LOTUS-KEM

From PQC WIKI
Revision as of 19:33, 30 May 2019 by en>Admin
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


LOTUS-KEM - round 1

Variant
Description Learning with errors
Assumption LWE
Functionality PKE
Public Key
(bytes)
L1 ; 658950, L3; 1025000, L5; 1471000
Secret Key
(bytes)
L1; 700420, L3; 1101000, L5; 1590800
CIPH/SIG
(bytes)
L1; 1144, L3; 1456, L5; 1768
Attacks - Comment It is shown that KEM LOTUS 128 fails to achieve CCA security. The claim is confirmed by the designers and the proposal is revised. It is claimed by the designers that previously proposed attack does not apply anymore.
Security Discussions IND-CCA2
Challenges
Notes
Updated [