Cluster Computing

, Volume 22, Supplement 1, pp 1717–1727 | Cite as

Cryptanalysis of lattice-based key exchange on small integer solution problem and its improvement

  • Zhengjun JingEmail author
  • Chunsheng Gu
  • Zhimin Yu
  • Peizhong Shi
  • Chongzhi Gao


Wang et al. introduced a new variant of small integer solution (SIS), namely, bilateral inhomogeneous small integer solution (Bi-ISIS) which is based on lattice cryptography, and constructed a Bi-ISIS-based key exchange (KE) protocol. In this paper, we indicate that Wang et al.’s Bi-ISIS-based KE protocol is not secure because a common shared key can be recovered directly by using linear algebraic methods. Furthermore, we analysis two simple variants of the Bi-ISIS-based KE and show that they are also insecure. To avoid the shared key attack, we present an improvement of the Bi-ISIS-based KE, whose security is reduced to the learning with error problem over modules (M-LWE).


Lattice problem Small integer solutions Key exchange Bi-ISIS Algebraic attack 



This work was supported by the National Natural Science Foundation of China (No. 61672270 and No. 61602216), the Research Foundation for Humanities and Social Sciences of Ministry of Education, China (No. 14YJAZH023 and No. 15YJCZH129), the Project of Changzhou Province Science-Based Application (No. 2016365).

Compliance with ethical standards

Conflict of interest

The authors declare that they have no conflict of interest.


  1. 1.
    Li, J., Zhang, Y.H., Cheng, X.F., Yang, X.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Secur. 72(1), 1–12 (2018)Google Scholar
  2. 2.
    Huang, Z., Liu, S.L., Mao, X.P., Chen, K.F., Li, J.: Insight of the protection for data security under selective opening attacks. Inf. Sci. 413(1), 223–224 (2017)Google Scholar
  3. 3.
    Li, J., Li, J.W., Chen, X.F., Jia, C.F., Lou, W.J.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 425–437 (2015)MathSciNetzbMATHGoogle Scholar
  4. 4.
    Stergiou, C., Psannis, K.E., Kim, B.G., Gupta, B.: Secure integration of IoT and cloud computing. Futur. Gener. Comput. Syst. 78(3), 964–975 (2018)Google Scholar
  5. 5.
    Tewari, A., Gupta, B.B.: Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags. J. Supercomput. 73(3), 1085–1102 (2017)Google Scholar
  6. 6.
    Gupta, B.B., Gupta, S., Chaudhary, P.: Enhancing the browser-side context-aware sanitization of suspicious HTML5 code for halting the DOM-based XSS vulnerabilities in cloud. Int. J. Cloud Appl. Comput. 7(1), 1–31 (2017)Google Scholar
  7. 7.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)MathSciNetzbMATHGoogle Scholar
  8. 8.
    Joux, A.: A one round protocol for tripartite Diffie-Hellman. In: International Algorithmic Number Theory Symposium (ANTS), pp. 385–394 (2000)Google Scholar
  9. 9.
    Ran, C., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2001), pp.453-474 (2001)Google Scholar
  10. 10.
    Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)MathSciNetzbMATHGoogle Scholar
  11. 11.
    Buchmann, J.A., Butin, D., G¨opfert, F., Petzoldt, A.: Post-Quantum cryptography: state of the art. In: The New Codebreakers, pp. 88–108 (2016)Google Scholar
  12. 12.
    Ajtai, M.: Generating hard instances of lattice problems. In: Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, pp. 99–108 (1996)Google Scholar
  13. 13.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the Thirty-Seventh Annual ACM Symposium on Theory of Computing (STOC’05), pp. 84–93 (2005)Google Scholar
  14. 14.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing (STOC’09), pp. 169–178 (2009)Google Scholar
  15. 15.
    Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2013), pp. 1–17 (2013)Google Scholar
  16. 16.
    Dan, B., Freeman, D.: Homomorphic signatures for polynomial functions. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2011), pp. 149–168 (2011)Google Scholar
  17. 17.
    Zhang, J., Zhang, Z.F., Ding, J.T., Snook, M.: Authenticated key exchange from ideal lattices. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2015), pp. 719–751 (2015)Google Scholar
  18. 18.
    Peikert, C.: Lattice cryptography for the Internet. In: International Workshop on Post-quantum Cryptography (PQCrypto), pp. 197–219 (2014)Google Scholar
  19. 19.
    Ding, J.T., Xie, X., Lin, X.D.: A simple provably secure key exchange scheme based on the learning with errors problem. IACR Cryptology ePrint Archive: Report 2012/688. (2012)
  20. 20.
    Wang, S.B., Zhu, Y., Ma, D., Feng, R.Q.: Lattice-based key exchange on small integer solution problem. Sci. China Inf. Sci. 57(11), 1–12 (2014)MathSciNetzbMATHGoogle Scholar
  21. 21.
    Gupta, D.S., Biswas, G.P.: Cryptanalysis of Wang et al’.s lattice-based key exchange protocol. Perspect. Sci. 8(1), 228–230 (2016)Google Scholar
  22. 22.
    Mao, S.W., Zhang, P., Wang, H.Z.: Cryptanalysis of a lattice based key exchange protocol. Sci China Inf. Sci. 60(2), 1–3 (2017)Google Scholar
  23. 23.
    Langlois, A., Stehl´e, D.: Worst-case to average-case reductions for module lattices. Des. Codes Cryptogr. 75(3), 565–599 (2015)Google Scholar
  24. 24.
    Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. SIAM J. Comput. 37(1), 267–302 (2007)MathSciNetzbMATHGoogle Scholar
  25. 25.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 1–40 (2009)MathSciNetzbMATHGoogle Scholar
  26. 26.
    Applebaum, B., Cash, D., Peikert, C., Sahai, A.: Fast cryptographic primitives and circular secure encryption based on hard learning problems. In: Advances in Cryptology—CRYPTO 2009, pp. 595–618 (2009)Google Scholar
  27. 27.
    Micciancio, D., Regev, O.: Lattice-based cryptography. In: Post Quantum Cryptography, pp. 147–191 (2009)Google Scholar
  28. 28.
    Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. J. ACM 60(6), 1–35 (2013)MathSciNetzbMATHGoogle Scholar
  29. 29.
    Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Comput. Theory 6(3), 309–325 (2013)MathSciNetzbMATHGoogle Scholar
  30. 30.
    Li, J., Chen, X.F., Li, M.Q., Li, J.W., Lee, P., Lou, W.J.: Secure deduplication with efficient and reliable convergent key management. IEEE Trans. Parallel Distrib. Syst. 25(6), 1615–1625 (2014)Google Scholar
  31. 31.
    Li, P., Li, J., Huang, Z.G., Li, T., Gao, C.Z., Yiu, S.M., Chen, K.: Multi-key privacy-preserving deep learning in cloud computing. Fut. Gener. Comput. Syst. 74(1), 76–85 (2017)Google Scholar
  32. 32.
    Li, J., Liu, Z.L., Chen, X.F., Fatos, X., Tan, X., Wong, D.S.: L-EncDB: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl. Syst. 79(1), 18–26 (2015)Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  • Zhengjun Jing
    • 1
    Email author
  • Chunsheng Gu
    • 1
  • Zhimin Yu
    • 1
  • Peizhong Shi
    • 1
  • Chongzhi Gao
    • 2
  1. 1.School of Computer EngineeringJiangsu University of TechnologyChangzhouChina
  2. 2.School of Computer Science and Educational SoftwareGuangzhou UniversityGuangzhouChina

Personalised recommendations