TiGER의 복호화 실패율 분석

Vol. 34, No. 2, pp. 157-166, 4월. 2024
10.13089/JKIISC.2024.34.2.157, Full Text:
Keywords: Post-Quantum Cryptography, Ring-LWE(R), Decryption Failures, Error Correcting Codes
Abstract

Probability of decryption failure of a public key cryptography based on LWE(learning with errors) is determined by its architecture and parameter settings. Since large decryption failure probability leads to attacks[1] on scheme as well as degradation of performance, TiGER[2], a Ring-LWE(R)-based KEM proposed for the first round of KpqC, tried to reduce the decryption failure probability by using error correction code Xef and D2 encoding method. However, D’Anvers et al. has shown that the commonly assumed independence of each bit error is not established since in the case of an encryption scheme based on Ring-LWE(R) using an error correction code, there is error dependency which is not negligible[3]. In this paper, since TiGER does not consider the error dependency, we calcualte the decryption failure probability of TiGER by considering the error dependency. In addition, we found that the bit error probability is incorrectly calculated in TiGER, so we present the correct calculation.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
이승우, 김종현, 박종환, "Analysis on Decryption Failure Probability of TiGER," Journal of The Korea Institute of Information Security and Cryptology, vol. 34, no. 2, pp. 157-166, 2024. DOI: 10.13089/JKIISC.2024.34.2.157.

[ACM Style]
이승우, 김종현, and 박종환. 2024. Analysis on Decryption Failure Probability of TiGER. Journal of The Korea Institute of Information Security and Cryptology, 34, 2, (2024), 157-166. DOI: 10.13089/JKIISC.2024.34.2.157.