Public-key cryptosystems built on quasi-cyclic (QC) low-density parity-check and moderate-density parity-check codes are promising candidates for post-quantum cryptography, since they are characterised by compact keys and high algorithmic efficiency. The main issue with this kind of system is represented by the fact that, since the decoding procedure is probabilistic, it may leak information about the secret key. In this work, the authors study cryptanalysis procedures that aim at recovering the secret key by exploiting this fact. They identify the phenomenon that is at the basis of these procedures and show that the QC structure plays an important role in the success of these attacks. They use a graph analogy to study the complexity of these attacks, and show that their feasibility strongly depends on the QC structure. They also devise an approach to perform full cryptanalysis by combining an information set decoding algorithm with some partial knowledge about the structure of the secret key.
Complexity of statistical attacks on QC-LDPC code-based cryptosystems / Santini, Paolo; Baldi, Marco; Chiaraluce, Franco. - In: IET INFORMATION SECURITY. - ISSN 1751-8709. - ELETTRONICO. - 14:3(2020), pp. 304-312. [10.1049/iet-ifs.2019.0420]
Complexity of statistical attacks on QC-LDPC code-based cryptosystems
SANTINI, PAOLO
;Baldi, Marco;Chiaraluce, Franco
2020-01-01
Abstract
Public-key cryptosystems built on quasi-cyclic (QC) low-density parity-check and moderate-density parity-check codes are promising candidates for post-quantum cryptography, since they are characterised by compact keys and high algorithmic efficiency. The main issue with this kind of system is represented by the fact that, since the decoding procedure is probabilistic, it may leak information about the secret key. In this work, the authors study cryptanalysis procedures that aim at recovering the secret key by exploiting this fact. They identify the phenomenon that is at the basis of these procedures and show that the QC structure plays an important role in the success of these attacks. They use a graph analogy to study the complexity of these attacks, and show that their feasibility strongly depends on the QC structure. They also devise an approach to perform full cryptanalysis by combining an information set decoding algorithm with some partial knowledge about the structure of the secret key.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.