|| A reconciliation approach to key generation based on Module-LWE
||Charbel Saliba, Laura Luzzi, ETIS (CY Université, ENSEA, CNRS), France; Cong Ling, Imperial College London, United Kingdom|
||D4-S2-T4: Key Generation & Agreement II
||Thursday, 15 July, 22:20 - 22:40
||Thursday, 15 July, 22:40 - 23:00
We consider a key encapsulation mechanism (KEM) based on Module-LWE where reconciliation is performed on the 8-dimensional lattice E_8, which admits a fast CVP algorithm. Our scheme generates 256 bits of key and requires 3 or 4 bits of reconciliation per dimension. We show that it can outperform Kyber in terms of the modulus q with comparable error probability and similar requirements in terms of bandwidth. We prove that our protocol is IND-CPA secure and improves the security level of Kyber by 7.3%.