You are looking at a specific version 20180309:004951 of this paper. See the latest version.

Paper 2017/1214

HILA5 Pindakaas: On the CCA security of lattice-based encryption with error correction

Daniel J. Bernstein and Leon Groot Bruinderink and Tanja Lange and Lorenz Panny

Abstract

We show that the NISTPQC submission HILA5 is not secure against chosen-ciphertext attacks. Specifically, we demonstrate a key-recovery attack on HILA5 using an active attack on reused keys. The attack works around the error correction in HILA5. The attack applies to the HILA5 key-encapsulation mechanism (KEM), and also to the public-key encryption mechanism (PKE) obtained by NIST's procedure for combining the KEM with authenticated encryption. This contradicts the most natural interpretation of the IND-CCA security claim for HILA5.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Post-quantum cryptographyKEMRLWEreaction attack.
Contact author(s)
authorcontact-helaas @ box cr yp to
History
2018-03-09: revised
2017-12-18: received
See all versions
Short URL
https://ia.cr/2017/1214
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.