TiGER: Tiny bandwidth key encapsulation mechanism for easy miGration based on RLWE(R)

Seunghwan Park; Chi-Gon Jung; Aesun Park; Joongeun Choi; Honggoo Kang

Paper 2022/1651

TiGER: Tiny bandwidth key encapsulation mechanism for easy miGration based on RLWE(R)

Seunghwan Park, Defense Counter-intelligence Command

Chi-Gon Jung, Defense Counter-intelligence Command

Aesun Park, Defense Counter-intelligence Command

Joongeun Choi, Defense Counter-intelligence Command

Honggoo Kang, Defense Counter-intelligence Command

Abstract

The quantum resistance Key Encapsulation Mechanism (PQC-KEM) design aims to replace cryptography in legacy security protocols. It would be nice if PQC-KEM were faster and lighter than ECDH or DH for easy migration to legacy security protocols. However, it seems impossible due to the temperament of the secure underlying problems in a quantum environment. Therefore, it makes reason to determine the threshold of the scheme by analyzing the maximum bandwidth the legacy security protocol can adapt. We specified the bandwidth threshold at 1,244 bytes based on IKEv2 (RFC7296), a security protocol with strict constraints on payload size in the initial exchange for secret key sharing. We propose TiGER that is an IND-CCA secure KEM based on RLWE(R). TiGER has a ciphertext (1,152bytes) and a public key (928 bytes) smaller than 1,244 bytes, even at the AES256 security level. To our knowledge, TiGER is the only scheme with such an achievement. Also, TiGER satisfies security levels 1, 3, and 5 of NIST competition. Based on reference implementation, TiGER is 1.7-2.6x faster than Kyber and 2.2-4.4x faster than LAC.

Note: This work is submitted to ‘Korean Post-Quantum Cryptography Competition’ (www.kpqc.or.kr).

Metadata

Available format(s): PDF
Category: Public-key cryptography
Publication info: Preprint.
Keywords: PQC RLWE RLWR Lattice-based encryption
Contact author(s): horriblepaper @ gmail com
wjdclrhs @ gmail com
aesunpark18 @ gmail com
joongeuntom @ gmail com
honggoonin @ gmail com
History: 2023-07-17: last of 2 revisions; 2022-11-28: received; See all versions
Short URL: https://ia.cr/2022/1651
License: CC BY

BibTeX

@misc{cryptoeprint:2022/1651,
      author = {Seunghwan Park and Chi-Gon Jung and Aesun Park and Joongeun Choi and Honggoo Kang},
      title = {TiGER: Tiny bandwidth key encapsulation mechanism for easy miGration based on RLWE(R)},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1651},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/1651}},
      url = {https://eprint.iacr.org/2022/1651}
}