IEEE 1363.1-2008

$62.83

IEEE Standard Specification for Public Key Cryptographic Techniques Based on Hard Problems over Lattices

Published By	Publication Date	Number of Pages
IEEE	2008

Guaranteed Safe Checkout

Category: IEEE

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

New IEEE Standard – Inactive-Reserved. Specifications of common public-key cryptographic techniques based on hard problems over lattices supplemental to those considered in IEEE 1363 and IEEE P1363a, including mathematical primitives for secret value (key) derivation, public-key encryption, identification and digital signatures, and cryptographic schemes based on those primitives. Specifications of related cryptographic parameters, public keys and private keys. Class of computer and communications systems is not restricted.

PDF Catalog

PDF Pages	PDF Title
1	IEEE Std 1363.1-2008 Front Cover
3	Title Page
6	Introduction Notice to users Laws and regulations Copyrights
7	Updating of IEEE documents Errata Interpretations Patents Participants
9	CONTENTS
11	Important Notice 1. Overview 1.1 Scope 1.2 Purpose
12	2. Normative references 3. Definitions, acronyms, and abbreviations 3.1 Definitions
19	3.2 Acronyms and abbreviations
21	4. Types of cryptographic techniques 4.1 General model 4.2 Schemes
22	4.3 Additional methods 4.4 Algorithm specification conventions
23	5. Mathematical notation
25	6. Polynomial representation and operations 6.1 Introduction 6.2 Polynomial representation 6.3 Polynomial operations 6.3.1 Polynomial multiplication 6.3.2 Reduction of a polynomial mod q 6.3.3 Inversion in (Z/qZ)[X]/(XN – 1)
28	7. Data types and conversions 7.1 Bit strings and octet strings 7.2 Converting between integers and bit strings (I2BSP and BS2IP) 7.2.1 Integer to bit string primitive (I2BSP)
29	7.2.2 Bit string to integer primitive (BS2IP) 7.3 Converting between integers and octet strings (I2OSP and OS2IP) 7.3.1 Integer to octet string primitive (I2OSP) 7.3.2 Octet string to integer primitive (OS2IP)
30	7.4 Converting between bit strings and right-padded octet strings (BS2ROSP and ROS2BSP) 7.4.1 Bit string to right-padded octet string primitive (BS2ROSP) 7.4.2 Right-padded octet string to bit string primitive (ROS2BSP)
31	7.5 Converting between ring elements and bit strings (RE2BSP and BS2REP) 7.5.1 Ring element to bit string primitive (RE2BSP) 7.5.2 Bit string to ring element primitive (BS2REP)
32	7.6 Converting between ring elements and octet strings (RE2OSP and OS2REP) 7.6.1 Ring element to octet string primitive (RE2OSP) 7.6.2 Octet string to ring element primitive (OS2REP) 8. Supporting algorithms 8.1 Overview
33	8.2 Hash functions 8.3 Encoding methods 8.3.1 General 8.3.2 Blinding polynomial generation methods (BPGM)
34	8.4 Supporting algorithms 8.4.1 Mask generation functions
35	8.4.2 Index generation function
38	9. Short vector encryption scheme (SVES) 9.1 Encryption scheme (SVES) overview 9.2 Encryption scheme (SVES) operations 9.2.1 Key generation
39	9.2.2 Encryption operation
41	9.2.3 Decryption operation
43	9.2.4 Key pair validation methods 9.2.5 Public key validation
45	Annex A (informative) Security considerations A.1 Lattice security: background A.1.1 Lattice definitions
46	A.1.2 Hard lattice problems A.1.3 Theoretical complexity of hard lattice problems A.1.4 Lattice reduction algorithms
47	A.1.5 The Gaussian heuristic and the closest vector problem
48	A.1.6 Modular lattices: definition A.1.7 Modular lattices and quotient polynomial rings A.1.8 Balancing CVP in modular lattices
49	A.1.9 Fundamental CVP ratios in modular lattices A.1.10 Creating a balanced CVP for modular lattices containing a short vector
50	A.1.11 Modular lattices containing (short) binary vectors
51	A.1.12 Convolution modular lattices A.1.13 Heuristic solution time for CVP in modular lattices
52	A.1.14 Zero-forcing A.2 Experimental solution times for NTRU lattices—full key recovery A.2.1 Experimental solution times for NTRU lattices using BKZ reduction
54	A.2.2 Alternative target vectors A.3 Combined lattice and combinatorial attacks on LBP-PKE keys and messages A.3.1 Overview A.3.2 Lattice strength
55	A.3.3 Reduced lattices and the “cliff” A.3.3.1 Running time to obtain a given profile
56	A.3.3.2 The cliff height α and ps
58	A.3.4 Combinatorial strength A.3.4.1 Combinatorial attacks on LBP-PKE keys and messages A.3.4.2 Combinatorial strength in the hybrid case
60	A.3.5 Summary A.4 Other security considerations for LBP-PKE encryption A.4.1 Entropy requirements for key and salt generation A.4.2 Reduction mod q A.4.3 Selection of N A.4.4 Relationship between q and N A.4.5 Form of q
61	A.4.6 Leakage of m’(1) A.4.7 Relationship between p, q, and N A.4.8 Adaptive chosen ciphertext attacks
62	A.4.9 Invertibility of g in Rq A.4.10 Decryption failures A.4.11 OID
63	A.4.12 Use of hash functions by supporting functions A.4.13 Generating random numbers in [0, N – 1] A.4.14 Attacks based on variation in decryption times
64	A.4.15 Choosing to attack r or m A.4.16 Quantum computers A.4.17 Other considerations A.5 A parameter set generation algorithm
65	A.6 Possible parameter sets A.6.1 Size-optimized A.6.1.1 ees401ep1
66	A.6.1.2 ees449ep1 A.6.1.3 ees677ep1
67	A.6.1.4 ees1087ep2 A.6.2 Cost-optimized
68	A.6.2.1 ees541ep1 A.6.2.2 ees613ep1
69	A.6.2.3 ees887ep1 A.6.2.4 ees1171ep1
70	A.6.3 Speed-optimized A.6.3.1 ees659ep1
71	A.6.3.2 ees761ep1 A.6.3.3 ees1087ep1
72	A.6.3.4 ees1499ep1 A.7 Security levels of parameter sets A.7.1 Assumed security levels versus current knowledge
73	A.7.2 Potential research
74	Annex B (informative) Bibliography

Additional information

Standard Title	IEEE Standard Specification for Public Key Cryptographic Techniques Based on Hard Problems over Lattices
Published Code	IEEE
Publication Date	2008

Preview PDF


PDF Format	Searchable	Printable	Preview Now

IEEE 1363.1-2008

PDF Catalog

Related products