Abstract
Tian and Huang proposed a lattice-based CLS scheme based on the hardness of the SIS problem and proved, in the random oracle model, that the scheme is existentially unforgeable against strong adversaries.Their security proof uses the general forking lemma under the assumption that the underlying hash function H is a random oracle. We show that the hash function in the scheme is neither one-way nor collision-resistant in the view of a strong Type 1 adversary.We point out flaws in the security arguments and present attack algorithms that are successful in the strong Type 1 adversarial model using the weak properties of the hash function.
Original language | English |
---|---|
Article number | 3413567 |
Journal | Security and Communication Networks |
Volume | 2017 |
DOIs | |
State | Published - 2017 |
Bibliographical note
Publisher Copyright:© 2017 Seunghwan Chang et al.