cambridge University Press, New York (2005)

    Book  MATH  Google Scholar 

  17. Motwani, R., Raghavan, P.: Randomized Algorithms. Cambridge University Press, Cambridge (1995). https://doi.org/10.1145/211542.606546

  18. Nguyen, P.Q., Regev, O.: Learning a parallelepiped: cryptanalysis of GGH and NTRU signatures. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 271–288. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_17

    Chapter  Google Scholar 

  19. Plantard, T., Susilo, W., Win, K.T.: A digital signature scheme based on CVP\(_\infty \). In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 288–307. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78440-1_17

  20. Schnorr, C.P., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Math. Program. 66(1–3), 181–199 (1994). https://doi.org/10.1007/BF01581144

    Article  MathSciNet  MATH  Google Scholar 

  21. Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings 35th Annual Symposium on Foundations of Computer Science, pp. 124–134. IEEE, Santa Fe, November 1994. https://doi.org/10.1109/SFCS.1994.365700

  22. Shoup, V.: NTL: A library for doing number theory (2001). http://www.shoup.net/ntl

  23. Stein, W., et al.: Sage Mathematics Software Version 7.5.1. The Sage Development Team (2017). http://www.sagemath.org

Download references

Author information

Authors and Affiliations

  1. Key Laboratory of Mathematics Mechanization, NCMIS, Academy of Mathematics and Systems Science, Chinese Academy of Sciences, Beijing, 100190, China

    Haoyu Li & Yanbin Pan

  2. School of Mathematical Sciences, University of Chinese Academy of Sciences, Beijing, 100049, China

    Haoyu Li

  3. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Renzhang Liu

  4. Département de Mathématiques, Université de Caen, Caen, France

    Abderrahmane Nitaj

Authors
  1. Haoyu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Renzhang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abderrahmane Nitaj
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yanbin Pan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yanbin Pan .

Editor information

Editors and Affiliations

  1. University of Wollongong, Wollongong, NSW, Australia

    Willy Susilo

  2. University of Wollongong, Wollongong, NSW, Australia

    Guomin Yang

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, H., Liu, R., Nitaj, A., Pan, Y. (2018). Cryptanalysis of the Randomized Version of a Lattice-Based Signature Scheme from PKC’08. In: Susilo, W., Yang, G. (eds) Information Security and Privacy. ACISP 2018. Lecture Notes in Computer Science(), vol 10946. Springer, Cham. https://doi.org/10.1007/978-3-319-93638-3_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-93638-3_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-93637-6

  • Online ISBN: 978-3-319-93638-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics