Skip to main content
Cryptography

Questions tagged [kyber]

Ask Question

Kyber is a Key Encapsulation Mechanism (KEM) based on the Module Learning with Errors (MLWE) problem. It is an example of lattice-based cryptography and is part of the Crystals family together with the signature scheme Dilithium.

97 questions
Newest Active Bountied Unanswered
0 votes
1 answer
77 views

I made a PQC library, pqccombo, with Kyber + Dilithium, no_std & std; I'm trying to be 100% NIST compliant. It'd like to remove AES-GCM, although Goog and Amzn are still using hybrid with ECDH
user avatar
5 votes
1 answer
613 views

I have a file encryption application, that currently is using AES-256 in CTR mode, NIST Key Wrap and HMAC-SHA-512 for bulk encryption, session key encryption and integrity. The cryptography is open ...
Xecrets's user avatar
  • 53
3 votes
1 answer
314 views

Currently I am working on implementing a radix-4 NTT algorithm, but most of the research papers use a $2n$th root of unity as an input. However, in the Kyber specification, for $n = 256$ we don't ...
Randomizer13_4's user avatar
  • 31
5 votes
1 answer
105 views

In the "CRYSTALS-Kyber Algorithm Specifications and Supporting Documentation (version 3.01)" paper, the values of $\log_{2}(G)$ are given for the classical gate counts in Categories 1 (...
smith's user avatar
  • 175
3 votes
1 answer
173 views

I understand that CRYSTALS stands for Cryptographic Suite for Algebraic Lattices, which makes sense given its mathematical foundation. But what’s up with the names Kyber and Dilithium? Feels like they’...
Elias's user avatar
  • 131
3 votes
0 answers
81 views

I tried to figure out how to compute the decapsulation failure rate for ML-KEM. Is it same as the decryption failure rate? I use the python codes from https://github.com/pq-crystals/security-estimates....
Crypto Newbie's user avatar
  • 41
2 votes
3 answers
243 views

We know that the security of an encryption scheme must only depend on the key and not on the obscurity of the (key generation, encryption, decryption) algorithms. (Kerckhoff's principal 1883, Shannon ...
user1035648's user avatar
  • 685
5 votes
1 answer
665 views

In the KYBER key agreement algorithm, the mathematical condition dictates that $n|q-1$ and for the NTT implementation, the value of $q$ was chosen to be $3329$. In the DILITHIUM digital signature ...
R_Emad's user avatar
  • 535
2 votes
0 answers
77 views

It seems that in the KYBER KEM algorithm, by changing some parameters (or subfunctions), higher speed can be achieved, of course, security is sacrificed a little! For example, the type of distribution ...
R_Emad's user avatar
  • 535
2 votes
1 answer
182 views

Consider the KYBER KEM algorithm. In this algorithm, a specific distribution called the centered binomial distribution is used instead of the discrete Gaussian distribution. Now, let’s move on to LWE ...
R_Emad's user avatar
  • 535
3 votes
1 answer
171 views

I know CRYSTALS-Kyber is a module-LWE based crypto system that works on rings $$R_q=\frac{\mathbb{Z}_q[x]}{(x^n+1)}.$$ The matrix $A$ is chosen uniformly from $R_q^{k\times k}$ with $k=2$. I don't ...
PAMG's user avatar
  • 215
2 votes
2 answers
112 views

What is the size of the keyspace of Kyber-512's secret key and how long will it theoretically take to bruteforce it?
Xavier's user avatar
  • 137
1 vote
1 answer
80 views

I am implementing the primal attack on Kyber using BKZ and currently I am not able to complete running it for the parameters N=128 and k=2 even after 8 hours. Is there a way to estimate the duration ...
Xavier's user avatar
  • 137
0 votes
0 answers
39 views

I am implementing the primal attack on kyber using the bkz algorithm with the code below. When N=32 or lower, it will produce the decryption key correctly. However, when N=64 the decryption key ...
Xavier's user avatar
  • 137
4 votes
2 answers
439 views

Given that public key security is very important in the Kyber KEM algorithm and if this is not observed, various attacks can be applied to the discovery of the Kyber key. The question is how to ...
R_Emad's user avatar
  • 535

15 30 50 per page
1
2 3 4 5
7