In this work, we present Round2 that consists of a key-encapsulation mechanism and a public-key encryption scheme. Round2 is based on the General Learning with Rounding problem, that unifies the Learning with Rounding and Ring Learning with Rounding problems. Round2's construction using the above problem allows for a unified description and implementation. The key-encapsulation mechanism and public-key encryption scheme furthermore share common building blocks, simplifying (security and operational) analysis and code review. Round2's reliance on prime cyclotomic rings offers a large design space that allows fine-tuning of parameters to required security levels. The use of rounding reduces bandwidth requirements and the use of sparse-trinary secrets improves CPU performance and decryption success rates. Finally, Round2 includes various approaches of refreshing the system public parameter A, allowing efficient ways of preventing precomputation and back-door attacks.
Category / Keywords: key encapsulation, public key encryption, lattice techniques, post-quantum cryptography Date: received 5 Dec 2017, last revised 2 Mar 2018 Contact author: ludo tolhuizen at philips com Available format(s): PDF | BibTeX Citation Note: Spelling error in name of second author. Version: 20180302:125432 (All versions of this report) Short URL: ia.cr/2017/1183