DeepAI AI Chat
Log In Sign Up

A new Hybrid Lattice Attack on Galbraith's Binary LWE Cryptosystem

by   Tikaram Sanyashi, et al.

LWE-based cryptosystems are an attractive alternative to traditional ones in the post-quantum era. To minimize the storage cost of part of its public key - a 256 × 640 integer matrix, T - a binary version of T has been proposed. One component of its ciphertext, c_1 is computed as c_1 = Tu where u is an ephemeral secret. Knowing u, the plaintext can be deduced. Given c_1 and T, Galbraith's challenge is to compute u with existing computing resources in 1 year. Our hybrid approach guesses and removes some bits of the solution vector and maps the problem of solving the resulting sub-instance to the Closest Vector Problem in Lattice Theory. The lattice-based approach reduces the number of bits to be guessed while the initial guess based on LP relaxation reduces the number of subsequent guesses to polynomial rather than exponential in the number of guessed bits. Further enhancements partition the set of guessed bits and use a 2-step application of LP. Given the constraint of processor cores and time, a one-time training algorithm learns the optimal combination of partitions yielding a success rate of 9% - 23% with 1000 - 100,000 cores in 1 year. This compares favourably with earlier work that yielded 2% success with 3000 cores.


page 1

page 2

page 3

page 4


Quantum Algorithm for Optimization and Polynomial System Solving over Finite Field and Application to Cryptanalysis

In this paper, we give quantum algorithms for two fundamental computatio...

Message recovery attack to NTRU using a lattice independent from the public key

In the present paper we introduce a new attack on NTRU-HPS cryptosystem ...

A Probabilistic Analysis on a Lattice Attack against DSA

Analyzing the security of cryptosystems under attacks based on the malic...

Smaller public keys for MinRank-based schemes

MinRank is an NP-complete problem in linear algebra whose characteristic...

Partition-Based Convex Relaxations for Certifying the Robustness of ReLU Neural Networks

In this paper, we study certifying the robustness of ReLU neural network...

Binary Matrix Factorisation and Completion via Integer Programming

Binary matrix factorisation is an essential tool for identifying discret...

Solving WCSP by Extraction of Minimal Unsatisfiable Cores

Usual techniques to solve WCSP are based on cost transfer operations cou...