English  简体中文
搜索   
首页 中心概况 新闻动态 科研成果 研究队伍 技术园地 公共信息 联系我们

学术报告:Cryptanalysis of Compact-LWE Submitted to NIST PQC Project


2018-04-24        撰稿人: 张道德


报告人潘彦斌

时间:2018年4月26日 周四 下午2:00

地点:4303会议室

内容提要:Recently, Liu, Li, Kim and Nepal submitted a new public-key encryption scheme Compact-LWE to NIST as a candidate of the standard of post-quantum cryptography. Compact-LWE features its structure similar to LWE, but requiring somewhat big errors. In terms of the security of Compact-LWE, the authors claimed that ``even if the hard problems in lattice, such as CVP and SIS, can be efficiently solved, the secret values or private key in Compact-LWE still cannot be efficiently recovered. This allows Compact-LWE to choose very small dimension parameters, such as n = 8 in our experiment". In this paper, we show the claim is not true by proposing a ciphertext-only attack against Compact-LWE. More precisely, we can decrypt any ciphertext without knowing the private keys with the help of CVP algorithm. Since the dimension of the underlying lattice of Compact-LWE is quite small (128) for the authors' parameter choice, approximate CVP can be efficiently solved using lattice basis reduction algorithm, which concludes that Compact-LWE with recommended parameters is not secure.

报告人简介:潘彦斌,南京大学数学系学士,中国科学院数学与系统科学研究院博士,现任中国科学院数学与系统科学研究院副研究员。研究兴趣主要包括格算法的设计,格密码的安全性分析,以及计算数论等。


评论人:          
lois.local\

中国科学院DCS中心版权所有
地址:北京市海淀区闵庄路甲89号 4号楼
联系电话:010-82546536 010-82546537
京ICP备05046059号