International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Swoosh: Efficient Lattice-Based Non-Interactive Key Exchange

Authors:
Phillip Gajland
Bor de Kock
Miguel Quaresma
Giulio Malavolta
Peter Schwabe
Download:
Search ePrint
Search Google
Presentation: Slides
Abstract: The advent of quantum computers has sparked significant interest in post-quantum cryptographic schemes, as a replacement for currently used cryptographic primitives. In this context, lattice-based cryptography has emerged as the leading paradigm to build post-quantum cryptography. However, all existing viable replacements of the classical Diffie-Hellman key exchange require additional rounds of interactions, thus failing to achieve all the benefits of this protocol. Although earlier work has shown that lattice-based Non-Interactive Key Exchange~(NIKE) is theoretically possible, it has been considered too inefficient for real-life applications. In this work, we challenge this folklore belief and provide the first evidence against it. We construct an efficient lattice-based NIKE whose security is based on the standard module learning with errors (M-LWE) problem in the quantum random oracle model. Our scheme is obtained in two steps: (i) A passively-secure construction that achieves a strong notion of correctness, coupled with (ii) a generic compiler that turns any such scheme into an actively-secure one. To substantiate our efficiency claim, we provide an optimised implementation of our passively-secure construction in Rust and Jasmin. Our implementation demonstrates the scheme's applicability to real-world scenarios, yielding public keys of approximately $220$\,KBs. Moreover, the computation of shared keys takes fewer than $12$ million cycles on an Intel Skylake CPU, offering a post-quantum security level exceeding $120$ bits.
Video: https://www.youtube.com/watch?v=Mo4g5z2Sea4
BibTeX
@misc{rwc-2024-35345,
  title={Swoosh: Efficient Lattice-Based Non-Interactive Key Exchange},
  note={Video at \url{https://www.youtube.com/watch?v=Mo4g5z2Sea4}},
  howpublished={Talk given at RWC 2024},
  author={Phillip Gajland and Bor de Kock and Miguel Quaresma and Giulio Malavolta and Peter Schwabe},
  year=2024
}