An injectivity analysis of Crystals-Kyber and Implications on quantum security

Xiaohui Ding; Muhammed F. Esgin; Amin Sakzad; Ron Steinfeld

doi:10.1007/978-3-031-22301-3_17

An injectivity analysis of Crystals-Kyber and Implications on quantum security

Department of Software Systems & Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

4 Citations (Scopus)

Abstract

The One-Way to Hiding (O2H) Lemma proposed by Bindel et al. (TCC ’19) is a central component of proofs of chosen-ciphertext attack (CCA) security of practical public-key encryption schemes in the Quantum Random Oracle Model (QROM). Recently, Kuchta et al. (EUROCRYPT ’20) introduced a new technique, called measure-rewind-measure, improving upon the O2H lemma. The latter gives a new security reduction that does not suffer from a squared security loss as in Bindel et al. (TCC ’19) but has the number of queries Q as a multiplicative factor. This result is based on an injectivity assumption that requires the probability of two different messages generating the same ciphertext being negligible. The injectivity analysis of concrete schemes was left as an open problem by Kuchta et al. (EUROCRYPT ’20). In this paper, we complement the previous work by investigating the injectivity of a particular scheme in the third round National Institute of Standards and Technology (NIST) Post-Quantum Cryptography (PQC) standardization process. More precisely, we apply the techniques and constructions by Nguyen (ASIACRYPT ’19), along with the approach of calculating decryption error by Bos et al. (EuroS &P ’18), to obtain theoretical and numerical bounds on the injectivity of Crystals-Kyber, which points out a direction of resolving injectivity assumption of concrete scheme in the previous work. Our bounds also give the tightest concrete security guarantees for the QROM CCA security of Crystals-Kyber to date, based on the Module LWE hardness assumption.

Original language	English
Title of host publication	Information Security and Privacy - 27th Australasian Conference, ACISP 2022 Wollongong, NSW, Australia, November 28–30, 2022 Proceedings
Editors	Khoa Nguyen, Guomin Yang, Fuchun Guo, Willy Susilo
Place of Publication	Cham Switzerland
Publisher	Springer
Pages	332-351
Number of pages	20
ISBN (Electronic)	9783031223013
ISBN (Print)	9783031223006
DOIs	https://doi.org/10.1007/978-3-031-22301-3_17
Publication status	Published - 2022
Event	Australasian Conference on Information Security and Privacy 2022 - Wollongong, Australia Duration: 28 Nov 2022 → 30 Nov 2022 Conference number: 27th https://link.springer.com/book/10.1007/978-3-031-22301-3 (Proceedings) https://uow-ic2.github.io/acisp2022/ (Website)

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	13494
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	Australasian Conference on Information Security and Privacy 2022
Abbreviated title	ACISP 2022
Country/Territory	Australia
City	Wollongong
Period	28/11/22 → 30/11/22
Internet address	https://link.springer.com/book/10.1007/978-3-031-22301-3 (Proceedings) https://uow-ic2.github.io/acisp2022/ (Website)

Keywords

Crystals-Kyber
One-way to hiding
Post-quantum cryptography
Tight security

Access to Document

10.1007/978-3-031-22301-3_17

Cite this

Ding, X., Esgin, M. F., Sakzad, A., & Steinfeld, R. (2022). An injectivity analysis of Crystals-Kyber and Implications on quantum security. In K. Nguyen, G. Yang, F. Guo, & W. Susilo (Eds.), Information Security and Privacy - 27th Australasian Conference, ACISP 2022 Wollongong, NSW, Australia, November 28–30, 2022 Proceedings (pp. 332-351). (Lecture Notes in Computer Science; Vol. 13494). Springer. https://doi.org/10.1007/978-3-031-22301-3_17

Ding, Xiaohui ; Esgin, Muhammed F. ; Sakzad, Amin et al. / An injectivity analysis of Crystals-Kyber and Implications on quantum security. Information Security and Privacy - 27th Australasian Conference, ACISP 2022 Wollongong, NSW, Australia, November 28–30, 2022 Proceedings. editor / Khoa Nguyen ; Guomin Yang ; Fuchun Guo ; Willy Susilo. Cham Switzerland : Springer, 2022. pp. 332-351 (Lecture Notes in Computer Science).

@inproceedings{917e3314c30b452ba9a8b0e5e14dbc18,

title = "An injectivity analysis of Crystals-Kyber and Implications on quantum security",

abstract = "The One-Way to Hiding (O2H) Lemma proposed by Bindel et al. (TCC {\textquoteright}19) is a central component of proofs of chosen-ciphertext attack (CCA) security of practical public-key encryption schemes in the Quantum Random Oracle Model (QROM). Recently, Kuchta et al. (EUROCRYPT {\textquoteright}20) introduced a new technique, called measure-rewind-measure, improving upon the O2H lemma. The latter gives a new security reduction that does not suffer from a squared security loss as in Bindel et al. (TCC {\textquoteright}19) but has the number of queries Q as a multiplicative factor. This result is based on an injectivity assumption that requires the probability of two different messages generating the same ciphertext being negligible. The injectivity analysis of concrete schemes was left as an open problem by Kuchta et al. (EUROCRYPT {\textquoteright}20). In this paper, we complement the previous work by investigating the injectivity of a particular scheme in the third round National Institute of Standards and Technology (NIST) Post-Quantum Cryptography (PQC) standardization process. More precisely, we apply the techniques and constructions by Nguyen (ASIACRYPT {\textquoteright}19), along with the approach of calculating decryption error by Bos et al. (EuroS \&P {\textquoteright}18), to obtain theoretical and numerical bounds on the injectivity of Crystals-Kyber, which points out a direction of resolving injectivity assumption of concrete scheme in the previous work. Our bounds also give the tightest concrete security guarantees for the QROM CCA security of Crystals-Kyber to date, based on the Module LWE hardness assumption.",

keywords = "Crystals-Kyber, One-way to hiding, Post-quantum cryptography, Tight security",

author = "Xiaohui Ding and Esgin, \{Muhammed F.\} and Amin Sakzad and Ron Steinfeld",

note = "Publisher Copyright: {\textcopyright} 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.; Australasian Conference on Information Security and Privacy 2022, ACISP 2022 ; Conference date: 28-11-2022 Through 30-11-2022",

year = "2022",

doi = "10.1007/978-3-031-22301-3\_17",

language = "English",

isbn = "9783031223006",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "332--351",

editor = "Khoa Nguyen and Guomin Yang and Fuchun Guo and Willy Susilo",

booktitle = "Information Security and Privacy - 27th Australasian Conference, ACISP 2022 Wollongong, NSW, Australia, November 28–30, 2022 Proceedings",

address = "Switzerland",

url = "https://link.springer.com/book/10.1007/978-3-031-22301-3, https://uow-ic2.github.io/acisp2022/",

}

Ding, X, Esgin, MF , Sakzad, A & Steinfeld, R 2022, An injectivity analysis of Crystals-Kyber and Implications on quantum security. in K Nguyen, G Yang, F Guo & W Susilo (eds), Information Security and Privacy - 27th Australasian Conference, ACISP 2022 Wollongong, NSW, Australia, November 28–30, 2022 Proceedings. Lecture Notes in Computer Science, vol. 13494, Springer, Cham Switzerland, pp. 332-351, Australasian Conference on Information Security and Privacy 2022, Wollongong, New South Wales, Australia, 28/11/22. https://doi.org/10.1007/978-3-031-22301-3_17

An injectivity analysis of Crystals-Kyber and Implications on quantum security. / Ding, Xiaohui; Esgin, Muhammed F.; Sakzad, Amin et al.
Information Security and Privacy - 27th Australasian Conference, ACISP 2022 Wollongong, NSW, Australia, November 28–30, 2022 Proceedings. ed. / Khoa Nguyen; Guomin Yang; Fuchun Guo; Willy Susilo. Cham Switzerland: Springer, 2022. p. 332-351 (Lecture Notes in Computer Science; Vol. 13494).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - An injectivity analysis of Crystals-Kyber and Implications on quantum security

AU - Ding, Xiaohui

AU - Esgin, Muhammed F.

AU - Sakzad, Amin

AU - Steinfeld, Ron

N1 - Conference code: 27th

PY - 2022

Y1 - 2022

N2 - The One-Way to Hiding (O2H) Lemma proposed by Bindel et al. (TCC ’19) is a central component of proofs of chosen-ciphertext attack (CCA) security of practical public-key encryption schemes in the Quantum Random Oracle Model (QROM). Recently, Kuchta et al. (EUROCRYPT ’20) introduced a new technique, called measure-rewind-measure, improving upon the O2H lemma. The latter gives a new security reduction that does not suffer from a squared security loss as in Bindel et al. (TCC ’19) but has the number of queries Q as a multiplicative factor. This result is based on an injectivity assumption that requires the probability of two different messages generating the same ciphertext being negligible. The injectivity analysis of concrete schemes was left as an open problem by Kuchta et al. (EUROCRYPT ’20). In this paper, we complement the previous work by investigating the injectivity of a particular scheme in the third round National Institute of Standards and Technology (NIST) Post-Quantum Cryptography (PQC) standardization process. More precisely, we apply the techniques and constructions by Nguyen (ASIACRYPT ’19), along with the approach of calculating decryption error by Bos et al. (EuroS &P ’18), to obtain theoretical and numerical bounds on the injectivity of Crystals-Kyber, which points out a direction of resolving injectivity assumption of concrete scheme in the previous work. Our bounds also give the tightest concrete security guarantees for the QROM CCA security of Crystals-Kyber to date, based on the Module LWE hardness assumption.

AB - The One-Way to Hiding (O2H) Lemma proposed by Bindel et al. (TCC ’19) is a central component of proofs of chosen-ciphertext attack (CCA) security of practical public-key encryption schemes in the Quantum Random Oracle Model (QROM). Recently, Kuchta et al. (EUROCRYPT ’20) introduced a new technique, called measure-rewind-measure, improving upon the O2H lemma. The latter gives a new security reduction that does not suffer from a squared security loss as in Bindel et al. (TCC ’19) but has the number of queries Q as a multiplicative factor. This result is based on an injectivity assumption that requires the probability of two different messages generating the same ciphertext being negligible. The injectivity analysis of concrete schemes was left as an open problem by Kuchta et al. (EUROCRYPT ’20). In this paper, we complement the previous work by investigating the injectivity of a particular scheme in the third round National Institute of Standards and Technology (NIST) Post-Quantum Cryptography (PQC) standardization process. More precisely, we apply the techniques and constructions by Nguyen (ASIACRYPT ’19), along with the approach of calculating decryption error by Bos et al. (EuroS &P ’18), to obtain theoretical and numerical bounds on the injectivity of Crystals-Kyber, which points out a direction of resolving injectivity assumption of concrete scheme in the previous work. Our bounds also give the tightest concrete security guarantees for the QROM CCA security of Crystals-Kyber to date, based on the Module LWE hardness assumption.

KW - Crystals-Kyber

KW - One-way to hiding

KW - Post-quantum cryptography

KW - Tight security

UR - https://www.scopus.com/pages/publications/85145018268

U2 - 10.1007/978-3-031-22301-3_17

DO - 10.1007/978-3-031-22301-3_17

M3 - Conference Paper

AN - SCOPUS:85145018268

SN - 9783031223006

T3 - Lecture Notes in Computer Science

SP - 332

EP - 351

BT - Information Security and Privacy - 27th Australasian Conference, ACISP 2022 Wollongong, NSW, Australia, November 28–30, 2022 Proceedings

A2 - Nguyen, Khoa

A2 - Yang, Guomin

A2 - Guo, Fuchun

A2 - Susilo, Willy

PB - Springer

CY - Cham Switzerland

T2 - Australasian Conference on Information Security and Privacy 2022

Y2 - 28 November 2022 through 30 November 2022

ER -

Ding X, Esgin MF , Sakzad A , Steinfeld R. An injectivity analysis of Crystals-Kyber and Implications on quantum security. In Nguyen K, Yang G, Guo F, Susilo W, editors, Information Security and Privacy - 27th Australasian Conference, ACISP 2022 Wollongong, NSW, Australia, November 28–30, 2022 Proceedings. Cham Switzerland: Springer. 2022. p. 332-351. (Lecture Notes in Computer Science). doi: 10.1007/978-3-031-22301-3_17