Oracle-Resilient KEMs: Primitives Secure Against Plaintext-Checking and Full-Decryption Oracles

Introduce a strengthened security notion (e.g., IND-CCA-PC/FD) where the adversary has access to bounded-value plaintext-checking (PC) and full-decryption (FD) oracles modeling fault, mismatch, or side-channel leakage. Construct KEMs that provably retain confidentiality under such oracle access by design, using techniques such as algebraically deterministic and failure-free decryption, ciphertexts carrying lightweight zero-knowledge proofs of correct encapsulation, and redundancy encodings that render oracle answers statistically uninformative without the secret. This approach moves beyond patching implementations to designing oracle-robust primitives, addressing recent MV-PC and FD-oracle attacks on code-based HQC. The research builds on attack models, quantum attack surfaces, embedded system lessons, and classical CCA transforms adapted to noisy oracles. The outcome is a new security target and the first KEMs with proofs against PC/FD oracle exposure, directly applicable to NIST-selected code- and lattice-based schemes.

References:

1. Quantum algorithms for attacking hardness assumptions in classical and post-quantum cryptography. Jean-François Biasse, X. Bonnetain, E. Kirshanova, A. Schrottenloher, F. Song (2023). IET Information Security.
2. Quantum-safe cryptography: crossroads of coding theory and cryptography. Jiabo Wang, Ling Liu, Shanxiang Lyu, Zheng Wang, Mengfan Zheng, Fuchun Lin, Zhao Chen, L. Yin, Xiaofu Wu, Cong Ling (2021). Science China Information Sciences.
3. Multi-Value Plaintext-Checking and Full-Decryption Oracle-Based Attacks on HQC from Offline Templates. Haiyue Dong, Qian Guo (2025). IACR Cryptology ePrint Archive.
4. Intro to Code-Based Schemes. Raul-Martin Rebane, Vitaly Skachek (2019).
5. SoK: The Engineer's Guide to Post-Quantum Cryptography for Embedded Devices. Maximilian Pursche, Nikolai Puch, Sebastian N. Peters, Michael P. Heinl (2024). IACR Cryptology ePrint Archive.