The 2F construction was created in the hopes of defending known multivariate cryptosystems against rank-based attacks by employing modulus switching. This construction claimed post-quantum encryption with ciphertext sizes much smaller than prominent lattice-based schemes. However, the resulting structure inherent to any 2F cryptosystem yields new challenges in the form of lattice-based attacks. One attack in particular—the NTRU attack—greatly reduces the security of the 2F constructions. The resulting parameters to defend against this attack yield a cryptosystem with ciphertexts only marginally smaller than the lattice-based schemes. In this work, we investigate the security of a 2F cryptosystem, 2FSquare, against lattice-based attacks, determining the viability of the construction and finding realistic, secure parameters. As a point of comparison, we introduce and investigate rectangular variations on NTRU to determine the extent to which lattice-based schemes can achieve small ciphertexts and whether 2F holds an advantage over lattice-based encryption in this respect. We propose new parameter sets with several aspect ratios to determine the extent to which ciphertext size can be adjusted in NTRU-like schemes.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Practical Lattice Attack and Patched Parameters for 2F Multivariate Encryption: Is 2F Still Better Than Standard Lattice Constructions for Small Ciphertext Size?

  • Max Cartor,
  • Jacob Lichtinger,
  • Ray Perlner,
  • Daniel Smith-Tone

摘要

The 2F construction was created in the hopes of defending known multivariate cryptosystems against rank-based attacks by employing modulus switching. This construction claimed post-quantum encryption with ciphertext sizes much smaller than prominent lattice-based schemes. However, the resulting structure inherent to any 2F cryptosystem yields new challenges in the form of lattice-based attacks. One attack in particular—the NTRU attack—greatly reduces the security of the 2F constructions. The resulting parameters to defend against this attack yield a cryptosystem with ciphertexts only marginally smaller than the lattice-based schemes. In this work, we investigate the security of a 2F cryptosystem, 2FSquare, against lattice-based attacks, determining the viability of the construction and finding realistic, secure parameters. As a point of comparison, we introduce and investigate rectangular variations on NTRU to determine the extent to which lattice-based schemes can achieve small ciphertexts and whether 2F holds an advantage over lattice-based encryption in this respect. We propose new parameter sets with several aspect ratios to determine the extent to which ciphertext size can be adjusted in NTRU-like schemes.