O2MD²: A New Post-Quantum Cryptosystem With One-to-Many Distributed Key Management Based on Prime Modulo Double Encapsulation
Polynomial-time attacks designed to run on quantum computers and capable of breaking RSA and AES are already known. It is imperative to develop quantum-resistant algorithms before quantum computers become available. Computationally hard problems defined on lattices have been proposed as the fundamen...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2021-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/9499055/ |
_version_ | 1797200934569246720 |
---|---|
author | Ricardo Neftali Pontaza Rodas Ying-Dar Lin Shih-Lien Lu Keh-Jeng Chang |
author_facet | Ricardo Neftali Pontaza Rodas Ying-Dar Lin Shih-Lien Lu Keh-Jeng Chang |
author_sort | Ricardo Neftali Pontaza Rodas |
collection | DOAJ |
description | Polynomial-time attacks designed to run on quantum computers and capable of breaking RSA and AES are already known. It is imperative to develop quantum-resistant algorithms before quantum computers become available. Computationally hard problems defined on lattices have been proposed as the fundamental security bases for a new type of cryptography. The National Institute of Standards and Technology (NIST) recently hosted the <italic>Post-Quantum Cryptography Standardization</italic> project, aiming to create a roster of innovative post-quantum cryptosystems. These candidates have been publicly available for testing since early 2017. As they are currently under analysis, new proposals are still desirable. As such, we use the ring learning with errors (RLWE) problem combined with arithmetic functions to propose the O2MD<sup>2</sup> cryptosystem, which provides a one-to-many private/public key architecture having a distributed key refresh for a network of users while working on multiple polynomial rings over different prime order fields. Our solution has three different frameworks that reach AES-256 equivalent security, and provides message integrity and message authenticity verifications. We compare our solution’s speed against the speed of the twenty-six different implementations from seven popular candidates in the NIST project, and our cryptosystem performs from 2 to 4 orders of magnitude faster than them. We also propose six different implementations that reach the security levels 1, 3 and 5 proposed in the NIST competition. Finally, we used the NIST <italic>Statistical Test Suite</italic> to verify the indistinguishability of our produced ciphertexts against randomly generated noise. |
first_indexed | 2024-04-24T07:39:32Z |
format | Article |
id | doaj.art-0d1168d6881e411cbf766cfc3ff24aee |
institution | Directory Open Access Journal |
issn | 2169-3536 |
language | English |
last_indexed | 2024-04-24T07:39:32Z |
publishDate | 2021-01-01 |
publisher | IEEE |
record_format | Article |
series | IEEE Access |
spelling | doaj.art-0d1168d6881e411cbf766cfc3ff24aee2024-04-19T23:00:11ZengIEEEIEEE Access2169-35362021-01-01910926010928810.1109/ACCESS.2021.31005519499055O2MD²: A New Post-Quantum Cryptosystem With One-to-Many Distributed Key Management Based on Prime Modulo Double EncapsulationRicardo Neftali Pontaza Rodas0https://orcid.org/0000-0002-5858-8180Ying-Dar Lin1https://orcid.org/0000-0002-5226-4396Shih-Lien Lu2Keh-Jeng Chang3College of Electrical and Computer Engineering, National Chiao Tung University, Hsinchu, TaiwanDepartment of Computer Science, National Chiao Tung University, Hsinchu, TaiwanPieceMakers Technology, Inc., Hsinchu, TaiwanTaiwan Semiconductor Manufacturing Company (TSMC), Hsinchu, TaiwanPolynomial-time attacks designed to run on quantum computers and capable of breaking RSA and AES are already known. It is imperative to develop quantum-resistant algorithms before quantum computers become available. Computationally hard problems defined on lattices have been proposed as the fundamental security bases for a new type of cryptography. The National Institute of Standards and Technology (NIST) recently hosted the <italic>Post-Quantum Cryptography Standardization</italic> project, aiming to create a roster of innovative post-quantum cryptosystems. These candidates have been publicly available for testing since early 2017. As they are currently under analysis, new proposals are still desirable. As such, we use the ring learning with errors (RLWE) problem combined with arithmetic functions to propose the O2MD<sup>2</sup> cryptosystem, which provides a one-to-many private/public key architecture having a distributed key refresh for a network of users while working on multiple polynomial rings over different prime order fields. Our solution has three different frameworks that reach AES-256 equivalent security, and provides message integrity and message authenticity verifications. We compare our solution’s speed against the speed of the twenty-six different implementations from seven popular candidates in the NIST project, and our cryptosystem performs from 2 to 4 orders of magnitude faster than them. We also propose six different implementations that reach the security levels 1, 3 and 5 proposed in the NIST competition. Finally, we used the NIST <italic>Statistical Test Suite</italic> to verify the indistinguishability of our produced ciphertexts against randomly generated noise.https://ieeexplore.ieee.org/document/9499055/Abstract algebracryptographic protocolsquantum cryptographylatticesO2MD²post-quantum |
spellingShingle | Ricardo Neftali Pontaza Rodas Ying-Dar Lin Shih-Lien Lu Keh-Jeng Chang O2MD²: A New Post-Quantum Cryptosystem With One-to-Many Distributed Key Management Based on Prime Modulo Double Encapsulation IEEE Access Abstract algebra cryptographic protocols quantum cryptography lattices O2MD² post-quantum |
title | O2MD²: A New Post-Quantum Cryptosystem With One-to-Many Distributed Key Management Based on Prime Modulo Double Encapsulation |
title_full | O2MD²: A New Post-Quantum Cryptosystem With One-to-Many Distributed Key Management Based on Prime Modulo Double Encapsulation |
title_fullStr | O2MD²: A New Post-Quantum Cryptosystem With One-to-Many Distributed Key Management Based on Prime Modulo Double Encapsulation |
title_full_unstemmed | O2MD²: A New Post-Quantum Cryptosystem With One-to-Many Distributed Key Management Based on Prime Modulo Double Encapsulation |
title_short | O2MD²: A New Post-Quantum Cryptosystem With One-to-Many Distributed Key Management Based on Prime Modulo Double Encapsulation |
title_sort | o2md x00b2 a new post quantum cryptosystem with one to many distributed key management based on prime modulo double encapsulation |
topic | Abstract algebra cryptographic protocols quantum cryptography lattices O2MD² post-quantum |
url | https://ieeexplore.ieee.org/document/9499055/ |
work_keys_str_mv | AT ricardoneftalipontazarodas o2mdx00b2anewpostquantumcryptosystemwithonetomanydistributedkeymanagementbasedonprimemodulodoubleencapsulation AT yingdarlin o2mdx00b2anewpostquantumcryptosystemwithonetomanydistributedkeymanagementbasedonprimemodulodoubleencapsulation AT shihlienlu o2mdx00b2anewpostquantumcryptosystemwithonetomanydistributedkeymanagementbasedonprimemodulodoubleencapsulation AT kehjengchang o2mdx00b2anewpostquantumcryptosystemwithonetomanydistributedkeymanagementbasedonprimemodulodoubleencapsulation |