Cryptology ePrint Archive: Report 2018/150

Analysis of Error-Correcting Codes for Lattice-Based Key Exchange

Tim Fritzmann and Thomas Pöppelmann and Johanna Sepulveda

Abstract: Lattice problems allow the construction of very efficient key exchange and public-key encryption schemes. When using the Learning with Errors (LWE) or Ring-LWE (RLWE) problem such schemes exhibit an interesting trade-off between decryption error rate and security. The reason is that secret and error distributions with a larger standard deviation lead to better security but also increase the chance of decryption failures. As a consequence, various message/key encoding or reconciliation techniques have been proposed that usually encode one payload bit into several coefficients. In this work, we analyze how error-correcting codes can be used to enhance the error resilience of protocols like NewHope, Frodo, or Kyber. For our case study, we focus on the recently introduced NewHope Simple and propose and analyze four different options for error correction: i) BCH code; ii) combination of BCH code and additive threshold encoding; iii) LDPC code; and iv) combination of BCH and LDPC code. We show that lattice-based cryptography can profit from classical and modern codes by combining BCH and LDPC codes. This way we achieve quasi-error-free communication and increase the estimated bit-security against quantum attacks by 20.39% and decrease the communication overhead by 12.8%.

Category / Keywords: public-key cryptography / post-quantum key exchange, NewHope Simple, error-correcting codes

Date: received 7 Feb 2018

Contact author: tim fritzmann at tum de

Available format(s): PDF | BibTeX Citation

Version: 20180211:142840 (All versions of this report)

Short URL: ia.cr/2018/150

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]