Skip to Main content Skip to Navigation

Extended Security of Lattice-Based Cryptography

Abstract : Lattice-based cryptography is considered as a quantum-safe alternative for the replacement of currently deployed schemes based on RSA and discrete logarithm on prime fields or elliptic curves. It offers strong theoretical security guarantees, a large array of achievable primitives, and a competitive level of efficiency. Nowadays, in the context of the NIST post-quantum standardization process, future standards may ultimately be chosen and several new lattice-based schemes are high-profile candidates. The cryptographic research has been encouraged to analyze lattice-based cryptosystems, with a particular focus on practical aspects. This thesis is rooted in this effort. In addition to black-box cryptanalysis with classical computing resources, we investigate the extended security of these new lattice-based cryptosystems, employing a broad spectrum of attack models, e.g. quantum, misuse, timing or physical attacks. Accounting that these models have already been applied to a large variety of pre-quantum asymmetric and symmetric schemes before, we concentrate our efforts on leveraging and addressing the new features introduced by lattice structures. Our contribution is twofold: defensive, i.e. countermeasures for implementations of lattice-based schemes and offensive, i.e. cryptanalysis. On the defensive side, in view of the numerous recent timing and physical attacks, we wear our designer’s hat and investigate algorithmic protections. We introduce some new algorithmic and mathematical tools to construct provable algorithmic countermeasures in order to systematically prevent all timing and physical attacks. We thus participate in the actual provable protection of the GLP, BLISS, qTesla and Falcon lattice-based signatures schemes. On the offensive side, we estimate the applicability and complexity of novel attacks leveraging the lack of perfect correctness introduced in certain lattice-based encryption schemes to improve their performance. We show that such a compromise may enable decryption failures attacks in a misuse or quantum model. We finally introduce an algorithmic cryptanalysis tool that assesses the security of the mathematical problem underlying lattice-based schemes when partial knowledge of the secret is available. The usefulness of this new framework is demonstrated with the improvement and automation of several known classical, decryption-failure, and side-channel attacks.
Document type :
Complete list of metadata

Cited literature [209 references]  Display  Hide  Download
Contributor : Mélissa Rossi Connect in order to contact the contributor
Submitted on : Wednesday, September 23, 2020 - 9:58:01 AM
Last modification on : Friday, October 15, 2021 - 1:41:22 PM
Long-term archiving on: : Friday, December 4, 2020 - 5:21:18 PM


Files produced by the author(s)


  • HAL Id : tel-02946399, version 1



Mélissa Rossi. Extended Security of Lattice-Based Cryptography. Cryptography and Security [cs.CR]. Équipe CASCADE, Département d'Informatique de l'ENS de Paris; Université PSL, 2020. English. ⟨tel-02946399⟩



Record views


Files downloads