Analysis of DSTU 8961:2019 CPA-to-CCA transformation in random oracle model
Abstract
A modular approach is usually used to build modern key encapsulation mechanisms. Some asymmetric scheme is taken as a basis, and with the help of a certain CPA-to-CCA transformation, a key encapsulation mechanism is built on its basis. Many modern key encapsulation mechanisms use provably secure transformations, but for DSTU 8961:2019 there is currently a significant lack of such an analysis. The analysis of such transformations usually takes place not in the standard model, but in the random oracle model, since it is quite difficult to take into account the influence of hash functions. The paper presents the first results of the analysis in the model of the random oracle CPA-to-CCA conversion, which is used in the DSTU 8961:2019 standard to build the key encapsulation mechanism. It is shown that the construction is safe provided that a number of model assumptions are fulfilled.
References
CRYSTALS – Kyber: a CCA-secure module-lattice-based KEM / Leo Ducas., and other. // URL: https://eprint.iacr.org/2017/634.pdf
FrodoKEM. Learning With Errors Key Encapsulation Algorithm Specifications. And Supporting Documentation. / Leo Ducas., and other. // URL: https://frodokem.org/files/FrodoKEM-specification-20210604.pdf
Introduction to Modern Cryptography: Principles and Protocols / Katz, Jonathan; Lindell, Yehuda // Chapman & Hall/CRC Cryptography and Network Security Series, CRC Press, 2014.
Canetti R., Goldreich O., Halevi S. The random oracle methodology, revisited. In: 30th symposium on theory of computing. STOC, 1998. P. 209–218.
А. Dent. A Designer’s Guide to KEMs. // URL: http://www.cogentcryptography.com/papers/designer.pdf
Copyright (c) 2023 Сергій Кандій (Автор)
This work is licensed under a Creative Commons Attribution 4.0 International License.
