You are looking at a specific version 20171218:211711 of this paper. See the latest version.

Paper 2017/1214

"HILA5 Pindakaas": On the CCA security of lattice-based encryption with error correction

Daniel J. Bernstein and Leon Groot Bruinderink and Tanja Lange and Lorenz Panny

Abstract

We show that HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST's procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Post-quantum cryptographyKEMRLWEreaction attack.
Contact author(s)
authorcontact-helaas @ box cr yp to
History
2018-03-09: revised
2017-12-18: received
See all versions
Short URL
https://ia.cr/2017/1214
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.