Speedy Error Reconciliation
摘要
Small errors are typically introduced in post-quantum key exchange schemes based on the learning with errors (LWE) problem and its variants can resistance against quantum computing attacks. However, the existence of errors prevents both parties from obtaining the same shared key during the key agreement process. To address this challenge, error reconciliation mechanisms have been proposed to eliminate errors in key exchange. Conventional error reconciliation mechanisms exhibit suboptimal information utilization, with certain approaches (e.g., Peikert’s and Ding’s schemes) constrained to 1-bit key extraction per coefficient. In contrast, our algorithm achieves 2-bit/coefficient extraction via serialized error reconciliation (49% lower failure rate) while maintaining equivalent fault tolerance. In this paper, we introduce a novel mechanism called Speedy Error Reconciliation (SER), which improves both efficiency and fault tolerance in post-quantum key exchange protocols. SER efficiently extracts the most and least significant bits of the secret value, enabling the generation of a 2-bit key in a single reconciliation step, which is more efficient than other mechanisms. By transmitting a signal value of the most significant bit, SER expands the fault tolerance range from \(\frac{q}{8}\) to \(\frac{q}{4} \cdot (1-(\frac{1}{2})^{g})\) (Where g denotes the size of the signal value). While expanding the fault-tolerant range, SER further reduces the failure rate by utilizing the information of the most significant bit signals to generate the least significant bit signals. Compared with Frodo (in the classical mode), it reduces the failure rate from \(2^{-36.2}\) to \(2^{-77.6}\) . After integrating SER into key exchange protocols based on Learning with Errors (LWE), Ring Learning with Errors (RLWE), we find that SER is highly compatible with various protocols. Specifically, the efficiency of Frodo is improved by 61.6% compared with the original protocols after being replaced by SER.