Welcome to the resource topic for
**2018/140**

**Title:**

A Reaction Attack on LEDApkc

**Authors:**
Tomas Fabsic, Viliam Hromada, Pavol Zajac

**Abstract:**

We propose a new reaction attack on the public-key cryptosystem LEDApkc. The adversary uses the decoding failure rate (DFR) analysis to learn information about the secret masking matrix Q. Provided the adversary learns information about Q within 10^4\times \text{DFR}^{-1} decryptions (as prescribed by LEDApkc design to thwart previously known attacks), the adversary builds a small set of candidates for Q. Using these candidates, the adversary obtains candidates for a generator matrix of the secret LDPC code. Afterwards, the adversary applies Sternâ€™s algorithm to recover the secret matrix H, thus recovering the full private key. Provided the adversary can learn information about the matrix Q, the complexity of the attack is below 2^{99} for a parameter set for 128-bit security. In order to study whether the adversary can learn information about Q from 10^4\times \text{DFR}^{-1} decryptions, we conducted experiments with a modified parameter set. The parameter set was modified only in order to increase the DFR, and thus make experiments less computationally expensive. We show that with the modified parameter set it is indeed possible to learn the required information about the matrix Q.

**ePrint:**
https://eprint.iacr.org/2018/140

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

**Example resources include:**
implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .