PhD Proposal: Improved Robustness and Versatility of Lattice-Based Cryptography

Talk
Huijing Gong
Time: 
02.07.2020 09:00 to 11:00
Location: 

IRB 5105

All public key cryptosystems that are based on hardness of integer factorization and discrete logarithm are insecure in the presence of large-scale quantum computers. A large effort has been devoted to replacing the current quantum-insecure cryptosystems with newly developed "post-quantum" cryptosystems, conjectured to be secure against quantum attack. Lattice-based cryptography has been widely recognized as a prominent candidate for practical, post-quantum security.I propose to design lattice-based cryptosystems and analyze the security impact of information leakage on lattice cryptography. I begin with two of my prior works. (1) Group key-exchange protocols allow a set of N parties to agree on a shared, secret key by communicating over a public network. We present a constant-round protocol for unauthenticated group key exchange (i.e., with security against a passive eavesdropper) based on the hardness of a lattice problem, which hence yields (plausible) post-quantum security. (2) The leftover hash lemma is a mathematical tool, used in the analysis of various lattice-based cryptosystems, as well as their leakage-resilient counterparts. However, it does not hold in the ring setting, which is typical for efficient cryptosystems. We present an approach towards a ring analogue of leftover hash lemma by generalizing the "regularity lemma" of Lyubashevsky et al. (Eurocrypt '13) to certain conditional distributions.My proposed works are in three directions: (1) Provide a cryptanalysis framework of estimating hardness of a lattice problem which can take various types of leaked information into account. The framework can be applied to practical side-channel studies to improve their performance. (2) Construct cryptographic protocols based on the hardness of a new lattice assumption which performs well in both efficiency and security. (3) In addition to designing cryptographic schemes, cryptanalyze a protocol based on this new lattice assumption.Examining Committee:

Chair: Dr. Dana Dachman-Soled Dept rep: Dr. Michelle Mazurek Members: Dr. William Gasarch