Go to ICTC 2022 homepageRethinking on Ciphertext Equality Check of Decapsulation of NIST PQC Standardization 3rd Round Finalist Candidate Saber
Abstract: In this paper, we rethink the ciphertext equality check step of the decapsulation procedure of Saber, which is one out of four KEM finalists in the third round NIST PQC standardization process. Through this investigation, we pursue cryptographic answers to some important questions. Those are why the re-encryption process of Fujisaki-Okamoto transformation, which is commonly used method to satisfy IND-CCA security in most existing lattice-based KEM algorithms including Saber, is especially necessary in the case of Saber, whether the re-encryption process can be further simplified, and whether the ciphertext equality check must be performed over the entire (re-encrypted/originally received) ciphertexts?
0 Replies
Loading