165 research outputs found
New Bounds for Restricted Isometry Constants
In this paper we show that if the restricted isometry constant of
the compressed sensing matrix satisfies then -sparse
signals are guaranteed to be recovered exactly via minimization when
no noise is present and -sparse signals can be estimated stably in the noisy
case. It is also shown that the bound cannot be substantively improved. An
explicitly example is constructed in which ,
but it is impossible to recover certain -sparse signals
Impossible Differential Cryptanalysis of Pelican, MT-MAC-AES and PC-MAC-AES
In this paper, the impossible differential cryptanalysis is extended to MAC algorithms \textsc{Pelican}, MT-MAC and PC-MAC based on AES and 4-round AES. First, we collect message pairs that produce the inner near-collision with some specific differences by the birthday attack. Then the impossible differential attack on 4-round AES is implemented using a 3-round impossible differential property. For \textsc{Pelican}, our attack can recover the internal state, which is an equivalent subkey. For MT-MAC-AES, the attack turns out to be a subkey recovery attack directly. The data complexity of the two attacks is chosen messages, and the time complexity is about queries. For PC-MAC-AES, we can recover the 256-bit key with chosen messages and queries
On the Dual Attack of LWE Schemes in the Presence of Hints
Combining theoretical-based traditional attack method with practical-based side-channel attack method provides more accurate security estimations for post-quantum cryptosystems. In CRYPTO 2020, Dachman-Soled et al. integrated hints from side-channel information to the primal attack against LWE schemes.
This paper develops a general Fourier analytic framework to work with the dual attack in the presence of hints. Distinguishers that depend on specific geometric properties related to hints are established. The Fourier transform of discretized multivariate conditional Gaussian distribution on is carefully computed and estimated, some geometric characteristics of the resulting distinguisher are explored and a new model of dual attack is proposed. In our framework, an adversary performs the BKZ algorithm directly in a projected lattice to find short projection components, and then recovers them by MLLL algorithm to make a distinction. This method relies on a reasonable assumption and is backed up by naturally formed mathematical arguments. The improvements and the assumption are validated by experiments. For examples, for a Kyber768 instance, with 200 hints, the blocksize can be reduced by at least 188 and the time complexity can be reduced by a factor of greater than . After adding 300 hints to a FireSaber instance, even in the worst case, the blocksize drops from 819 to 542, and the cost drops from to
Reducing an LWE Instance by Modular Hints and its Applications to Primal Attack, Dual Attack and BKW Attack
An emerging direction of investigating the resilience of post-quantum cryptosystems under side-channel attacks is to consider the situations where leaked information is combined with traditional attack methods in various forms. In CRYPTO 2020, Dachman-Soled et al. integrated hints from side-channel information to the primal attack against LWE schemes. This idea is further developed in this paper. An accurate characterization of the information from perfect hints and modular hints is obtained through the establishment of an interesting decomposition of . It is observed that modular hints with modulus produce some orthogonal projection of the secret in , which is exactly an extension of the case of perfect hints in . Based on these, a new attack framework is described when some modular hints with modulus are available. In this framework, an adversary first reduces the LWE instance using such hints, and then performs various attacks on the new instance. One of the key characters of our framework is that the dimension of the secret in the new instance always decreases under some moderate conditions. A comparison with the previous work shows that our approach is in some sense more essential and applicable to various kinds of attacks. The new way of integrating modular hints to primal attack improves the existing work. The first attempt of using modular hints in dual attack and BKW attack is also discussed in the paper and better analysis results are produced. Experiments have been carried out and shown that multiple modular hints with modulus can indeed significantly reduce their attack costs. For examples, with just 100 hints, the blocksize can be reduced by 101 and the time complexity can be reduced by a factor of in both primal attack and dual attack against a Newhope1024 instance. As for the BKW attack, if 90 hints are available, the number of queries to the LWE oracle can be decreased by a factor of , as do the time complexity and memory complexity when attacking an instance of Regev cryptosystem
Reducing Carbon Footprint Inequality of Household Consumption in Rural Areas:Analysis from Five Representative Provinces in China
Household consumption carbon footprint and inequality reductions
are vital for a sustainable society, especially for rural areas. This
study, focusing on rural China, one of the fastest growing economies
with a massive population, explored the carbon footprint and inequality
of household consumption using the latest micro household survey data
of 2018 linked to environmental extended input–-output analysis.
The results show that in 2018 in rural China, the average household
carbon footprint is 2.46 tons CO2-eq per capita, which
is around one-third of China’s average footprint, indicating
the large potential for further growth. Housing (45.32%), transportation
(20.45%), and food (19.62%) are the dominant contributors to the carbon
footprint. Meanwhile, great inequality, with a Gini coefficient of
0.488, among rural households is observed, which is largely due to
differences in type of house built or purchased (explaining 24.44%
of the variation), heating (18.10%), car purchase (12.44%), and petrol
consumption (12.44%). Provinces, average education, and nonfarm income
are among the important factors influencing the inequality. In the
process of urbanization and rural revitalization, there is a high
possibility that the household carbon footprint continues to increase,
maintaining high levels of inequality. The current energy transition
toward less carbon-intensive fuels in rural China is likely to dampen
the growth rates of carbon footprints and potentially decrease inequality.
Carbon intensity decrease could significantly reduce carbon footprints,
but increase inequality. More comprehensive measures to reduce carbon
footprint and inequality are needed, including transitioning to clean
energy, poverty alleviation, reduction of income inequality, and better
health care coverage
Conditional Cube Attack on Reduced-Round Keccak Sponge Function
The security analysis of Keccak, the winner of SHA-3, has
attracted considerable interest. Recently, some attention has been paid
to the analysis of keyed modes of Keccak sponge function. As a notable
example, the most efficient key recovery attacks on Keccak-MAC and
Keyak were reported at EUROCRYPT\u2715 where cube attacks and cubeattack-
like cryptanalysis have been applied. In this paper, we develop
a new type of cube distinguisher, the conditional cube tester, for Keccak
sponge function. By imposing some bit conditions for certain cube
variables, we are able to construct cube testers with smaller dimensions.
Our conditional cube testers are used to analyse Keccak in keyed modes.
For reduced-round Keccak-MAC and Keyak, our attacks greatly improve
the best known attacks in key recovery in terms of the number of rounds
or the complexity. Moreover, our new model can also be applied to
keyless setting to distinguish Keccak sponge function from random permutation.We provide a searching algorithm to produce the most efficient
conditional cube tester by modeling it as an MILP (mixed integer linear
programming) problem. As a result, we improve the previous distinguishing
attacks on Keccak sponge function significantly. Most of our attacks
have been implemented and verified by desktop computers. Finally we
remark that our attacks on the the reduced-round Keccak will not threat
the security margin of Keccak sponge function
- …