A security upgrade on the GGH lattice-based cryptosystem
Due to the Nguyen’s attack, the Goldreich-Goldwasser-Halevi (GGH) encryption scheme, simply referred to as GGH cryptosystem, is considered broken. The GGH cryptosystem was initially addressed as the first practical lattice-based cryptosystem. Once the cryptosystem is implemented in a lattice dimensi...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English English |
| Published: |
Penerbit UKM
2020
|
| Subjects: | |
| Online Access: | https://eprints.ums.edu.my/id/eprint/29080/1/A%20security%20upgrade%20on%20the%20GGH%20lattice-based%20cryptosystem%20ABSTRACT.pdf https://eprints.ums.edu.my/id/eprint/29080/2/A%20security%20upgrade%20on%20the%20GGH%20lattice-based%20cryptosystem%20FULL%20TEXT.pdf https://eprints.ums.edu.my/id/eprint/29080/ http://journalarticle.ukm.my/15485/1/25.pdf http://dx.doi.org/10.17576/jsm-2020-4906-25 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Due to the Nguyen’s attack, the Goldreich-Goldwasser-Halevi (GGH) encryption scheme, simply referred to as GGH cryptosystem, is considered broken. The GGH cryptosystem was initially addressed as the first practical lattice-based cryptosystem. Once the cryptosystem is implemented in a lattice dimension of 300 and above, its inventors was conjectured that the cryptosystem is intractable. This conjecture was based on thorough security analyses on the cryptosystem against some powerful attacks. This conjecture became more concrete when all initial efforts for decrypting the published GGH Internet Challenges were failed. However, a novel strategy by the Nguyen’s attack for simplifying the underlying Closest-Vector Problem (CVP) instance that arose from the cryptosystem, had successfully decrypted almost all the challenges and eventually made the cryptosystem being considered broken. Therefore, the Nguyen’s attack is considered as a fatal attack on the GGH cryptosystem. In this paper, we proposed a countermeasure to combat the Nguyen’s attack. By implementing the proposed countermeasure, we proved that the simplification of the underlying CVP instance could be prevented. We also proved that, the upgraded GGH cryptosystem remains practical where the decryption could be done without error. We are optimistic that, the upgraded GGH cryptosystem could make a remarkable return into the mainstream discussion of the lattice-based cryptography. |
|---|