2018
DOI: 10.46586/tches.v2018.i1.142-174
|View full text |Cite
|
Sign up to set email alerts
|

Practical CCA2-Secure and Masked Ring-LWE Implementation

Abstract: During the last years public-key encryption schemes based on the hardness of ring-LWE have gained significant popularity. For real-world security applications assuming strong adversary models, a number of practical issues still need to be addressed. In this work we thus present an instance of ring-LWE encryption that is protected against active attacks (i.e., adaptive chosen-ciphertext attacks) and equipped with countermeasures against side-channel analysis. Our solution is based on a postquantum variant of th… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1

Citation Types

1
114
0

Year Published

2019
2019
2021
2021

Publication Types

Select...
5
1

Relationship

0
6

Authors

Journals

citations
Cited by 68 publications
(115 citation statements)
references
References 22 publications
1
114
0
Order By: Relevance
“…In fact, skipping this check was previously proposed by Valencia et al [VOGR18] in the context of their fault attacks. The need to protect the check was also noted by Oder et al [OSPG18] and by Bauer et al [BGRR19].…”
Section: Generic Attack Descriptionmentioning
confidence: 76%
See 4 more Smart Citations
“…In fact, skipping this check was previously proposed by Valencia et al [VOGR18] in the context of their fault attacks. The need to protect the check was also noted by Oder et al [OSPG18] and by Bauer et al [BGRR19].…”
Section: Generic Attack Descriptionmentioning
confidence: 76%
“…One possible way of building such a masked decoder was presented by Oder et al [OSPG18], who describe a fully masked implementation of an LPR-like lattice KEM. Similar to NewHope, their custom KEM encodes each message bit onto multiple polynomial coefficients.…”
Section: Masked Decodermentioning
confidence: 99%
See 3 more Smart Citations