research-article

Lattice Klepto Revisited

Authors:

Yanbin PanAuthors Info & Claims

ASIA CCS '20: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

Pages 867 - 873

https://doi.org/10.1145/3320269.3384768

Published: 05 October 2020 Publication History

Abstract

Kleptography introduced by Young and Yung is about using an embedded backdoor to perform attacks on a cryptosystems. At SAC'17, Kwantet al. proposed a kleptographic backdoor on NTRU encryption scheme and thought that the backdoor can not be detected. However, in this paper we show that the user can detect the backdoor very efficiently and hence the problem of constructing a kleptographic backdoor on NTRU stays open. Moreover, we also design a universal method to embed a kleptographic backdoor for RLWE-based scheme, such as NewHope. Our construction is shown to be strongly undetectable, which reveals the threats of the kleptographic attacks on lattice-based schemes.

References

[1]

Erdem Alkim, Roberto Avanzi, and et al. 2019. NewHope . Technical Report. National Institute of Standards and Technology. https://csrc.nist.gov/projects/post-quantum-cryptography/round-2-submissions.

[2]

Erdem Alkim, Lé o Ducas, Thomas Pö ppelmann, and Peter Schwabe. 2016. Post-quantum Key Exchange - A New Hope. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016. 327--343.

[3]

Mihir Bellare, Joseph Jaeger, and Daniel Kane. 2015. Mass-surveillance without the State: Strongly Undetectable Algorithm-Substitution Attacks. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12--16, 2015. 1431--1440. https://doi.org/10.1145/2810103.2813681

Digital Library

[4]

Herman Galteland and Kristian Gjøsteen. 2019. Subliminal channels in post-quantum digital signature schemes. IACR Cryptology ePrint Archive, Vol. 2019 (2019), 574. https://eprint.iacr.org/2019/574

[5]

Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman. 1998. NTRU: A Ring-Based Public Key Cryptosystem. In Algorithmic Number Theory, Third International Symposium, ANTS-III, Portland, Oregon, USA, June 21--25, 1998, Proceedings . 267--288. https://doi.org/10.1007/BFb0054868

[6]

Jeffrey Hoffstein and Joseph H. Silverman. 2000. Reaction Attacks Against the NTRU Public Key Cryptosystem. https://ntru.org/f/tr/tr015v2.pdf

[7]

Facebook Inc. 2016. Internet Defense Prize. https://internetdefenseprize.org/

[8]

Robin Kwant, Tanja Lange, and Kimberley Thissen. 2017. Lattice Klepto - Turning Post-Quantum Crypto Against Itself. In Selected Areas in Cryptography - SAC 2017 - 24th International Conference, Ottawa, ON, Canada, August 16--18, 2017, Revised Selected Papers. 336--354. https://doi.org/10.1007/978--3--319--72565--9_17

[9]

Vadim Lyubashevsky, Chris Peikert, and Oded Regev. 2012. On Ideal Lattices and Learning with Errors Over Rings. IACR Cryptology ePrint Archive, Vol. 2012 (2012), 230. http://eprint.iacr.org/2012/230

[10]

Phong Q. Nguyen and David Pointcheval. 2002. Analysis and Improvements of NTRU Encryption Paddings. In Advances in Cryptology - CRYPTO 2002, 22nd Annual International Cryptology Conference, Santa Barbara, California, USA, August 18--22, 2002, Proceedings . 210--225. https://doi.org/10.1007/3--540--45708--9_14

[11]

National Institute of Standards and Technology. 2019. Round 2 Submissions - Post-Quantum Cryptography | CSRC. https://csrc.nist.gov/projects/post-quantum-cryptography/round-2-submissions

[12]

Chris Peikert. 2014. Lattice Cryptography for the Internet. In Proc. 6th International Conference on Post-Quantum Cryptography (PQCrypto) 2014, LNCS 8772. Springer, 197--219.

[13]

Certicom Research. 2000. SEC 2: Recommended Elliptic Curve Domain Parameters. https://www.secg.org/SEC2-Ver-1.0.pdf

[14]

Victor Shoup. 2008. NTL: A Library for doing Number Theory. https://www.shoup.net/ntl

[15]

Gustavus J. Simmons. 1983. The Prisoners' Problem and the Subliminal Channel. In Advances in Cryptology, Proceedings of CRYPTO '83, Santa Barbara, California, USA, August 21--24, 1983 . 51--67.

[16]

Gustavus J. Simmons. 1984. The Subliminal Channel and Digital Signature. In Advances in Cryptology: Proceedings of EUROCRYPT 84, A Workshop on the Theory and Application of of Cryptographic Techniques, Paris, France, April 9--11, 1984, Proceedings . 364--378. https://doi.org/10.1007/3--540--39757--4_25

[17]

Gustavus J. Simmons. 1985. A Secure Subliminal Channel (?). In Advances in Cryptology - CRYPTO '85, Santa Barbara, California, USA, August 18--22, 1985, Proceedings (Lecture Notes in Computer Science), Hugh C. Williams (Ed.), Vol. 218. Springer, 33--41. https://doi.org/10.1007/3--540--39799-X_5

[18]

Gustavus J. Simmons. 1994. Subliminal channels; past and present. European Transactions on Telecommunications, Vol. 5, 4 (1994), 459--474. https://doi.org/10.1002/ett.4460050408

[19]

Dianyan Xiao and Yang Yu. 2018. Klepto for Ring-LWE Encryption. Comput. J., Vol. 61, 8 (2018), 1228--1239. https://doi.org/10.1093/comjnl/bxy060

[20]

Adam L. Young and Moti Yung. 1996 a. The Dark Side of "Black-Box" Cryptography, or: Should We Trust Capstone?. In Advances in Cryptology - CRYPTO '96, 16th Annual International Cryptology Conference, Santa Barbara, California, USA, August 18--22, 1996, Proceedings . 89--103. https://doi.org/10.1007/3--540--68697--5_8

[21]

Adam L. Young and Moti Yung. 1996 b. The Dark Side of "Black-Box" Cryptography, or: Should We Trust Capstone?. In Advances in Cryptology - CRYPTO '96, 16th Annual International Cryptology Conference, Santa Barbara, California, USA, August 18--22, 1996, Proceedings . 89--103. https://doi.org/10.1007/3--540--68697--5_8

Cited By

Ravi PBhasin SChattopadhyay AAikata ASinha Roy S(2024)Backdooring Post-Quantum Cryptography: Kleptographic Attacks on Lattice-based KEMsProceedings of the Great Lakes Symposium on VLSI 202410.1145/3649476.3660373(216-221)Online publication date: 12-Jun-2024
https://dl.acm.org/doi/10.1145/3649476.3660373
Jiang HHan JZhang ZMa ZWang H(2023)Practical Algorithm Substitution Attacks on Real-World Public-Key CryptosystemsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.330412418(5069-5081)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1109/TIFS.2023.3304124
Basak Chowdhury AMahapatra ASoni DKarri R(2023)Fuzzing+Hardware Performance Counters-Based Detection of Algorithm Subversion Attacks on Postquantum Signature SchemesIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2022.315974942:2(384-396)Online publication date: Feb-2023
https://doi.org/10.1109/TCAD.2022.3159749
Show More Cited By

Index Terms

Lattice Klepto Revisited
1. Security and privacy
  1. Cryptography
    1. Cryptanalysis and other attacks

Recommendations

Lattice-based certificateless encryption scheme

Certificateless public key cryptography (CL-PKC) can solve the problems of certificate management in a public key infrastructure (PKI) and of key escrows in identity-based public key cryptography (ID-PKC). In CL-PKC, the key generation center (KGC) does ...
NTWE: A Natural Combination of NTRU and LWE
Post-Quantum Cryptography
Abstract
Lattice-based cryptosystems are some of the primary post-quantum secure alternatives to the asymmetric cryptography that is used today. These lattice-based cryptosystems typically rely on the hardness of some version of either the NTRU or the LWE ...
Zaytun: Lattice Based PKE and KEM with Shorter Ciphertext Size
Selected Areas in Cryptography
Abstract
In this paper, we propose a lattice-based encryption scheme with a short ciphertext size. Our scheme is somewhat hybrid of the NTRU type encryptions and RLWE based encryptions. In particular, the ciphertext of the scheme is a ring element as NTRU ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '20: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

October 2020

957 pages

ISBN:9781450367509

DOI:10.1145/3320269

General Chairs:
Hung-Min Sun
National Tsing Hua University, Taiwan
,
Shiuhpyng Shieh
National Chiao Tung University, Taiwan
,
Program Chairs:
Guofei Gu
Texas A&M University, USA
,
Giuseppe Ateniese
Stevens Institute of Technology, USA

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 October 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Center for Mathematics and Interdisciplinary Sciences CAS
National Natural Science Foundation of China

Conference

ASIA CCS '20

Sponsor:

SIGSAC

ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security

October 5 - 9, 2020

Taipei, Taiwan

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
152
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)1

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ravi PBhasin SChattopadhyay AAikata ASinha Roy S(2024)Backdooring Post-Quantum Cryptography: Kleptographic Attacks on Lattice-based KEMsProceedings of the Great Lakes Symposium on VLSI 202410.1145/3649476.3660373(216-221)Online publication date: 12-Jun-2024
https://dl.acm.org/doi/10.1145/3649476.3660373
Jiang HHan JZhang ZMa ZWang H(2023)Practical Algorithm Substitution Attacks on Real-World Public-Key CryptosystemsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.330412418(5069-5081)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1109/TIFS.2023.3304124
Basak Chowdhury AMahapatra ASoni DKarri R(2023)Fuzzing+Hardware Performance Counters-Based Detection of Algorithm Subversion Attacks on Postquantum Signature SchemesIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2022.315974942:2(384-396)Online publication date: Feb-2023
https://doi.org/10.1109/TCAD.2022.3159749
Hemmert TMay AMittmann JSchneider C(2022)How to Backdoor (Classic) McEliece and How to Guard Against BackdoorsPost-Quantum Cryptography10.1007/978-3-031-17234-2_2(24-44)Online publication date: 21-Sep-2022
https://doi.org/10.1007/978-3-031-17234-2_2

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten