Tightly-Secure Key-Encapsulation Mechanism in the Quantum Random Oracle Model
نویسندگان
چکیده
We give a rst tight security reduction for a conversion from a weaklysecure public-key encryption scheme to an IND-CCA-secure key-encapsulation mechanism scheme in the quantum random oracle model. To the best of our knowledge, previous reductions are non-tight as the security levels of the obtained schemes are degraded to at most half or quater of the original security level (Boneh, Dagdelen, Fischlin, Lehmann, Schafner, and Zhandry (CRYPTO 2012), Targhi and Unruh (TCC 2016-B), and Hofheinz, Hövelmanns, and Kiltz (TCC 2017)). keywords: Tight security, chosen-ciphertext security, post-quantum cryptography, KEM.
منابع مشابه
DAGS: Key Encapsulation using Dyadic GS Codes
Code-based Cryptography is one of the main areas of interest for the Post-Quantum Cryptography Standardization call. In this paper, we introduce DAGS, a Key Encapsulation Mechanism (KEM) based on Quasi-Dyadic Generalized Srivastava codes. The scheme is proved to be IND-CCA secure in both Random Oracle Model and Quantum Random Oracle Model. We believe that DAGS will offer competitive performance...
متن کاملPost-Quantum Secure Hybrid Signcryption from Lattice Assumption
Motivated by the demand to have secure signcryption scheme, even in quantum era, the concept of signcryption tag-KEM (key encapsulation machine) is extended to lattice cryptography in this paper. A lattice-based hybrid signcryption scheme is proposed by building a lattice-based signcryption tag-KEM. Based on the hardness of the learning with errors problem and the short integer solution problem...
متن کاملPost-quantum IND-CCA-secure KEM without Additional Hash
With the gradual progress of NIST’s post-quantum cryptography standardization, several practical post-quantum secure key encapsulation mechanism (KEM) schemes have been proposed. Generally, an IND-CCA-secure KEM is usually achieved by introducing an IND-CPAsecure (or OW-CPA-secure) public-key encryption (PKE) scheme, then applying some generic transformations to it. All these generic transforma...
متن کاملProvably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملCRYSTALS - Kyber: a CCA-secure module-lattice-based KEM
Recent advances in quantum computing and the announcement by the National Institute of Standards and Technology (NIST) to define new standards for digital-signature, encryption, and keyestablishment protocols increased interest in post-quantum cryptographic schemes. This paper introduces Kyber (part of the CRYSTALS – Cryptographic Suite for Algebraic Lattices – package that will be submitted to...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2017 شماره
صفحات -
تاریخ انتشار 2017