International Association for Cryptologic Research

International Association
for Cryptologic Research


Misuse Attacks on Post-quantum Cryptosystems

Ciprian Băetu
F. Betül Durak
Loïs Huguenin-Dumittan
Abdullah Talayhan
Serge Vaudenay
DOI: 10.1007/978-3-030-17656-3_26 (login may be required)
Search ePrint
Search Google
Abstract: Many post-quantum cryptosystems which have been proposed in the National Institute of Standards and Technology (NIST) standardization process follow the same meta-algorithm, but in different algebras or different encoding methods. They usually propose two constructions, one being weaker and the other requiring a random oracle. We focus on the weak version of nine submissions to NIST. Submitters claim no security when the secret key is used several times. In this paper, we analyze how easy it is to run a key recovery under multiple key reuse. We mount a classical key recovery under plaintext checking attacks (i.e., with a plaintext checking oracle saying if a given ciphertext decrypts well to a given plaintext) and a quantum key recovery under chosen ciphertext attacks. In the latter case, we assume quantum access to the decryption oracle.
Video from EUROCRYPT 2019
  title={Misuse Attacks on Post-quantum Cryptosystems},
  booktitle={Advances in Cryptology – EUROCRYPT 2019},
  series={Advances in Cryptology – EUROCRYPT 2019},
  author={Ciprian Băetu and F. Betül Durak and Loïs Huguenin-Dumittan and Abdullah Talayhan and Serge Vaudenay},