Ring-LWE:applications to cryptography and their efficient realization

© Springer International Publishing AG 2016. The persistent progress of quantum computing with algorithms of Shor and Proos and Zalka has put our present RSA and ECC based public key cryptosystems at peril. There is a flurry of activity in cryptographic research community to replace classical cryptography schemes with their post-quantum counterparts. The learning with errors problem introduced by Oded Regev offers a way to design secure cryptography schemes in the post-quantum world. Later for efficiency LWE was adapted for ring polynomials known as Ring-LWE. In this paper we discuss some of these ring-LWE based schemes that have been designed. We have also drawn comparisons of different implementations of those schemes to illustrate their evolution from theoretical proposals to practically feasible schemes

Compact Ring-LWE Cryptoprocessor

Abstract. In this paper we propose an efficient and compact processor for a ring-LWE based encryption scheme. We present three optimizations for the Num-ber Theoretic Transform (NTT) used for polynomial multiplication: we avoid pre-processing in the negative wrapped convolution by merging it with the main algo-rithm, we reduce the fixed computation cost of the twiddle factors and propose an advanced memory access scheme. These optimization techniques reduce both the cycle and memory requirements. Finally, we also propose an optimization of the ring-LWE encryption system that reduces the number of NTT operations from five to four resulting in a 20 % speed-up. We use these computational optimiza-tions along with several architectural optimizations to design an instruction-set ring-LWE cryptoprocessor. For dimension 256, our processor performs encryp-tion/decryption operations in 20/9 µs on a Virtex 6 FPGA and only requires 1349 LUTs, 860 FFs, 1 DSP-MULT and 2 BRAMs. Similarly for dimension 512, the processor takes 48/21 µs for performing encryption/decryption operations and only requires 1536 LUTs, 953 FFs, 1 DSP-MULT and 3 BRAMs. Our pro-cessors are therefore more than three times smaller than the current state of the art hardware implementations, whilst running somewhat faster

Privacy-Enhanced Machine Learning with Functional Encryption

Functional encryption is a generalization of public-key encryption in which possessing a secret functional key allows one to learn a function of what the ciphertext is encrypting. This paper introduces the first fully-fledged open source cryptographic libraries for functional encryption. It also presents how functional encryption can be used to build efficient privacy-enhanced machine learning models and it provides an implementation of three prediction services that can be applied on the encrypted data. Finally, the paper discusses the advantages and disadvantages of the alternative approach for building privacy-enhanced machine learning models by using homomorphic encryption

Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption

Although lattice-based cryptography has proven to be a particularly efficient approach to post-quantum cryptography, its security against side-channel attacks is still a very open topic. There already exist some first works that use masking to achieve DPA security. However, for public-key primitives SPA attacks that use just a single trace are also highly relevant. For lattice-based cryptography this implementation-security aspect is still unexplored. In this work, we present the first single-trace attack on lattice-based encryption. As only a single side-channel observation is needed for full key recovery, it can also be used to attack masked implementations. We use leakage coming from the Number Theoretic Transform, which is at the heart of almost all efficient lattice-based implementations. This means that our attack can be adapted to a large range of other lattice-based constructions and their respective implementations. Our attack consists of 3 main steps. First, we perform a template matching on all modular operations in the decryption process. Second, we efficiently combine all this side-channel information using belief propagation. And third, we perform a lattice-decoding to recover the private key. We show that the attack allows full key recovery not only in a generic noisy Hamming-weight setting, but also based on real traces measured on an ARM Cortex-M4F microcontroller

Trusted neighborhood discovery in critical infrastructures

In today's Industrial Control Systems (ICSs) interconnection and reliable communication are valuable properties that enable the controlling and monitoring of various processes-even remotely. Cyber attacks or attacks via local digital interfaces break security requirements by altering software, configurations or control sequences. In such cases, safety requirements can no longer be guaranteed. Further, forged information such as wrong load measurements in power grid scenarios can lead to faulty decisions in the control center and has the potential to cause substantial damage with potentially catastrophic results. To detect and mitigate such kinds of attacks, the Trusted Neighborhood Discovery (TND) protocol introduces a decentralized, hardware-based approach for distributed peer-to-peer security monitoring. It uses hardware-based mutual attestation of the current state of adjacent devices. TND enables efficient monitoring, detection, and location of attacks in distribute d infrastructures. The TND protocol is complemented by a Zero-Touch configuration solution for efficient and economic integration of new devices and secure configuration. Both protocols are realized in a proof-of-concept implementation running on commercially available hardware components. By implementing security in hardware roots of trust, the TND solution achieves a higher level of security than software-only based solutions. Even exchanging the entire firmware will be reliably reported

A study on the postrelease behaviour and habitat preferences of black rhinos (Diceros bicornis) reintroduced into a fenced reserve in Namibia

Translocations and reintroductions are key elements for the population management of the critically endangered black rhino (Diceros bicornis, Linnaeus, 1758). In this study, we investigated the postrelease behaviour and habitat preferences of a black rhino starter group (n = 4) on the individual level. The animals were reintroduced to a fenced game reserve (87 km2) in North-Central Namibia 1 year prior to our study. We used camera traps and very high frequency (VHF) radiotelemetry to examine the animals' temporal and spatial behaviour over a period of 4 months at transition between wet and dry seasons. Our results underline a peak in drinking activity and waterhole visits occurring between 7 p.m. and 8 p.m. We found a shift in intensity in drinking activity during the period of the study. Satellite-based woody cover estimations only suggest positive correlations between the density of woody cover and favoured black rhino habitat types. Although the area seems suitable to facilitate breeding success of this starter group, it does not support a self-sustaining population. However, black rhinos were already successfully reintroduced to several additional fenced reserves in this region. The selective opening of fences in the future could help to enable genetic exchange between currently isolated groups of rhinos