NewHope

Parameters of NewHope512 and NewHope1024; derived high-level properties; and sizes of public keys, secret keys, and ciphertexts of our NewHope instantiations in bytes.

Abstract

NewHope is a key-exchange protocol based on the Ring-Learning-with-Errors (Ring-LWE) problem, which was submitted to the NIST post-quantum crypto project. The submission proposes four different instantiations:

  • NewHope512-CPA-KEM and NewHope1024-CPA-KEM, which are IND-CPA-secure key encapsulation mechanisms which target level 1 and level 5, respectively, in the NIST call for proposals (matching or exceeding the brute-force security of AES-128 and AES-256, respectively)
  • NewHope512-CCA-KEM and NewHope1024-CCA-KEM, which are IND-CCA-secure key encapsulation mechanisms which target level 1 and level 5, respectively, in the NIST call for proposals (matching or exceeding the brute-force security of AES-128 and AES-256, respectively)

Keywords: post-quantum cryptography, key exchange, ring learning with errors

Reference

Erdem Alkim, Roberto Avanzi, Joppe W. Bos, Léo Ducas, Antonio de la Piedra, Peter Schwabe, Douglas Stebila. NewHope. Submission to the NIST Post-Quantum Cryptography standardization project. November 2017. © The authors.

Download

Code

BibTeX