PolarKyber: Polished Kyber with Smaller Ciphertexts, Greater Security Redundancy, and Lower Decryption Failure Rate
摘要
Kyber is one of the most representative lattice-based public key encryption schemes and has been standardized by the National Institute of Standards and Technology (NIST) as a post-quantum cryptographic standard. However, several aspects remain suboptimal. First, its ciphertext size is considerably larger than that of traditional public-key encryption schemes, posing significant challenges for deployment and migration. Second, its security redundancy is insufficient, as reflected in the decision of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to exclude the NIST Level I parameters from their standards. Third, the decryption failure rates (DFR) for NIST Levels III and V do not adequately align with their intended security levels. To address these issues, we propose PolarKyber, an enhanced version of Kyber that incorporates polar codes. PolarKyber effectively reduces ciphertext size, strengthens security redundancy, and lowers the DFR. Specifically, our enhancements achieve a ciphertext size reduction of 8.82%–18.37%, an effective security improvement of 9–20 bits, and a DFR reduction that ensures compliance with security requirements. These benefits come at the cost of a 17.85%–39.77% increase in computational overhead, primarily during decryption. However, this trade-off is reasonable, as lattice-based schemes are efficient, with ciphertext size being the main deployment bottleneck.