Authors:
James Howe
and
Máire O'Neill
Affiliation:
Centre for Secure Information Technologies (CSIT), Queen’s University Belfast and, United Kingdom
Keyword(s):
Post-quantum Cryptography, Lattice-based Cryptography, Discrete Gaussian Samplers, Discrete Gaussian Distribution, Random Number Generators, Statistical Analysis.
Related
Ontology
Subjects/Areas/Topics:
Applied Cryptography
;
Cryptographic Techniques and Key Management
;
Data Engineering
;
Databases and Data Security
;
Information and Systems Security
;
Information Assurance
;
Network Security
;
Reliability and Dependability
;
Risk Assessment
;
Security Engineering
;
Security in Information Systems
;
Security Protocols
;
Security Verification and Validation
Abstract:
Lattice-based cryptography is one of the most promising areas within post-quantum cryptography, and offers
versatile, efficient, and high performance security services. The aim of this paper is to verify the correctness of
the discrete Gaussian sampling component, one of the most important modules within lattice-based cryptography.
In this paper, the GLITCH software test suite is proposed, which performs statistical tests on discrete
Gaussian sampler outputs. An incorrectly operating sampler, for example due to hardware or software errors,
has the potential to leak secret-key information and could thus be a potential attack vector for an adversary.
Moreover, statistical test suites are already common for use in pseudo-random number generators (PRNGs),
and as lattice-based cryptography becomes more prevalent, it is important to develop a method to test the
correctness and randomness for discrete Gaussian sampler designs. Additionally, due to the theoretical requirements
for t
he discrete Gaussian distribution within lattice-based cryptography, certain statistical tests for
distribution correctness become unsuitable, therefore a number of tests are surveyed. The final GLITCH test
suite provides 11 adaptable statistical analysis tests that assess the exactness of a discrete Gaussian sampler,
and which can be used to verify any software or hardware sampler design.
(More)