Ouroboros An efficient and provably secure KEM family
| Autor: | Nicolas Aragon, Olivier Blazy, Jean-Christophe Deneuville, Philippe Gaborit, Gilles Zemor |
|---|---|
| Přispěvatelé: | Institut National de Recherche en Informatique et en Automatique (Inria), Centre National de la Recherche Scientifique (CNRS), Geometry, arithmetic, algorithms, codes and encryption (GRACE), Laboratoire d'informatique de l'École polytechnique [Palaiseau] (LIX), École polytechnique (X)-Centre National de la Recherche Scientifique (CNRS)-École polytechnique (X)-Centre National de la Recherche Scientifique (CNRS)-Inria Saclay - Ile de France, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), ENAC - Equipe télécommunications (TELECOM), Ecole Nationale de l'Aviation Civile (ENAC), Université de Limoges (UNILIM), Université de Bordeaux (UB) |
| Jazyk: | angličtina |
| Rok vydání: | 2022 |
| Předmět: |
Measurement
Decoding Public key Data_CODINGANDINFORMATIONTHEORY Library and Information Sciences Standardization Computer Science Applications Codes [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] [SPI]Engineering Sciences [physics] Cryptography [INFO]Computer Science [cs] Protocols Information Systems |
| Zdroj: | IEEE Transactions on Information Theory IEEE Transactions on Information Theory, 2022, pp.1-1. ⟨10.1109/TIT.2022.3168439⟩ |
| ISSN: | 0018-9448 |
| DOI: | 10.1109/TIT.2022.3168439⟩ |
| Popis: | International audience; In this paper we introduce Ouroboros, a new family of Key Exchange protocols based on coding theory. The protocols propose a middle ground between the cryptosystems based on QC-MDPC codes, which feature small parameter sizes, but have a security reduction to two problems: the syndrome decoding problem and the indistinguishability of the code, and the HQC protocol, which features bigger parameters but has a security reduction to the syndrome decoding problem only. Ouroboros features a reduction to the syndrome decoding problem with only a small overhead compared to the QC-MDPC based cryptosystems. The approach is based on an ideal structure and also works for the rank metric. This yields a simple, secure and efficient approach for key exchange, the Ouroboros family of protocols. For the Hamming metric we obtain the same type of parameters (and almost the same simple decoding) as for MDPC based cryptosystems, but with a security reduction to decoding random quasi-cyclic codes in the Random Oracle Model. This represents a reduction of up to 38% on the public key size compared to HQC, for the most secure parameters. For the rank metric, we obtain better parameters than for RQC, saving up to 31% on the public key for the most secure set of parameters, using non homogeneous errors in Ouroboros. In this full version, the protocol and decoding algorithm have been slightly improved, additional details are given in the security proof, and the protocol is fully described for the rank metric |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|