You are looking at a specific version 20171218:211711 of this paper.
See the latest version.
Paper 2017/1214
"HILA5 Pindakaas": On the CCA security of lattice-based encryption with error correction
Daniel J. Bernstein and Leon Groot Bruinderink and Tanja Lange and Lorenz Panny
Abstract
We show that HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST's procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Post-quantum cryptographyKEMRLWEreaction attack.
- Contact author(s)
- authorcontact-helaas @ box cr yp to
- History
- 2018-03-09: revised
- 2017-12-18: received
- See all versions
- Short URL
- https://ia.cr/2017/1214
- License
-
CC BY