Skip to Main content Skip to Navigation
Conference papers

Attack on LAC Key Exchange in Misuse Situation

Aurélien Greuet 1 Simon Montoya 2, 3, 1 Guénaël Renault 2, 3
2 GRACE - Geometry, arithmetic, algorithms, codes and encryption
LIX - Laboratoire d'informatique de l'École polytechnique [Palaiseau], Inria Saclay - Ile de France
Abstract : LAC is a Ring Learning With Error based cryptosystem that has been proposed to the NIST call for post-quantum standardization and passed the rst round of the submission process. The particularity of LAC is to use an error-correction code ensuring a high security level with small key sizes and small ciphertext sizes. LAC team proposes a CPA secure cryptosystem, LAC.CPA, and a CCA secure one, LAC.CCA, obtained by applying the Fujisaki-Okamoto transformation on LAC.CPA. In this paper, we study the security of LAC Key Exchange (KE) mechanism, using LAC.CPA, in a misuse context: when the same secret key is reused for several key exchanges and an active adversary has access to a mismatch oracle. This oracle indicates information on the possible mismatch at the end of the KE protocol. In this context, we show that an attacker needs at most 8 queries to the oracle to retrieve one coecient of a static secret key. This result has been experimentally conrmed using the reference and optimized implementations of LAC. Since our attack can break the CPA version in a misuse context, the Authenticated KE protocol, based on the CCA version, is not impacted. However, this research provides a tight estimation of LAC resilience against this type of attacks.
Document type :
Conference papers
Complete list of metadata
Contributor : Guénaël Renault Connect in order to contact the contributor
Submitted on : Tuesday, December 8, 2020 - 1:28:44 PM
Last modification on : Wednesday, November 3, 2021 - 9:54:39 AM
Long-term archiving on: : Tuesday, March 9, 2021 - 7:20:57 PM


Files produced by the author(s)


  • HAL Id : hal-03046345, version 1


Aurélien Greuet, Simon Montoya, Guénaël Renault. Attack on LAC Key Exchange in Misuse Situation. CANS 2020 - 19th International conference on Cryptology and Network Security, Dec 2020, Vienna, Austria. ⟨hal-03046345⟩



Les métriques sont temporairement indisponibles