International Association for Cryptologic Research (IACR)
Doi
Abstract
In this paper, we show that the signal function used in Ring-Learning with Errors (RLWE) key exchange could leak information to find the secret s of a reused public key p=as+2e. This work is motivated by an attack proposed in \cite{cryptoeprint:2016:085} and gives an insight into how public keys reused for long term in RLWE key exchange protocols can be exploited. This work specifically focuses on the attack on the KE protocol in \cite{Ding} by initiating multiple sessions with the honest party and analyze the output of the signal function. Experiments have confirmed the success of our attack in recovering the secret
