Paper 2020/1503
Recovery Attack on Bob's Secrets in CRYSTALS-KYBER and SABER
Satoshi Okada and Yuntao Wang
Abstract
Quantum computing capability outperforms that of the classic computers overwhelmingly, which seriously threatens modern public-key cryptography. For this reason, the National Institute of Standards and Technology (NIST) and several other standards organizations are progressing the standardization for post-quantum cryptography (PQC). There are two contenders among those candidates, CRYSTALS-KYBER and SABER, lattice-based encryption algorithms in the third round finalists of NIST's PQC standardization project. At the current phase, it is important to evaluate their security, which is based on the hardness of the variants of Ring Learning With Errors (Ring-LWE) problem. In ProvSec 2020, Wang et al. introduced a notion of "meta-PKE" for Ring-LWE crypto mechanism. They further proposed randomness reuse attacks on NewHope and LAC cryptosystems which meet the meta-PKE model. In their attacks, the encryptor Bob's partial (or even all) randomness can be recovered if it is reused. In this paper, we propose attacks against CRYSTALS-KYBER and SABER crypto schemes by adapting the meta-PKE model and improving Wang et al.'s methods. Then, we show that our proposed attacks cost at most 4, 3, and 4 queries to recover Bob's randomness for any security levels of I (AES-128), III (AES-192), and V (AES-256), respectively in CRYSTALS-KYBER. Simultaneously, no more than 6, 6, and 4 queries are required to recover Bob's secret for security levels I, III, and V in SABER.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Minor revision. ProvSec 2021
- DOI
- 10.1007/978-3-030-90402-9_9
- Keywords
- PQCKey Reuse AttackMeta-PKECRYSTALS-KYBERSABER
- Contact author(s)
-
okada-satoshi323 @ g ecc u-tokyo ac jp
y-wang @ jaist ac jp - History
- 2021-11-05: revised
- 2020-12-02: received
- See all versions
- Short URL
- https://ia.cr/2020/1503
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/1503, author = {Satoshi Okada and Yuntao Wang}, title = {Recovery Attack on Bob's Secrets in {CRYSTALS}-{KYBER} and {SABER}}, howpublished = {Cryptology {ePrint} Archive, Paper 2020/1503}, year = {2020}, doi = {10.1007/978-3-030-90402-9_9}, url = {https://eprint.iacr.org/2020/1503} }