Paper 2016/152
Attacks and parameter choices in HIMMO
Oscar Garcia-Morchon, Ronald Rietman, Ludo Tolhuizen, Jose-Luis Torre-Arce, Moon Sung Lee, Domingo Gomez-Perez, Jaime Gutierrez, and Berry Schoenmakers
Abstract
The HIMMO scheme has been introduced as a lightweight collusion-resistant key pre-distribution scheme, with excellent efficiency in terms of bandwidth, energy consumption and computation time. As its cryptanalysis relies on lattice techniques, HIMMO is also an interesting quantum-safe candidate.
Unlike the schemes by Blom, by Matsumoto and Imai, and by Blundo {\em et al}, which break down once the number of colluding nodes exceeds
a given threshold, it aims at tolerating any number of colluding nodes.
In 2015, a contest for the verification of the scheme was held.
During the contest, a method was developed to guess a key by finding an approximate solution of one of the problems underlying the scheme.
This attack involves finding a short vector in a lattice of dimension linear in a system parameter
Metadata
- Available format(s)
-
PDF
- Publication info
- Preprint. MINOR revision.
- Keywords
- Key predistribution schemecollusion attackidentitylattice analysis
- Contact author(s)
- ludo tolhuizen @ philips com
- History
- 2016-02-18: received
- Short URL
- https://ia.cr/2016/152
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/152, author = {Oscar Garcia-Morchon and Ronald Rietman and Ludo Tolhuizen and Jose-Luis Torre-Arce and Moon Sung Lee and Domingo Gomez-Perez and Jaime Gutierrez and Berry Schoenmakers}, title = {Attacks and parameter choices in {HIMMO}}, howpublished = {Cryptology {ePrint} Archive, Paper 2016/152}, year = {2016}, url = {https://eprint.iacr.org/2016/152} }