You are looking at a specific version 20201202:100441 of this paper. See the latest version.

Paper 2020/1503

Key Recovery Attack on Bob's Secrets in CRYSTALS-KYBER and SABER

Satoshi Okada and Yuntao Wang

Abstract

CRYSTALS-KYBER and SABER are two lattice-based encryption algorithms in the third round finalists of NIST’s post-quantum cryptography standardization project. In ProvSec 2020, Wang et al. introduced a notion of “meta-PKE” for (ring) Learning With Errors crypto mechanism. They also proposed a key reuse attack on NewHope and LAC cryptosystems which meet the meta-PKE model. In their attack, the encryptor Bob’s partial (or even all) secrets can be recovered under the key reuse scenario. In this paper, we consider the meta-PKE model inCRYSTALS-KYBER and SABER. By improving Wang et al.’s method, we show that our proposed attacks cost only 4, 3, and 4 queries to recover Bob’s secrets for any security levels of I (AES-128), III (AES-192), and V (AES-256), respectively in CRYSTALS-KYBER. Simultaneously, only 6, 4, and 4 queries are required to recover Bob’s secret for security levels I, III, and V in SABER.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
PQCKey Reuse AttackMeta-PKECRYSTALS-KYBERSABER
Contact author(s)
okada-satoshi323 @ g ecc u-tokyo ac jp,y-wang @ jaist ac jp
History
2021-11-05: revised
2020-12-02: received
See all versions
Short URL
https://ia.cr/2020/1503
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.