UWSpace is currently experiencing technical difficulties resulting from its recent migration to a new version of its software. These technical issues are not affecting the submission and browse features of the site. UWaterloo community members may continue submitting items to UWSpace. We apologize for the inconvenience, and are actively working to resolve these technical issues.
 

Worst-Case to Average-Case Reductions for the SIS Problem: Tightness and Security

Thumbnail Image

Files

BakosLang_Elena.pdf (571.93 KB)

Date

2019-07-30

Authors

Bakos Lang, Elena

Journal Title

Journal ISSN

Volume Title

Publisher

University of Waterloo

Abstract

We present a framework for evaluating the concrete security assurances of cryptographic constructions given by the worst-case SIVP_γ to average-case SIS_{n,m,q,β} reductions. As part of this analysis, we present the tightness gaps for three worst-case SIVP_γ to average-case SIS_{n,m,q,β} reductions. We also analyze the hardness of worst-case SIVP_γ instances. We apply our methodology to two SIS-based signature schemes, and compute the security guarantees that these systems get from reductions to worst-case SIVP_γ. We find that most of the presented reductions do not apply to the chosen parameter sets for the signature schemes. We propose modifications to the schemes to make the reductions applicable, and find that the worst-case security assurances of the (modified) signature schemes are, for both signature schemes, significantly lower than the amount of security previously claimed.

Description

Keywords

LC Keywords

Citation

URI

http://hdl.handle.net/10012/14832

Collections

Theses
Combinatorics and Optimization