An attack on a NIST proposal: RankSign, a code-based signature in rank metric
نویسندگان
چکیده
RankSign is a code-based signature scheme proposed to the NIST competition for postquantum cryptography [AGH17]. It is based on the rank metric and enjoys remarkably small key sizes, about 10KBytes for an intended level of security of 128 bits. It is also one of the fundamental blocks used in the rank metric identity based encryption scheme [GHPT17]. Unfortunately we will show that all the parameters proposed for this scheme in [AGH17] can be broken by an algebraic attack that exploits the fact that the augmented LRPC codes used in this scheme have very low weight codewords.
منابع مشابه
RankSign: An Efficient Signature Algorithm Based on the Rank Metric
We propose a new approach to code-based signatures that makes use in particular of rank metric codes. When the classical approach consists in finding the unique preimage of a syndrome through a decoding algorithm, we propose to introduce the notion of mixed decoding of erasures and errors for building signature schemes. In that case the difficult problem becomes, as is the case in lattice-based...
متن کاملIdentity-Based Encryption from Codes with Rank Metric
Code-based cryptography has a long history, almost as long as the history of public-key encryption (PKE). While we can construct almost all primitives from codes such as PKE, signature, group signature etc, it is a long standing open problem to construct an identity-based encryption from codes. We solve this problem by relying on codes with rank metric. The concept of identity-based encryption ...
متن کاملRank based cryptography : a credible post-quantum alternative to classical cryptography
In this paper we present rank-based cryptogra phy and discuss its interest relatively to other post-quantum families of cryptosystems like for in stance code (Hamming)-based cryptography or lattice (Euclidean)-based cryptography. We also survey re cent interesting results for this metric and show that rank based cryptography has many advantages and is a credible alternative to classical cryp...
متن کاملAttack on the Edon-K Key Encapsulation Mechanism
The key encapsulation mechanism EDON-K was proposed in response to the call for post-quantum cryptography standardization issued by the National Institute of Standards and Technologies (NIST). This scheme is inspired by the McEliece scheme but uses another family of codes defined over F2128 instead of F2 and is not based on the Hamming metric. It allows significantly shorter public keys than th...
متن کاملAggrandizing the beast's limbs: patulous code reuse attack on ARM architecture
Since smartphones are usually personal devices full of private information, they are a popular target for a vast variety of real-world attacks such as Code Reuse Attack (CRA). CRAs enable attackers to execute any arbitrary algorithm on a device without injecting an executable code. Since the standard platform for mobile devices is ARM architecture, we concentrate on available ARM-based CRAs. Cu...
متن کامل