ledakem a post quantum key encapsulation mechanism based
play

LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC - PowerPoint PPT Presentation

Aug 20, 2023 •153 likes •674 views

LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC codes Marco Baldi 1 , Alessandro Barenghi 2 , Franco Chiaraluce 1 , Gerardo Pelosi 2 , Paolo Santini 1 1 Universit` a Politecnica delle Marche (m.baldi@univpm.it,

  1. LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC codes Marco Baldi 1 , Alessandro Barenghi 2 , Franco Chiaraluce 1 , Gerardo Pelosi 2 , Paolo Santini 1 1 Universit` a Politecnica delle Marche (m.baldi@univpm.it, f.chiaraluce@univpm.it, p.santini@pm.univpm.it) 2 Politecnico di Milano (alessandro.barenghi@polimi.it, gerardo.pelosi@polimi.it) PQCrypto 2018 The Ninth International Conference on Post-Quantum Cryptography Fort Lauderdale, Florida April 9-11, 2018

  2. Background LDPC codes in McEliece LEDAkem proposal Code-based crypto Code-based public-key cryptosystems were introduced by McEliece in 1978, exploiting Goppa codes. Besides quantum resistant, they are algorithmically efficient. ▶ R. McEliece, “Public-Key System Based on Algebraic Coding Theory,” DSN Progress Report 44, pp. 114–116, 1978. M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 2/27

  3. Background LDPC codes in McEliece LEDAkem proposal Code-based crypto Code-based public-key cryptosystems were introduced by McEliece in 1978, exploiting Goppa codes. Besides quantum resistant, they are algorithmically efficient. In 1986 Niederreiter introduced a variant in the syndrome domain, while McEliece works in the codeword domain. ▶ R. McEliece, “Public-Key System Based on Algebraic Coding Theory,” DSN Progress Report 44, pp. 114–116, 1978. ▶ H. Niederreiter, “Knapsack-type cryptosystems and algebraic coding theory,” Problems of Control and Information Theory, vol. 15, pp. 159–166, 1986. M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 2/27

  4. Background LDPC codes in McEliece LEDAkem proposal Code-based crypto Code-based public-key cryptosystems were introduced by McEliece in 1978, exploiting Goppa codes. Besides quantum resistant, they are algorithmically efficient. In 1986 Niederreiter introduced a variant in the syndrome domain, while McEliece works in the codeword domain. McEliece and Niederreiter indeed are two formulations of the same code-based trapdoor. ▶ R. McEliece, “Public-Key System Based on Algebraic Coding Theory,” DSN Progress Report 44, pp. 114–116, 1978. ▶ H. Niederreiter, “Knapsack-type cryptosystems and algebraic coding theory,” Problems of Control and Information Theory, vol. 15, pp. 159–166, 1986. ▶ Y. X. Li, R. H. Deng and X. M. Wang, “On the equivalence of McEliece’s and Niederreiter’s public-key cryptosystems,” IEEE Trans. Inf. Theory, vol. 40, no. 1, pp. 271–273, Jan 1994. M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 2/27

  5. Background LDPC codes in McEliece LEDAkem proposal Code-based crypto Code-based public-key cryptosystems were introduced by McEliece in 1978, exploiting Goppa codes. Besides quantum resistant, they are algorithmically efficient. In 1986 Niederreiter introduced a variant in the syndrome domain, while McEliece works in the codeword domain. McEliece and Niederreiter indeed are two formulations of the same code-based trapdoor. Goppa codes have resisted cryptanalysis for 40 years... ▶ R. McEliece, “Public-Key System Based on Algebraic Coding Theory,” DSN Progress Report 44, pp. 114–116, 1978. ▶ H. Niederreiter, “Knapsack-type cryptosystems and algebraic coding theory,” Problems of Control and Information Theory, vol. 15, pp. 159–166, 1986. ▶ Y. X. Li, R. H. Deng and X. M. Wang, “On the equivalence of McEliece’s and Niederreiter’s public-key cryptosystems,” IEEE Trans. Inf. Theory, vol. 40, no. 1, pp. 271–273, Jan 1994. M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 2/27

  6. Background LDPC codes in McEliece LEDAkem proposal Code-based crypto Code-based public-key cryptosystems were introduced by McEliece in 1978, exploiting Goppa codes. Besides quantum resistant, they are algorithmically efficient. In 1986 Niederreiter introduced a variant in the syndrome domain, while McEliece works in the codeword domain. McEliece and Niederreiter indeed are two formulations of the same code-based trapdoor. Goppa codes have resisted cryptanalysis for 40 years... ...but they are large to store and slow to decode. ▶ R. McEliece, “Public-Key System Based on Algebraic Coding Theory,” DSN Progress Report 44, pp. 114–116, 1978. ▶ H. Niederreiter, “Knapsack-type cryptosystems and algebraic coding theory,” Problems of Control and Information Theory, vol. 15, pp. 159–166, 1986. ▶ Y. X. Li, R. H. Deng and X. M. Wang, “On the equivalence of McEliece’s and Niederreiter’s public-key cryptosystems,” IEEE Trans. Inf. Theory, vol. 40, no. 1, pp. 271–273, Jan 1994. M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 2/27

  7. Background LDPC codes in McEliece LEDAkem proposal Goppa code replacements (in the Hamming metric) Goppa codes [McEliece78] M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 3/27

  8. Background LDPC codes in McEliece LEDAkem proposal Goppa code replacements (in the Hamming metric) Goppa codes [McEliece78] GRS codes QC codes [Niederreiter86] [Gaborit05] QD codes LDPC codes [MisBar09] [MonRosSho00] Conv. codes [L¨ onJoh12] M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 3/27

  9. Background LDPC codes in McEliece LEDAkem proposal Goppa code replacements (in the Hamming metric) Goppa codes [McEliece78] GRS codes QC codes [Niederreiter86] [Gaborit05] QD codes LDPC codes [MisBar09] [MonRosSho00] Conv. codes [L¨ onJoh12] . . . M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 3/27

  10. Background LDPC codes in McEliece LEDAkem proposal Goppa code replacements (in the Hamming metric) Goppa codes [McEliece78] GRS codes QC codes [Niederreiter86] [Gaborit05] QD codes LDPC codes [MisBar09] [MonRosSho00] Conv. codes [L¨ onJoh12] . . . . . . M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 3/27

  11. Background LDPC codes in McEliece LEDAkem proposal Goppa code replacements (in the Hamming metric) Goppa codes [McEliece78] GRS codes QC codes [Niederreiter86] [Gaborit05] QD codes LDPC codes [MisBar09] [MonRosSho00] Conv. codes [L¨ onJoh12] . . . . . . . . . M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 3/27

  12. Background LDPC codes in McEliece LEDAkem proposal Goppa code replacements (in the Hamming metric) Goppa codes [McEliece78] GRS codes QC codes [Niederreiter86] [Gaborit05] QD codes LDPC codes [MisBar09] [MonRosSho00] Conv. codes [L¨ onJoh12] . . . . QC-LDPC codes . . [BalBodChi08] . . . M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 3/27

  13. Background LDPC codes in McEliece LEDAkem proposal Goppa code replacements (in the Hamming metric) Goppa codes [McEliece78] GRS codes QC codes [Niederreiter86] [Gaborit05] QD codes LDPC codes [MisBar09] [MonRosSho00] Conv. codes [L¨ onJoh12] . . . . QC-LDPC codes . . [BalBodChi08] . . . QC-MDPC codes [MisTilSenBar12] M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 3/27

  14. Background LDPC codes in McEliece LEDAkem proposal LDPC codes in the McEliece cryptosystem Low-density parity-check (LDPC) codes are capacity-achieving codes under belief propagation (BP) decoding. They allow a random-based design, which results in large key spaces. The low density of their matrices could be attractive to achieve compact representations. All these makes them interesting for the use in McEliece/Niederreiter. ▶ C. Monico, J. Rosenthal, and A. Shokrollahi, “Using low density parity check codes in the McEliece cryptosystem,” Proc. IEEE ISIT 2000, Sorrento, Italy, Jun. 2000, p. 215. ▶ M. Baldi, F. Chiaraluce, “Cryptanalysis of a new instance of McEliece cryptosystem based on QC-LDPC codes,” Proc. IEEE ISIT 2007, Nice, France, Jun. 2007, pp. 2591–2595. M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 4/27

  15. Background LDPC codes in McEliece LEDAkem proposal LDPC codes in the McEliece cryptosystem LDPC codes are capacity-achieving codes under BP decoding. They allow a random-based design, which results in large key spaces. The low density of their matrices could be attractive to achieve compact representations. All these makes them interesting for the use in McEliece/Niederreiter. Warning Public codes cannot be LDPC codes as well, otherwise secret codes are likely to be exposed. ▶ C. Monico, J. Rosenthal, and A. Shokrollahi, “Using low density parity check codes in the McEliece cryptosystem,” Proc. IEEE ISIT 2000, Sorrento, Italy, Jun. 2000, p. 215. ▶ M. Baldi, F. Chiaraluce, “Cryptanalysis of a new instance of McEliece cryptosystem based on QC-LDPC codes,” Proc. IEEE ISIT 2007, Nice, France, Jun. 2007, pp. 2591–2595. ▶ A. Otmani, J.P. Tillich, L. Dallot, “Cryptanalysis of two McEliece cryptosystems based on quasi-cyclic codes,” Proc. SCC 2008, Beijing, China, Apr. 2008. M. Baldi, A. Barenghi, F. Chiaraluce, G. Pelosi, P. Santini LEDAkem: key encapsulation based on QC-LDPC codes 4/27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

IND-CCA-secure Key Encapsulation Mechanism in the Quantum Random Oracle Model, Revisited Haodong

IND-CCA-secure Key Encapsulation Mechanism in the Quantum Random Oracle Model, Revisited Haodong

IND-CCA-secure Key Encapsulation Mechanism in the Quantum Random Oracle Model, Revisited Haodong Jiang , Zhenfeng Zhang , Long Chen , Hong Wang Zhi Ma Chinese State Key Laboratory of Mathematical Engineering and

577 views • 46 slides
BIK IKE - Bi Bit-Flipping Key Encapsulation Presented to the 2 nd NIST Post-Quantum Cryptography

BIK IKE - Bi Bit-Flipping Key Encapsulation Presented to the 2 nd NIST Post-Quantum Cryptography

BIK IKE - Bi Bit-Flipping Key Encapsulation Presented to the 2 nd NIST Post-Quantum Cryptography Standardization Conference August, 24 th 2019, Santa Barbara, California, USA Authors: Affiliations: Nicolas Aragon University of Limoges, France

291 views • 14 slides
Saber on ARM CCA-secure module lattice-based key encapsulation on ARM Angshuman Karmakar CHES,

Saber on ARM CCA-secure module lattice-based key encapsulation on ARM Angshuman Karmakar CHES,

Saber on ARM CCA-secure module lattice-based key encapsulation on ARM Angshuman Karmakar CHES, Amsterdam 11 th September, 2018 Joint work with : Jose Maria Bermudo Mera Sujoy Sinha Roy Ingrid Verbauwhede Saber: CCA secure post-quantum KEM*

613 views • 30 slides
Compact and Simple RLWE Based Key Encapsulation Mechanism Erdem Alkm 1 Yusuf Alper Bilgin 2,3

Compact and Simple RLWE Based Key Encapsulation Mechanism Erdem Alkm 1 Yusuf Alper Bilgin 2,3

Compact and Simple RLWE Based Key Encapsulation Mechanism Erdem Alkm 1 Yusuf Alper Bilgin 2,3 Murat Cenk 3 1 Department of Computer Engineering, Ondokuz Mays University, Turkey 2 Aselsan Inc., Turkey 3 Institude of Applied Mathematics, Middle

413 views • 39 slides
Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers can break public-key cryptography that is based on assuming hardness of factoring, discrete logs, and a few other problems I Post-quantum

2.98k views • 37 slides
The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum Crypto JP Aumasson uantum /me 15 years experience in applied cryptography (PhD, industry, consulting) Designed widely used algorithms Author of the

816 views • 52 slides
An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

Basics on Public Key Crypto Systems Research Directions in Post-Quantum Cryptography Variants of McEliece System Distinguisher Attacks McEliece for Rank Metric Codes An Overview on Post-Quantum Cryptography with an Emphasis on Code based

1.05k views • 100 slides
for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P.

for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P.

Sapphire: A Configurable Crypto-Processor for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P. Chandrakasan * utsav@mit.edu Massachusetts Institute of Technology Post-Quantum Cryptography Current public key

911 views • 25 slides
Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

R. van der Gaag, D. Weller Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why think about post-quantum cryptography W. Buchanan et. al concluded Gate-based quantum computers pose a significant

349 views • 18 slides
Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER

Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER

Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER EPRINT.IACR.ORG/2014/794 BY DUCAS, LYUBASHEVSKY, AND PREST 2016-09-21, Royal Holloway, Egham OFFICIAL Public Key Cryptography (PKC) Also called

403 views • 26 slides
SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design Methodologies Farnoud Farahmand, Duc Tri Nguyen, Viet B. Dang*, Ahmed Ferozpuri and Kris Gaj George Mason University Post st-Quantum Quantum

441 views • 14 slides
2 1 Joppe W. Bos and Simon Friedberger Why these strange primes? 2 Quantum

2 1 Joppe W. Bos and Simon Friedberger Why these strange primes? 2 Quantum

Fast Arithmetic Modulo 2 1 Joppe W. Bos and Simon Friedberger Why these strange primes? 2 Quantum computers NIST call for PQC standards [1] [2] Post-Quantum Cryptography 3 Lattice-based Code-based MQ-based

524 views • 25 slides
Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About Cryptographic Standards History of post-quantum cryptography 2003 Daniel J. Bernstein introduces term Post-quantum cryptography. PQCrypto 2006:

623 views • 23 slides
OUROBOROS-R, an IND-CPA KEM based on Rank Metric NIST First Post-Quantum Cryptography

OUROBOROS-R, an IND-CPA KEM based on Rank Metric NIST First Post-Quantum Cryptography

Presentation of the rank metric Description of the scheme Security and parameters OUROBOROS-R, an IND-CPA KEM based on Rank Metric NIST First Post-Quantum Cryptography Standardization Conference Carlos AguilarMelchor 2 Nicolas Aragon 1 Slim

157 views • 15 slides
FrodoKEM practical quantum-secure key encapsulation from generic lattices Erdem Alkim Joppe W.

FrodoKEM practical quantum-secure key encapsulation from generic lattices Erdem Alkim Joppe W.

FrodoKEM practical quantum-secure key encapsulation from generic lattices Erdem Alkim Joppe W. Bos L eo Ducas Patrick Longa Ilya Mironov Michael Naehrig Valeria Nikolaenko Chris Peikert Ananth Raghunathan Douglas Stebila 1 / 11

950 views • 49 slides
FrodoKEM practical quantum-secure key encapsulation from generic lattices Erdem Alkim Joppe W. Bos

FrodoKEM practical quantum-secure key encapsulation from generic lattices Erdem Alkim Joppe W. Bos

FrodoKEM practical quantum-secure key encapsulation from generic lattices Erdem Alkim Joppe W. Bos L eo Ducas Patrick Longa Ilya Mironov Michael Naehrig Valeria Nikolaenko Chris Peikert Ananth Raghunathan Douglas Stebila 1 / 11 Concrete

897 views • 52 slides
Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of

Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of

Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of Post-Quantum Cryptography Tim Gneysu, Ingo von Maurich 1/12/2015 Horst Grtz Institute for IT-Security, Ruhr-Universitt Bochum, Germany Motivation

920 views • 70 slides
pq Outline Description of the FSB Hash Function Classic Attacks Recent Attacks

pq Outline Description of the FSB Hash Function Classic Attacks Recent Attacks

Syndrome Based Collision Resistant Hashing Matthieu Finiasz pq Outline Description of the FSB Hash Function Classic Attacks Recent Attacks Proposed Improvements and Parameters pq 1 Description of the FSB Hash Function pq

286 views • 28 slides
Post-quantum cryptography Tanja Lange 23 March 2016 BeNeLux Mathematical Congress

Post-quantum cryptography Tanja Lange 23 March 2016 BeNeLux Mathematical Congress

Post-quantum cryptography Tanja Lange 23 March 2016 BeNeLux Mathematical Congress Cryptography Motivation #1: Communication channels are spying on our data. Motivation #2: Communication channels are modifying our data. Bob

845 views • 43 slides
diagnoszta szemvel (avagy a szrs ballasztja) dr. Nahm Krisztina Uzsoki utcai Krhz Magyar

diagnoszta szemvel (avagy a szrs ballasztja) dr. Nahm Krisztina Uzsoki utcai Krhz Magyar

Intervallum rkok a diagnoszta szemvel (avagy a szrs ballasztja) dr. Nahm Krisztina Uzsoki utcai Krhz Magyar Szenolgiai Trsasg Tudomnyos Fruma Inrcs 2017. prilis 21-22. Defincik Mammogrfis szrs : terleti

453 views • 31 slides
Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers Using quantum states for computation: Introduced in 1985 by David Deutsch [3]. Operate on qubits using gates that perform reversible

1.69k views • 157 slides
Error-correcting codes and Cryptography Henk van Tilborg Code-based Cryptography Workshop

Error-correcting codes and Cryptography Henk van Tilborg Code-based Cryptography Workshop

Error-correcting codes and Cryptography Henk van Tilborg Code-based Cryptography Workshop Eindhoven, May 11-12, 2011 1/45 CONTENTS I Error-correcting codes; the basics II Quasi-cyclic codes; codes generated by circulants III Cyclic codes

556 views • 45 slides
WiFi Basics & Security Matthias Vallentin vallentin@net.in.tum.de Vorlesung

WiFi Basics & Security Matthias Vallentin vallentin@net.in.tum.de Vorlesung

WiFi Basics & Security Matthias Vallentin vallentin@net.in.tum.de Vorlesung Internetprotokolle SS06 Prof. Anja Feldmann, Ph.D. Outline 802.11 (WiFi) Basics Standards: 802.11{a,b,g,h,i} CSMA/CA WiFi Security

998 views • 42 slides
Predictable Network Computing Andreas Polze Institut fr Informatik Humboldt-Universitt zu

Predictable Network Computing Andreas Polze Institut fr Informatik Humboldt-Universitt zu

Predictable Network Computing Andreas Polze Institut fr Informatik Humboldt-Universitt zu Berlin AP 05/00 berblick - Gliederung Paralleles Rechnen in Verteilten Umgebungen Wurzeln, Klassifikation SIMD/MIMD-Parallerechnersysteme

808 views • 65 slides

More recommend