Decryption Failure Attacks on Post-Quantum Cryptography

Research output: ThesisDoctoral Thesis (compilation)

200 Downloads (Pure)


This dissertation discusses mainly new cryptanalytical results related to issues of securely implementing the next generation of asymmetric cryptography, or Public-Key Cryptography (PKC).

PKC, as it has been deployed until today, depends heavily on the integer factorization and the discrete logarithm problems.
Unfortunately, it has been well-known since the mid-90s, that these mathematical problems can be solved due to Peter Shor's algorithm for quantum computers, which achieves the answers in polynomial time.
The recently accelerated pace of R&D towards quantum computers, eventually of sufficient size and power to threaten cryptography, has led the crypto research community towards a major shift of focus.

A project towards standardization of Post-quantum Cryptography (PQC) was launched by the US-based standardization organization, NIST.
PQC is the name given to algorithms designed for running on classical hardware/software whilst being resistant to attacks from quantum computers.
PQC is well suited for replacing the current asymmetric schemes.
A primary motivation for the project is to guide publicly available research toward the singular goal of finding weaknesses in the proposed next generation of PKC.

For public key encryption (PKE) or digital signature (DS) schemes to be considered secure they must be shown to rely heavily on well-known mathematical problems with theoretical proofs of security under established models, such as indistinguishability under chosen ciphertext attack (IND-CCA).
Also, they must withstand serious attack attempts by well-renowned cryptographers both concerning theoretical security and the actual software/hardware instantiations.
It is well-known that security models, such as IND-CCA, are not designed to capture the intricacies of inner-state leakages.
Such leakages are named side-channels, which is currently a major topic of interest in the NIST PQC project.

This dissertation focuses on two things, in general:
1) how does the low but non-zero probability of decryption failures affect the cryptanalysis of these new PQC candidates?
And 2) how might side-channel vulnerabilities inadvertently be introduced when going from theory to the practice of software/hardware implementations?
Of main concern are PQC algorithms based on lattice theory and coding theory.

The primary contributions are the discovery of novel decryption failure side-channel attacks, improvements on existing attacks, an alternative implementation to a part of a PQC scheme, and some more theoretical cryptanalytical results.
Original languageEnglish
Awarding Institution
  • Department of Electrical and Information Technology
  • Johansson, Thomas, Supervisor
  • Stankovski Wagner, Paul, Assistant supervisor
  • Guo, Qian, Assistant supervisor
  • Mauritsson, Sebastian, Assistant supervisor, External person
Thesis sponsors
Award date2023 May 11
Place of PublicationLund
ISBN (Print)978-91-8039-695-0
ISBN (electronic) 978-91-8039-696-7
Publication statusPublished - 2023 May 11

Bibliographical note

Defence details
Date: 2023-05-11
Time: 09:15
Place: Lecture Hall E:A, building E, Ole Römers väg 3, Faculty of Engineering LTH, Lund University, Lund. The dissertation will be live streamed, but part of the premises is to be excluded from the live stram.
External reviewer(s)
Name: Saarinen, Markku-Juhani
Title: Prof. of Practice
Affiliation: Tampere University, Finland.

Subject classification (UKÄ)

  • Electrical Engineering, Electronic Engineering, Information Engineering

Free keywords

  • Post-quantum cryptography
  • Code-based cryptography
  • Lattice-based cryptography
  • side-channel attack


Dive into the research topics of 'Decryption Failure Attacks on Post-Quantum Cryptography'. Together they form a unique fingerprint.

Cite this