Employment of Homophonic Coding for Improvement of Certain Encryption Approaches Based on the LPN Problem Miodrag Mihaljevic and Hideki Imai Research Center for Information Security (RCIS), National Institute AIST, Tokyo Symmetric Key Encryption Workshop 2011 Copenhagen, 17 February 2011 1
Abstract • This talk proposes an • The proposed encryption is improvement of certain compared with the related encryption approaches recently reported ones and designed based on it is pointed out that the hardness of the learning novel scheme can provide from parity with noise an enhanced security, (LPN) problem. reduced communications • The proposal employs a overhead and has dedicated homophonic approximately the same coding and randomness implementation resulting in a harder complexity . underlying LPN problem in comparison with the related source schemes without homophonic coding. 2
Roadmap • Introduction • Encryption Involving Homophonic Coding • Security Evaluation • Comparisons • A Step Forward • Concluding Remarks 3
I. Introduction Encryption Schemes Based on the LPN Problem 4
Encryption Schemes Based on the LPN Problem • H. Gilbert, M.J.B. Robshaw, and Y. Seurin, “ How to Encrypt with the LPN Problem ”, ICALP 2008, Part II, Lecture Notes in Computer Science , vol. 5126, pp. 679-690, 2008. • B. Applebaum, D. Cash, C. Peikert and A. Sahai, “ Fast Cryptographic Primitives and Circular- Secure Encryption Based on Hard Learning Problems ”, CRYPTO 2009, Lecture Notes in Computer Science , vol. 5677, pp. 595-618, Aug. 2009. 5
LPN Problem Based Encryption 6
LPN Problem Based Encryption Encryption public u random vector X Secret Key Matrix z a + + Error-Correction Encoding ciphertext plaintext Source of Randomness Decryption z a + Error-Correction Decoding plaintext ciphertext { x i } u X Secret Key Matrix 7
II. Encryption Based on Pseudo-Randomness, Randomness and Dedicated Coding Pow ower of of Random omness ss for or Enhancing g Security and Low ow Im Implementation on Com omplexi xity 8
Design Motivations • Our goal is to design an • Accordingly, this paper encryption scheme where, proposes employment of the assuming the chosen plaintext concatenation of dedicated attack, the randomness involved homophonic encoding and in homophonic encoding error-correction coding protects secret key as a instead of just the error- consequence of the following: correction one as the • Removing of the randomness, approach for enhancing the i.e. decoding, without security, as well as to knowledge of the secret key provide additional becomes as complex as implementation flexibility recovering the secret key of the encryption schemes employing the exhaustive search reported at ICALP2008 and approach. CRYPTO2009. • (The security evaluation given shows how close the proposed design is to the above specified goal.) 9
Power of Randomness for High Security and Low Implementation Complexity Design Components: Effects: • Simple Finite State • Enhanced Security Machine for the Implied by Pseudo-Randomness Randomness • Dedicated Coding: • Low Implementation Homophonic and Complexity Error-Correction Ones • Randomness 10
k u f(k,u ) u + z a [ a || r ] G r v 11
An Advanced LPN Problem Based Encryption Scheme Employing Homophonic Coding Power of Randomness for Enhancing Security 12
Homophonic Coding Based LPN Encryption Encryption public u random vector X Secret Key Matrix z a + + Homophonic Error-Correction Encoding Encoding ciphertext plaintext Source of Randomness Decryption z a Homophonic + Error-Correction Decoding Decoding plaintext ciphertext u X Secret Key Matrix 13
14
15
Homophonic Coding Based LPN Encryption Encryption public u random vector X Secret Key Matrix z a + + Homophonic Error-Correction Encoding Encoding ciphertext plaintext Source of Randomness Decryption z a Homophonic + Error-Correction Decoding Decoding plaintext ciphertext u X Secret Key Matrix 16
Homophonic Encoding Groups of the codewords: Same Codewords and N-dim Sphere symbol denote different codewords belonging to the same group * x * x * * * * x x x x x x x x x * * * * * * * * * 17
Homophonic and Error-Correction Encoding data rand Generator Matrix Generator Matrix = of of x x Homophonic Code Error-Correcting Code codeword = 18
Origins of for the Enhanced Security • Effects of • Hardness of involvement decoding randomness . without secret key. 19
III. Security Evaluation Computational Complexity 20
Algebraic Representation at Bit-Level 21
22
Security Implied by Hardness of Recovering Secret Key Based on the Algebraic Representation of Encryption - The Computational Complexity - 23
Basic System of Equations Related to a Single Word when the Plaintext Consists of all Zeros 24
The Aggregated System with eliminated “purely random bits” 25
LPN Problem (an equivalent formulation) known binary vector = noise (unknown) + x secret known binary matrix 26
Underlying Problem of the LPN noisy variables linear-f1(x 1 , x 2 , …, x K ) = z 1 O S V Y E S linear-f2(x 1 , x 2 , …, x K ) = z 2 R T D E E M F … I N E linear-fN(x 1 , x 2 , …, x K ) = z N D 27 K << N
The Corrupting Noise 28
Security and LPN Problem 29
A Claim on Security of the Proposed Encryption 30
IV. Comparison with the Schemes Reported at ICALP2008 and CRYPTO2009 31
A comparison of certain features of the proposed encryption and two related ones recently reported at ICALP2008 and CRYPTO2009. (The "balanced random bit" is one which takes values "0" and "1" withthe same probability equal to 1/2.) 32
Comparison of Certain Implementation Features 33
V. A Step Forward Homophonic Coding Based Compact Stream Ciphers 34
Randomized Stream Ciphers Only Noisy Sample Available for Cryptanalysis 35
Stream Cipher Approaches • One-Time Pad – pure Randomized approach: random approach • A stream cipher based (provable security) on employment of Pseudorandomness, Randomness and • Traditional Dedicated Coding Keystream Generator – finite • Towards provable security implied by state machine: a deterministic approach the dimension of (heuristic security) secret key 36
Power of Randomness for High Security and Low Implementation Complexity Design Components: Effects: • Simple Finite State • Enhanced Security Machine for the Implied by Pseudo-Randomness Randomness • Dedicated Coding: • Low Implementation Homophonic and Complexity Error-Correction Ones • Randomness 37
Homophonic Coding Based LPN Encryption Encryption public u random vector X Secret Key Matrix a z + + Homophonic Error-Correction Encoding Encoding ciphertext plaintext Source of Randomness Decryption z a Homophonic + Error-Correction Decoding Decoding plaintext ciphertext u X Secret Key Matrix 38
Framework for a Stream Ciphers Design Encryption Elementary Keystream Generator secret key { x i } { z i } { a i } + + Homophonic Error-Correction plaintext Encoding Encoding ciphertext { v i } { u i } Source of Randomness Decryption { z i } { a i } + Homophonic Error-Correction Decoding Decoding plaintext ciphertext { x i } Elementary Keystream Generator 39 secret key
VI. Concluding Remarks 40
• The homophonic coding • The framework provides controlled by the computational-complexity randomness, provides that security as hard as certain an attacker faces not only instantiations of the LPN the traditional problems of problem. cryptanalysis but also the • Assuming availability of very problem of decoding short keystream segments without the secret key only, the encryption which appears as complex framework provides certain as the exhaustive search level of information- over the possible secret theoretic security . keys. 41
Thank You Very Much for the Attention, and QUESTIONS Please! 42
Recommend
More recommend