Practical analysis of key recovery attack against search-LWE problem

Momonari Kudo, Junpei Yamaguchi, Yang Guo, Masaya Yasuda

研究成果: 著書/レポートタイプへの貢献会議での発言

1 引用 (Scopus)

抄録

The security of a number of modern cryptographic schemes relies on the computational hardness of the learning with errors (LWE) problem. In 2015, Laine and Lauter analyzed a key recovery (or decoding) attack against the search variant of LWE. Their analysis is based on a generalization of the Boneh-Venkatesan method for the hidden number problem to LWE. They adopted the LLL algorithm and Babai’s nearest plane method in the attack against LWE, and they also demonstrated a successful range of the attack by experiments for hundreds of LWE instances. In this paper, we give an alternative analysis of the key recovery attack.While Laine and Lauter’s analysis gives explicit information about the effective approximation factor in the LLL algorithm and Babai’s nearest plane method, our analysis is useful to estimate which LWE instances can be solved by the key recovery attack. Furthermore, our analysis enables one to determine a successful range of the attack with practical lattice reduction such as the BKZ algorithm.

元の言語英語
ホスト出版物のタイトルAdvances in Information and Computer Security - 11th International Workshop on Security, IWSEC 2016, Proceedings
編集者Katsunari Yoshioka, Kazuto Ogawa
出版者Springer Verlag
ページ164-181
ページ数18
ISBN(印刷物)9783319445236
DOI
出版物ステータス出版済み - 1 1 2016
イベント11th International Workshop on Security on Advances in Information and Computer Security, IWSEC 2016 - Tokyo, 日本
継続期間: 9 12 20169 14 2016

出版物シリーズ

名前Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
9836 LNCS
ISSN(印刷物)0302-9743
ISSN(電子版)1611-3349

その他

その他11th International Workshop on Security on Advances in Information and Computer Security, IWSEC 2016
日本
Tokyo
期間9/12/169/14/16

Fingerprint

Key Recovery
Attack
Recovery
LLL Algorithm
Lattice Reduction
Range of data
Hardness
Decoding
Learning
Alternatives
Approximation
Estimate
Experiment

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

これを引用

Kudo, M., Yamaguchi, J., Guo, Y., & Yasuda, M. (2016). Practical analysis of key recovery attack against search-LWE problem. : K. Yoshioka, & K. Ogawa (版), Advances in Information and Computer Security - 11th International Workshop on Security, IWSEC 2016, Proceedings (pp. 164-181). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); 巻数 9836 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-44524-3_10

Practical analysis of key recovery attack against search-LWE problem. / Kudo, Momonari; Yamaguchi, Junpei; Guo, Yang; Yasuda, Masaya.

Advances in Information and Computer Security - 11th International Workshop on Security, IWSEC 2016, Proceedings. 版 / Katsunari Yoshioka; Kazuto Ogawa. Springer Verlag, 2016. p. 164-181 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); 巻 9836 LNCS).

研究成果: 著書/レポートタイプへの貢献会議での発言

Kudo, M, Yamaguchi, J, Guo, Y & Yasuda, M 2016, Practical analysis of key recovery attack against search-LWE problem. : K Yoshioka & K Ogawa (版), Advances in Information and Computer Security - 11th International Workshop on Security, IWSEC 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 巻. 9836 LNCS, Springer Verlag, pp. 164-181, 11th International Workshop on Security on Advances in Information and Computer Security, IWSEC 2016, Tokyo, 日本, 9/12/16. https://doi.org/10.1007/978-3-319-44524-3_10
Kudo M, Yamaguchi J, Guo Y, Yasuda M. Practical analysis of key recovery attack against search-LWE problem. : Yoshioka K, Ogawa K, 編集者, Advances in Information and Computer Security - 11th International Workshop on Security, IWSEC 2016, Proceedings. Springer Verlag. 2016. p. 164-181. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-44524-3_10
Kudo, Momonari ; Yamaguchi, Junpei ; Guo, Yang ; Yasuda, Masaya. / Practical analysis of key recovery attack against search-LWE problem. Advances in Information and Computer Security - 11th International Workshop on Security, IWSEC 2016, Proceedings. 編集者 / Katsunari Yoshioka ; Kazuto Ogawa. Springer Verlag, 2016. pp. 164-181 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{4479171fa82048f7ad95b68415555dc3,
title = "Practical analysis of key recovery attack against search-LWE problem",
abstract = "The security of a number of modern cryptographic schemes relies on the computational hardness of the learning with errors (LWE) problem. In 2015, Laine and Lauter analyzed a key recovery (or decoding) attack against the search variant of LWE. Their analysis is based on a generalization of the Boneh-Venkatesan method for the hidden number problem to LWE. They adopted the LLL algorithm and Babai’s nearest plane method in the attack against LWE, and they also demonstrated a successful range of the attack by experiments for hundreds of LWE instances. In this paper, we give an alternative analysis of the key recovery attack.While Laine and Lauter’s analysis gives explicit information about the effective approximation factor in the LLL algorithm and Babai’s nearest plane method, our analysis is useful to estimate which LWE instances can be solved by the key recovery attack. Furthermore, our analysis enables one to determine a successful range of the attack with practical lattice reduction such as the BKZ algorithm.",
author = "Momonari Kudo and Junpei Yamaguchi and Yang Guo and Masaya Yasuda",
year = "2016",
month = "1",
day = "1",
doi = "10.1007/978-3-319-44524-3_10",
language = "English",
isbn = "9783319445236",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "164--181",
editor = "Katsunari Yoshioka and Kazuto Ogawa",
booktitle = "Advances in Information and Computer Security - 11th International Workshop on Security, IWSEC 2016, Proceedings",
address = "Germany",

}

TY - GEN

T1 - Practical analysis of key recovery attack against search-LWE problem

AU - Kudo, Momonari

AU - Yamaguchi, Junpei

AU - Guo, Yang

AU - Yasuda, Masaya

PY - 2016/1/1

Y1 - 2016/1/1

N2 - The security of a number of modern cryptographic schemes relies on the computational hardness of the learning with errors (LWE) problem. In 2015, Laine and Lauter analyzed a key recovery (or decoding) attack against the search variant of LWE. Their analysis is based on a generalization of the Boneh-Venkatesan method for the hidden number problem to LWE. They adopted the LLL algorithm and Babai’s nearest plane method in the attack against LWE, and they also demonstrated a successful range of the attack by experiments for hundreds of LWE instances. In this paper, we give an alternative analysis of the key recovery attack.While Laine and Lauter’s analysis gives explicit information about the effective approximation factor in the LLL algorithm and Babai’s nearest plane method, our analysis is useful to estimate which LWE instances can be solved by the key recovery attack. Furthermore, our analysis enables one to determine a successful range of the attack with practical lattice reduction such as the BKZ algorithm.

AB - The security of a number of modern cryptographic schemes relies on the computational hardness of the learning with errors (LWE) problem. In 2015, Laine and Lauter analyzed a key recovery (or decoding) attack against the search variant of LWE. Their analysis is based on a generalization of the Boneh-Venkatesan method for the hidden number problem to LWE. They adopted the LLL algorithm and Babai’s nearest plane method in the attack against LWE, and they also demonstrated a successful range of the attack by experiments for hundreds of LWE instances. In this paper, we give an alternative analysis of the key recovery attack.While Laine and Lauter’s analysis gives explicit information about the effective approximation factor in the LLL algorithm and Babai’s nearest plane method, our analysis is useful to estimate which LWE instances can be solved by the key recovery attack. Furthermore, our analysis enables one to determine a successful range of the attack with practical lattice reduction such as the BKZ algorithm.

UR - http://www.scopus.com/inward/record.url?scp=84987986863&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84987986863&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-44524-3_10

DO - 10.1007/978-3-319-44524-3_10

M3 - Conference contribution

AN - SCOPUS:84987986863

SN - 9783319445236

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 164

EP - 181

BT - Advances in Information and Computer Security - 11th International Workshop on Security, IWSEC 2016, Proceedings

A2 - Yoshioka, Katsunari

A2 - Ogawa, Kazuto

PB - Springer Verlag

ER -