JOURNAL ARTICLE
Key Reuse Attacks on Post-quantum Cryptosystems, Revisited.
Published In: Computer Journal, 2024, v. 67, n. 1. P. 323 1 of 3
Database: Academic Search Ultimate 2 of 3
Authored By: Wang, Ke; Zhang, Zhenfeng; Jiang, Haodong; Xie, Huiqin; Li, Yanjun; Sun, Ying; Han, Lidong 3 of 3
Abstract
This article focuses on a novel automated method to mount key recovery under plaintext checking attacks (KR-PCA) against the reused secret keys of the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) round-3 finalists Kyber.CPAPKE and Saber.PKE, both lattice-based public key encryption (PKE) schemes. Unlike previous KR-PCA approaches that require carefully constructed ciphertext queries, this method employs an optimized brute-force search over a specific ciphertext space to find sequences of ciphertexts that reveal secret key coefficients via oracle queries, achieving key recovery after thousands of queries across all parameter sets. The authors provide detailed analyses and experimental confirmations for Kyber’s three parameter sets (Kyber512, Kyber768, Kyber1024) and Saber’s three parameter sets (LightSaber, Saber, FireSaber), estimating query complexities based on the centered binomial distribution of secret key coefficients. The attack is applicable to similar PKEs and related key encapsulation mechanisms (KEMs), highlighting potential risks in key reuse scenarios despite IND-CPA security, and suggesting avenues for future generalization to other schemes.
Additional Information
- Source:Computer Journal. 2024/01, Vol. 67, Issue 1, p323
- Document Type:Article
- Subject Area:Computer Science
- Publication Date:2024
- ISSN:0010-4620
- DOI:10.1093/comjnl/bxac176
- Accession Number:174909954
- Copyright Statement:Copyright of Computer Journal is the property of Oxford University Press / USA and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Looking to go deeper into this topic? Look for more articles on EBSCOhost.