Breaking HK17 in Practice
| Author | Li, Haoyu |
| Author | Liu, Renzhang |
| Author | Malluhi, Qutaibah M. |
| Author | Pan, Yanbin |
| Author | Wang, Yongge |
| Author | Xie, Tianyuan |
| Available date | 2020-05-14T09:55:44Z |
| Publication Date | 2019 |
| Publication Name | IEEE International Symposium on Information Theory - Proceedings |
| Resource | Scopus |
| ISSN | 21578095 |
| Abstract | In November 2017, Hecht and Kamlofsky submitted HK17, a quaternion(octonion)-based Diffie-Hellman key exchange protocol, to NIST post-quantum cryptography project, and thought that at least O(p8) arithmetic operations are needed for a passive adversary to recover the shared key where p is the modulo used in the scheme. Later, Bernstein and Lange pointed out that the shared key can be recovered with O(p) arithmetic operations, which implies that HK17 with small p is not secure. However, their attack does not work in practice for the scheme with sufficiently large p, although the scheme is still efficient. In this paper, we propose an attack to show that just constant arithmetic operations, or tilde O( { p} ) bit operations, are enough to recover the shared key for a passive adversary. Note that even the legal party in the protocol needs at least tilde O( { p} ) bit operations to establish the shared key. We break HK17 completely in the practical sense. - 2019 IEEE. |
| Sponsor | ACKNOWLEDGMENT Y. Pan was supported by the NNSF of China (No. 61572490) and by the National Center for Mathematics and Interdisciplinary Sciences, CAS. |
| Language | en |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Subject | Cryptography Security of data Lattice-based cryptography |
| Type | Conference Paper |
| Pagination | 1877-1881 |
| Volume Number | 2019-July |
Files in this item
| Files | Size | Format | View |
|---|---|---|---|
|
There are no files associated with this item. |
|||
This item appears in the following Collection(s)
-
Computer Science & Engineering [2402 items ]