• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.157-166
• /
• 2024

Probability of decryption failure of a public key cryptography based on LWE(learning with errors) is determined by its architecture and parameter settings. Since large decryption failure probability leads to attacks[1] on scheme as well as degradation of performance, TiGER[2], a Ring-LWE(R)-based KEM proposed for the first round of KpqC, tried to reduce the decryption failure probability by using error correction code Xef and D2 encoding method. However, D'Anvers et al. has shown that the commonly assumed independence of each bit error is not established since in the case of an encryption scheme based on Ring-LWE(R) using an error correction code, there is error dependency which is not negligible[3]. In this paper, since TiGER does not consider the error dependency, we calcualte the decryption failure probability of TiGER by considering the error dependency. In addition, we found that the bit error probability is incorrectly calculated in TiGER, so we present the correct calculation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.167-177
• /
• 2024

This paper proposes optimization techniques for SeaSign, an isogeny-based digital signature algorithm. SeaSign combines class group actions of CSIDH with the Fiat-Shamir with abort. While CSIDH-based algorithms have regained attention due to polynomial time attacks for SIDH-based algorithms, SeaSiogn has not undergone significat optimization because of its inefficiency. In this paper, an efficient signing method for SeaSign is proposed. The proposed signing method is simple yet powerful, achived by repositioning the rejection sampling within the algorithm. Additionally, this paper presnts parameters that can provide optimal performance for the proposed algorithm. As a result, by using the original parameters of SeaSign, the proposed method is three times faster than the original SeaSign. Additonally, combining the newly suggested parameters with the signing method proposed in this paper yields a performance that is 290 times faster than the original SeaSign and 7.47 times faster than the method proposed by Decru et al.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.527-532
• /
• 2021

In this paper, we propose an efficient finite field computation method for Rainbow algorithm, which is the only multivariate quadratic-equation based digital signature among the current US NIST PQC standardization Final List algorithms. Recently, Chou et al. proposed a new efficient implementation method for Rainbow on the Cortex-M4 environment. This paper proposes a new multiplication method over the finite field that can reduce the number of XOR operations by more than 13.7% compared to the Chou et al. method. In addition, a multiplicative inversion over that can be performed by a 4x4 matrix inverse instead of the table lookup method is presented. In addition, the performance is measured by porting the software to which the new method was applied onto RaspberryPI 3B+.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.375-381
• /
• 2023

Fully homomorphic encryption enables algebraic operations on encrypted data, and recently, methods for approximating non-algebraic operations such as the maximum function have been studied. However, precise approximation of max-pooling operations for four or more numbers have not been researched yet. In this study, we propose a precise max-pooling approximation method using the composition of approximate polynomials of the maximum function and theoretically analyze its precision. Experimental results show that the proposed approximate max-pooling has a small amortized runtime of less than 1ms and high precision that matches the theoretical analysis.

• Journal of IKEEE
• /
• v.26 no.4
• /
• pp.736-741
• /
• 2022

Lattice-based cryptography is the most practical post-quantum cryptography because it enjoys strong worst-case security, relatively efficient implementation, and simplicity. Ring learning with errors (R-LWE) is a public key encryption (PKE) method of lattice-based encryption (LBC), and the most important operation of R-LWE is the modular polynomial multiplication of rings. This paper proposes a method for optimizing modular multipliers based on approximate computing (AC) technology, targeting the medium-security parameter set of the R-LWE cryptosystem. First, as a simple way to implement complex logic, LUT is used to omit some of the approximate multiplication operations, and the 2's complement method is used to calculate the number of bits whose value is 1 when converting the value of the input data to binary. We propose a total of two methods to reduce the number of required adders by minimizing them. The proposed LUT-based modular multiplier reduced both speed and area by 9% compared to the existing R-LWE modular multiplier, and the modular multiplier using the 2's complement method reduced the area by 40% and improved the speed by 2%. appear. Finally, the area of the optimized modular multiplier with both of these methods applied was reduced by up to 43% compared to the previous one, and the speed was reduced by up to 10%.