Show simple item record

AuthorLi, Haoyu
AuthorLiu, Renzhang
AuthorMalluhi, Qutaibah M.
AuthorPan, Yanbin
AuthorWang, Yongge
AuthorXie, Tianyuan
Available date2020-05-14T09:55:44Z
Publication Date2019
Publication NameIEEE International Symposium on Information Theory - Proceedings
ResourceScopus
ISSN21578095
URIhttp://dx.doi.org/10.1109/ISIT.2019.8849397
URIhttp://hdl.handle.net/10576/14834
AbstractIn November 2017, Hecht and Kamlofsky submitted HK17, a quaternion(octonion)-based Diffie-Hellman key exchange protocol, to NIST post-quantum cryptography project, and thought that at least O(p8) arithmetic operations are needed for a passive adversary to recover the shared key where p is the modulo used in the scheme. Later, Bernstein and Lange pointed out that the shared key can be recovered with O(p) arithmetic operations, which implies that HK17 with small p is not secure. However, their attack does not work in practice for the scheme with sufficiently large p, although the scheme is still efficient. In this paper, we propose an attack to show that just constant arithmetic operations, or tilde O( { p} ) bit operations, are enough to recover the shared key for a passive adversary. Note that even the legal party in the protocol needs at least tilde O( { p} ) bit operations to establish the shared key. We break HK17 completely in the practical sense. - 2019 IEEE.
SponsorACKNOWLEDGMENT Y. Pan was supported by the NNSF of China (No. 61572490) and by the National Center for Mathematics and Interdisciplinary Sciences, CAS.
Languageen
PublisherInstitute of Electrical and Electronics Engineers Inc.
SubjectCryptography
Security of data
Lattice-based cryptography
TitleBreaking HK17 in Practice
TypeConference Paper
Pagination1877-1881
Volume Number2019-July
dc.accessType Abstract Only


Files in this item

FilesSizeFormatView

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record