Fast Lattice-Based Encryption: Stretching Spring

Bouillaguet, Charles; Delaplace, Claire; Fouque, Pierre-Alain; Kirchner, Paul

Document type :

Communication dans un congrès avec actes

Title :

Fast Lattice-Based Encryption: Stretching Spring

Author(s) :

Bouillaguet, Charles [Auteur]

Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189 [CRIStAL]
Delaplace, Claire [Auteur]
EMbedded SEcurity and Cryptography [EMSEC]
Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189 [CRIStAL]
Fouque, Pierre-Alain [Auteur]
EMbedded SEcurity and Cryptography [EMSEC]
Kirchner, Paul [Auteur]
École normale supérieure - Paris [ENS-PSL]

Conference title :

International Workshop on Post-Quantum Cryptography

City :

Utrecht

Country :

Pays-Bas

Start date of the conference :

2017-06-26

HAL domain(s) :

Informatique [cs]/Cryptographie et sécurité [cs.CR]

English abstract : [en]

The SPRING pseudo-random function (PRF) has been described by Banerjee, Brenner, Leurent, Peikert and Rosen at FSE 2014. It is quite fast, only 4.5 times slower than the AES (without hardware acceleration) when used in ...
Show more >The SPRING pseudo-random function (PRF) has been described by Banerjee, Brenner, Leurent, Peikert and Rosen at FSE 2014. It is quite fast, only 4.5 times slower than the AES (without hardware acceleration) when used in counter mode. SPRING is similar to the PRF of Banerjee, Peikert and Rosen from EUROCRYPT 2012, whose security relies on the hardness of the Learning With Rounding (LWR) problem, which can itself be reduced to hard lattice problems. However, there is no such chain of reductions relating SPRING to lattice problems, because it uses small parameters for efficiency reasons. Consequently, the heuristic security of SPRING is evaluated using known attacks and the complexity of the best known algorithms for breaking the underlying hard problem. In this paper, we revisit the efficiency and security of SPRING when used as a pseudo-random generator. We propose a new variant which is competitive with the AES in counter mode without hardware AES acceleration, and about four times slower than AES with hardware acceleration. In terms of security, we improve some previous analysis of SPRING and we estimate the security of our variant against classical algorithms and attacks. Finally, we implement our variant using AVX2 instructions, resulting in high performances on high-end desktop computers .Show less >

Language :

Anglais

Peer reviewed article :

Oui

Audience :

Internationale

Popular science :

Non

Collections :