A Refined Analysis of the Cost for Solving LWE via uSVP
作者: Shi Bai , Shaun Miller , Weiqiang Wen
DOI: 10.1007/978-3-030-23696-0_10
关键词: Lattice reduction 、 Sound analysis 、 Embedding 、 Combinatorics 、 Lattice-based cryptography 、 Mathematics 、 Learning with errors 、 Lattice (order)
摘要: The learning with errors (LWE) problem (STOC’05) introduced by Regev is one of the fundamental problems in lattice-based cryptography. One standard strategy to solve LWE reduce it a unique SVP (\(\mathrm {\textsc {u}SVP}\)) via Kannan’s embedding and then apply lattice reduction \(\mathrm {u}SVP}\) problem. There are two methods for estimating cost solving this strategy: first method considers largeness gap (Gama-Nguyen, Eurocrypt’08) second (Alkim et al., USENIX’16) shortness projection shortest vector Gram-Schmidt vectors. These estimates have been investigated Albrecht al. (Asiacrypt’16) who present sound analysis show that experiments fit more consistently estimate. They also observe some cases even behaves better than estimate perhaps due intersection projected In work, we revisit work Alkim We report further providing comparisons suggest leads accurate prediction practice. empirical evidence confirming assumptions used Furthermore, examine gaps derived from embedded explain why preferable use \(\mu = 1\) lattice. This shows there coherent relation between {u}SVP}\). Finally, has conjectured will not happen large parameters. indeed case: no as \(\beta \rightarrow \infty \).
springer.com
archives-ouvertes.fr 
sci-hub.st 参考文章(47)
Shi Bai, Steven D. Galbraith, An Improved Compression Technique for Signatures Based on Learning with Errors the cryptographers’ track at the rsa conference. ,vol. 2013, pp. 28- 47 ,(2014) , 10.1007/978-3-319-04852-9_2
Shi Bai, Steven D. Galbraith, Lattice Decoding Attacks on Binary LWE Information Security and Privacy. pp. 322- 337 ,(2014) , 10.1007/978-3-319-08344-5_21
Yuanmi Chen, Phong Q. Nguyen, BKZ 2.0: better lattice security estimates international conference on the theory and application of cryptology and information security. ,vol. 7073, pp. 1- 20 ,(2011) , 10.1007/978-3-642-25385-0_1
Vadim Lyubashevsky, Lattice Signatures without Trapdoors Advances in Cryptology – EUROCRYPT 2012. ,vol. 7237, pp. 738- 755 ,(2012) , 10.1007/978-3-642-29011-4_43
Guillaume Hanrot, Xavier Pujol, Damien Stehlé, Analyzing blockwise lattice algorithms using dynamical systems international cryptology conference. pp. 447- 464 ,(2011) , 10.1007/978-3-642-22792-9_25
Martin R. Albrecht, Jean-Charles Faugère, Robert Fitzpatrick, Ludovic Perret, Lazy Modulus Switching for the BKW Algorithm on LWE public key cryptography. pp. 429- 445 ,(2014) , 10.1007/978-3-642-54631-0_25
Abhishek Banerjee, Chris Peikert, Alon Rosen, Pseudorandom Functions and Lattices Advances in Cryptology – EUROCRYPT 2012. pp. 719- 737 ,(2012) , 10.1007/978-3-642-29011-4_42
Vadim Lyubashevsky, Daniele Micciancio, On Bounded Distance Decoding, Unique Shortest Vectors, and the Minimum Distance Problem international cryptology conference. pp. 577- 594 ,(2009) , 10.1007/978-3-642-03356-8_34
Zvika Brakerski, Vinod Vaikuntanathan, Fully homomorphic encryption from ring-LWE and security for key dependent messages international cryptology conference. pp. 505- 524 ,(2011) , 10.1007/978-3-642-22792-9_29
Mingjie Liu, Phong Q. Nguyen, Solving BDD by enumeration: an update the cryptographers track at the rsa conference. ,vol. 7779, pp. 293- 309 ,(2013) , 10.1007/978-3-642-36095-4_19