Difference between revisions of "LOTUS-KEM"

From PQC WIKI
en>Admin
 
m (1 revision imported)
 

Latest revision as of 23:34, 12 May 2021


LOTUS-KEM - round 1

Variant
Description Learning with errors
Assumption LWE
Functionality PKE
Public Key
(bytes)
L1 ; 658950, L3; 1025000, L5; 1471000
Secret Key
(bytes)
L1; 700420, L3; 1101000, L5; 1590800
CIPH/SIG
(bytes)
L1; 1144, L3; 1456, L5; 1768
Attacks - Comment It is shown that KEM LOTUS 128 fails to achieve CCA security. The claim is confirmed by the designers and the proposal is revised. It is claimed by the designers that previously proposed attack does not apply anymore.
Security Discussions IND-CCA2
Challenges
Notes
Updated [