Ouroboros-E: An Efficient Lattice-based Key-Exchange Protocol

Research output: Chapter in Book/Report/Conference proceedingPaper in conference proceeding


The Bit Flipping algorithm is a hard decision decoding algorithm originally designed by Gallager in 1962 to decode Low Density Parity Check Codes (LDPC). It has recently proved to be much more versatile, for Moderate Parity Check Codes (MDPC) or Euclidean metric. We further demonstrate its power by proposing a noisy Euclidean version of it. This tweak allows to construct a lattice based key exchange analogous to the Ouroboros protocol for Hamming metric but with a reduction to the Short Integer Solution (SIS) problem. The very efficient decoding algorithm permits to consider smaller alphabets than for NTRU or Ring-LWE decryption algorithms. Overall we obtain a new protocol which competes with the recent NEWHOPE and Kyber proposals, and also with NTRU. The resulting scheme exploits the cyclicity of the error, and benefits from the security of the renowned SIS problem.


External organisations
  • University of Limoges
  • University of Orléans
Research areas and keywords

Subject classification (UKÄ) – MANDATORY

  • Electrical Engineering, Electronic Engineering, Information Engineering
Original languageEnglish
Title of host publication2018 IEEE International Symposium on Information Theory, ISIT 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages5
ISBN (Print)9781538647806
Publication statusPublished - 2018 Aug 15
Publication categoryResearch
Event2018 IEEE International Symposium on Information Theory, ISIT 2018 - Vail, United States
Duration: 2018 Jun 172018 Jun 22


Conference2018 IEEE International Symposium on Information Theory, ISIT 2018
CountryUnited States