Paper 2020/1503
Key Recovery Attack on Bob's Secrets in CRYSTALS-KYBER and SABER
Satoshi Okada and Yuntao Wang
Abstract
CRYSTALS-KYBER and SABER are two lattice-based encryption algorithms in the third round finalists of NIST’s post-quantum cryptography standardization project. In ProvSec 2020, Wang et al. introduced a notion of “meta-PKE” for (ring) Learning With Errors crypto mechanism. They also proposed a key reuse attack on NewHope and LAC cryptosystems which meet the meta-PKE model. In their attack, the encryptor Bob’s partial (or even all) secrets can be recovered under the key reuse scenario. In this paper, we consider the meta-PKE model inCRYSTALS-KYBER and SABER. By improving Wang et al.’s method, we show that our proposed attacks cost only 4, 3, and 4 queries to recover Bob’s secrets for any security levels of I (AES-128), III (AES-192), and V (AES-256), respectively in CRYSTALS-KYBER. Simultaneously, only 6, 4, and 4 queries are required to recover Bob’s secret for security levels I, III, and V in SABER.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- PQCKey Reuse AttackMeta-PKECRYSTALS-KYBERSABER
- Contact author(s)
- okada-satoshi323 @ g ecc u-tokyo ac jp,y-wang @ jaist ac jp
- History
- 2021-11-05: revised
- 2020-12-02: received
- See all versions
- Short URL
- https://ia.cr/2020/1503
- License
-
CC BY