You are looking at a specific version 20180309:004951 of this paper.
See the latest version.
Paper 2017/1214
HILA5 Pindakaas: On the CCA security of lattice-based encryption with error correction
Daniel J. Bernstein and Leon Groot Bruinderink and Tanja Lange and Lorenz Panny
Abstract
We show that the NISTPQC submission HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST's procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Post-quantum cryptographyKEMRLWEreaction attack.
- Contact author(s)
- authorcontact-helaas @ box cr yp to
- History
- 2018-03-09: revised
- 2017-12-18: received
- See all versions
- Short URL
- https://ia.cr/2017/1214
- License
-
CC BY