10,542 research outputs found
Lattice-based Key Sharing Schemes - A Survey
Public key cryptography is an indispensable component used in almost all of our present day digital infrastructure. However, most if not all of it is predominantly built upon hardness guarantees of number theoretic problems that can be broken by large scale quantum computers in the future. Sensing the imminent threat from continued advances in quantum computing, NIST has recently initiated a global level standardization process for quantum resistant public-key cryptographic primitives such as public key encryption, digital signatures and key encapsulation mechanisms. While the process received proposals from various categories of post-quantum cryptography, lattice-based cryptography features most prominently among all the submissions. Lattice-based cryptography offers a very attractive alternative to traditional public-key cryptography mainly due to the variety of lattice-based schemes offering varying flavors of security and efficiency guarantees. In this paper, we survey the evolution of lattice-based key sharing schemes (public key encryption and key encapsulation schemes) and cover various aspects ranging from theoretical security guarantees, general algorithmic frameworks, practical implementation aspects and physical attack security, with special focus on lattice-based key sharing schemes competing in the NIST\u27s
standardization process. Please note that our work is focussed on the results available from the second round of the NIST\u27s standardization process while the standardization process has progressed to the third and final round at the time of publishing this document
Post-Quantum UC-Secure Oblivious Transfer in the Standard Model with Adaptive Corruptions
Since the seminal result of Kilian, Oblivious Transfer has proven to be a
fundamental primitive in cryptography. In such a scheme, a user is able
to gain access to an element owned by a server, without learning more than
this single element, and without the server learning which element the user
has accessed. This primitive has received a lot of study in the literature,
among which very few schemes are based on lattices.
The recent NIST call for post-quantum encryption and signature
schemes has revived the interest for cryptographic protocols based on
post-quantum assumptions and the need for a secure post-quantum
oblivious transfer scheme.
In this paper, we show how to construct an oblivious transfer
scheme based on lattices, from a collision-resistant chameleon hash
scheme (CH) and a CCA encryption scheme accepting a smooth projective
hash function (SPHF). Note that our scheme does not rely on random
oracles and provides UC security against adaptive corruptions assuming
reliable erasures
Practical key-recovery attack on MQ-Sign
This note describes a polynomial-time key-recovery attack on the UOV-based signature scheme called MQ-Sign. The scheme is a first-round candidate in the Korean Post-Quantum Cryptography Competition. Our attack exploits the sparsity of the secret central polynomials in combination with the specific structure of the secret linear map . We provide a verification script that recovers the secret key in less than seven seconds for security level 5
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Orthogonal-state-based cryptography in quantum mechanics and local post-quantum theories
We introduce the concept of cryptographic reduction, in analogy with a
similar concept in computational complexity theory. In this framework, class
of crypto-protocols reduces to protocol class in a scenario , if for
every instance of , there is an instance of and a secure
transformation that reproduces given , such that the security of
guarantees the security of . Here we employ this reductive framework to
study the relationship between security in quantum key distribution (QKD) and
quantum secure direct communication (QSDC). We show that replacing the
streaming of independent qubits in a QKD scheme by block encoding and
transmission (permuting the order of particles block by block) of qubits, we
can construct a QSDC scheme. This forms the basis for the \textit{block
reduction} from a QSDC class of protocols to a QKD class of protocols, whereby
if the latter is secure, then so is the former. Conversely, given a secure QSDC
protocol, we can of course construct a secure QKD scheme by transmitting a
random key as the direct message. Then the QKD class of protocols is secure,
assuming the security of the QSDC class which it is built from. We refer to
this method of deduction of security for this class of QKD protocols, as
\textit{key reduction}. Finally, we propose an orthogonal-state-based
deterministic key distribution (KD) protocol which is secure in some local
post-quantum theories. Its security arises neither from geographic splitting of
a code state nor from Heisenberg uncertainty, but from post-measurement
disturbance.Comment: 12 pages, no figure, this is a modified version of a talk delivered
by Anirban Pathak at Quantum 2014, INRIM, Turin, Italy. This version is
published in Int. J. Quantum. Info
Practical cryptographic strategies in the post-quantum era
We review new frontiers in information security technologies in
communications and distributed storage technologies with the use of classical,
quantum, hybrid classical-quantum, and post-quantum cryptography. We analyze
the current state-of-the-art, critical characteristics, development trends, and
limitations of these techniques for application in enterprise information
protection systems. An approach concerning the selection of practical
encryption technologies for enterprises with branched communication networks is
introduced.Comment: 5 pages, 2 figures; review pape
Using quantum key distribution for cryptographic purposes: a survey
The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the information-theoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
point-to-point link; 2) using QKD in a network containing many users with the
objective of offering any-to-any key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special
issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
Trusted Noise in Continuous-Variable Quantum Key Distribution: a Threat and a Defense
We address the role of the phase-insensitive trusted preparation and
detection noise in the security of a continuous-variable quantum key
distribution, considering the Gaussian protocols on the basis of coherent and
squeezed states and studying them in the conditions of Gaussian lossy and noisy
channels. The influence of such a noise on the security of Gaussian quantum
cryptography can be crucial, even despite the fact that a noise is trusted, due
to a strongly nonlinear behavior of the quantum entropies involved in the
security analysis. We recapitulate the known effect of the preparation noise in
both direct and reverse-reconciliation protocols, as well as the detection
noise in the reverse-reconciliation scenario. As a new result, we show the
negative role of the trusted detection noise in the direct-reconciliation
scheme. We also describe the role of the trusted preparation or detection noise
added at the reference side of the protocols in improving the robustness of the
protocols to the channel noise, confirming the positive effect for the
coherent-state reverse-reconciliation protocol. Finally, we address the
combined effect of trusted noise added both in the source and the detector.Comment: 25 pages, 9 figure
Distributing Secret Keys with Quantum Continuous Variables: Principle, Security and Implementations
The ability to distribute secret keys between two parties with
information-theoretic security, that is, regardless of the capacities of a
malevolent eavesdropper, is one of the most celebrated results in the field of
quantum information processing and communication. Indeed, quantum key
distribution illustrates the power of encoding information on the quantum
properties of light and has far reaching implications in high-security
applications. Today, quantum key distribution systems operate in real-world
conditions and are commercially available. As with most quantum information
protocols, quantum key distribution was first designed for qubits, the
individual quanta of information. However, the use of quantum continuous
variables for this task presents important advantages with respect to qubit
based protocols, in particular from a practical point of view, since it allows
for simple implementations that require only standard telecommunication
technology. In this review article, we describe the principle of
continuous-variable quantum key distribution, focusing in particular on
protocols based on coherent states. We discuss the security of these protocols
and report on the state-of-the-art in experimental implementations, including
the issue of side-channel attacks. We conclude with promising perspectives in
this research field.Comment: 21 pages, 2 figures, 1 tabl
- …