Server-aided revocable identity-based encryption (SR-IBE), recently proposed by Qin et al. at ESORICS 2015, offers significant advantages over previous user revocation mechanisms in the scope of IBE. In this new system model, almost all the workloads on users are delegated to an untrusted server, and users can compute decryption keys at any time period without having to communicate with either ...

Lattice-based cryptography is a highly potential candidate that protects against the threat of quantum attack. At Usenix Security 2016, Alkim, Ducas, Pöpplemann, and Schwabe proposed a post-quantum key exchange scheme called NewHope, based on a variant of lattice problem, the ring-learning-with-errors (RLWE) problem. In this work, we propose a high performance hardware architecture for NewHope....

Recently, an increasing amount of papers proposing postquantum schemes also provide concrete parameter sets aiming for concrete post-quantum security levels. Security evaluations of such schemes need to include all possible attacks, in particular those by quantum adversaries. In the case of lattice-based cryptography, currently existing quantum attacks are mainly classical attacks, carried out ...

As the advent of general-purpose quantum computers appears to be drawing closer, agencies and advisory bodies have started recommending that we prepare the transition away from factoring and discrete logarithm-based cryptography, and towards postquantum secure constructions, such as latticebased schemes. Almost all primitives of classical cryptography (and more!) can be realized with lattices, ...

The advent of large-scale quantum computers has resulted in significant interest in quantum-safe cryptographic primitives. Lattice-based cryptography is one of the most attractive post-quantum cryptographic families due to its well-understood security, efficient operation and versatility. However, LWE-based schemes are still relatively bulky and slow. In this work, we present spKEX, a forward-s...

Implementation security for lattice-based cryptography is still a vastly unexplored field. At CHES 2016, the very first side-channel attack on a lattice-based signature scheme was presented. Later, shuffling was proposed as an inexpensive means to protect the Gaussian sampling component against such attacks. However, the concrete effectiveness of this countermeasure has never been evaluated. We...

Protecting secret keys is crucial for cryptography. There are some relatively insecure devices (smart cards, mobile phones etc.) which have threat of key exposure. The goal of the forward security is to protect security of past uses of key even if the current secret key is exposed. In this paper we propose lattice based forward-secure identity based encryption scheme based on LWE assumption in ...

Motivated by the demand to have secure signcryption scheme, even in quantum era, the concept of signcryption tag-KEM (key encapsulation machine) is extended to lattice cryptography in this paper. A lattice-based hybrid signcryption scheme is proposed by building a lattice-based signcryption tag-KEM. Based on the hardness of the learning with errors problem and the short integer solution problem...

Polynomial multiplication algorithms such as Toom-Cook and the Number Theoretic Transform are fundamental building blocks for lattice-based post-quantum cryptography. In this work we present correlation power analysis based side-channel methodologies targeting every polynomial strategy all key encapsulation mechanisms in final round of NIST standardization procedure. We perform practical experi...