Filters








308 Hits in 9.6 sec

On Ring Learning with Errors over the Tensor Product of Number Fields [article]

Alberto Pedrouzo-Ulloa, Juan Ramón Troncoso-Pastoriza, Fernando Pérez-González
2018 arXiv   pre-print
This hardness problem is denoted as "Multivariate Ring Learning with Errors" (m-RLWE or multivariate RLWE) and we show its relation to hardness problems over the tensor product of ideal lattices.  ...  The "Ring Learning with Errors" (RLWE) problem was formulated as a variant of the "Learning with Errors" (LWE) problem, with the purpose of taking advantage of an additional algebraic structure in the  ...  Conclusions In this work we have presented a multivariate version of the well-known Ring Learning with Errors (RLWE) problem to a multivariate version working over the tensor product of number fields,  ... 
arXiv:1607.05244v3 fatcat:3555h2k6wzdvpg6ylauyyedauu

On the security of the multivariate ring learning with errors problem

Carl Bootland, Wouter Castryck, Frederik Vercauteren
2020 The Open Book Series  
The Multivariate Ring Learning with Errors (m-RLWE) problem was introduced in 2015 by Pedrouzo-Ulloa, Troncoso-Pastoriza and Pérez-González.  ...  Instead of working over a polynomial residue ring with one variable as in RLWE, it works over a polynomial residue ring in several variables.  ...  The first author was also supported PhD fellowship of the Research Foundation Flanders (FWO).  ... 
doi:10.2140/obs.2020.4.57 fatcat:tyyqfdghvna3nhvrlk26jncrzy

Revisiting Multivariate Ring Learning with Errors and its Applications on Lattice-based Cryptography [article]

Alberto Pedrouzo-Ulloa, Juan Ramón Troncoso-Pastoriza, Nicolas Gama, Mariya Georgieva, Fernando Pérez-González
2019 IACR Cryptology ePrint Archive  
The "Multivariate Ring Learning with Errors" problem was presented as a generalization of Ring Learning with Errors (RLWE), introducing efficiency improvements with respect to the RLWE counterpart thanks  ...  Nevertheless, the recent attack presented by Bootland, Castryck and Vercauteren has some important consequences on the security of the multivariate RLWE problem with "non-coprime" cyclotomics; this attack  ...  These contributions, combined, showcase the power and versatility of secure instantiations of the multivariate RLWE problem, and open up new research paths and strategies for realizing efficient (fully  ... 
dblp:journals/iacr/Pedrouzo-UlloaT19 fatcat:y45ql43vfvgljnjchl22riej5e

Revisiting Multivariate Ring Learning with Errors and Its Applications on Lattice-Based Cryptography

Alberto Pedrouzo-Ulloa, Juan Ramón Troncoso-Pastoriza, Nicolas Gama, Mariya Georgieva, Fernando Pérez-González
2021 Mathematics  
The "Multivariate Ring Learning with Errors" problem was presented as a generalization of Ring Learning with Errors (RLWE), introducing efficiency improvements with respect to the RLWE counterpart thanks  ...  Nevertheless, the recent attack presented by Bootland, Castryck and Vercauteren has some important consequences on the security of the multivariate RLWE problem with "non-coprime" cyclotomics; this attack  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/math9080858 fatcat:b3vbn777wjb5texfvbuedcnaui

On Ideal Lattices and Learning with Errors over Rings

Vadim Lyubashevsky, Chris Peikert, Oded Regev
2013 Journal of the ACM  
The "learning with errors" (LWE) problem is to distinguish random linear equations, which have been perturbed by a small amount of noise, from truly uniform ones.  ...  Specifically, we show that the ring-LWE distribution is pseudorandom, assuming that worst-case problems on ideal lattices are hard for polynomial-time quantum algorithms.  ...  We thank Damien Stehlé for useful discussions, and for sharing with us, together with Ron Steinfeld, Keisuke Tanaka, and Keita Xagawa, an early draft of their result.  ... 
doi:10.1145/2535925 fatcat:lcqwpoagsnewhh537qb3ttoqqu

On Ideal Lattices and Learning with Errors over Rings [chapter]

Vadim Lyubashevsky, Chris Peikert, Oded Regev
2010 Lecture Notes in Computer Science  
The "learning with errors" (LWE) problem is to distinguish random linear equations, which have been perturbed by a small amount of noise, from truly uniform ones.  ...  Specifically, we show that the ring-LWE distribution is pseudorandom, assuming that worst-case problems on ideal lattices are hard for polynomial-time quantum algorithms.  ...  We thank Damien Stehlé for useful discussions, and for sharing with us, together with Ron Steinfeld, Keisuke Tanaka, and Keita Xagawa, an early draft of their result.  ... 
doi:10.1007/978-3-642-13190-5_1 fatcat:htckcqetq5ehhkqjjrw4xmaqui

A Toolkit for Ring-LWE Cryptography [chapter]

Vadim Lyubashevsky, Chris Peikert, Oded Regev
2013 Lecture Notes in Computer Science  
with that of more traditional number-theoretic ones, along with entirely new applications like fully homomorphic encryption.  ...  On the other hand, the error rate (roughly, the ratio of the noise magnitude to the modulus q) of the original published ring-LWE samples and the dimension n trade off to determine the theoretical and  ...  We thank Markus Püschel for his help with the sparse decomposition of the "Chinese remainder transform," and Damien Stehlé for useful discussions.  ... 
doi:10.1007/978-3-642-38348-9_3 fatcat:qtyvag7on5hjlkyuo4mpqlgdnq

Multivariate Cryptosystems for Secure Processing of Multidimensional Signals [article]

Alberto Pedrouzo-Ulloa, Juan Ramón Troncoso-Pastoriza, Fernando Pérez-González
2017 arXiv   pre-print
This work introduces a new cryptographic hard problem denoted m-RLWE (multivariate Ring Learning with Errors) which generalizes RLWE, and proposes several relinearization-based techniques to efficiently  ...  The proposed hard problem and the developed techniques give support to lattice cryptosystems that enable encrypted processing of multidimensional signals and efficient conversion between different structures  ...  lattices over the tensor product of an arbitrary number of ring of integers to the search version of m-RLWE.  ... 
arXiv:1712.00848v1 fatcat:qvwgu44yeffyxf3p46k6jruzsa

Non-Commutative Ring Learning With Errors From Cyclic Algebras [article]

Charles Grover, Cong Ling, Roope Vehkalahti
2020 arXiv   pre-print
The Learning with Errors (LWE) problem is the fundamental backbone of modern lattice based cryptography, allowing one to establish cryptography on the hardness of well-studied computational problems.  ...  This ring structure compares favorably with Module LWE, and naturally allows a larger message space for error correction coding.  ...  More explicitly, 2-RLWE considers the tensor product of two fields K = K 1 ⊗ K 2 and runs the LWE assumption in the ring of integers R q .  ... 
arXiv:2008.01834v1 fatcat:2h65qk4u2zerxisxpiicykfmma

Reduction and decomposition of differential automata: Theory and applications [chapter]

Alexey S. Matveev, Andrey V. Savkin
1998 Lecture Notes in Computer Science  
Action of the galois group on prime ideals.  ...  Taha, MA 314: Coding Theory L T P 3 1 0 Polynomial rings over fields, Extension of fields, computation in GF(q), Root fields of polynomials, Vector space over finite fields, Binary group codes,  ... 
doi:10.1007/3-540-64358-3_48 fatcat:hqwvar3zbfftdhg4cybpjwogde

Lattice quantum codes and exotic topological phases of matter [article]

Jeongwan Haah
2013 arXiv   pre-print
The degeneracy, the excitations, and the renormalization group flow can be analyzed using a framework that exploits the spin model's symmetry and some associated free resolutions of modules over polynomial  ...  The degeneracy of the ground state, though also insensitive to perturbations, is a complicated number-theoretic function of the system size, and the system bifurcates into multiple noninteracting copies  ...  The ring of integers and the ring of polynomials in one variable over a field are principal ideal domains; given finitely many generators of an ideal, one can find the greatest common divisor (gcd) by  ... 
arXiv:1305.6973v1 fatcat:lony7ei7dvf4jcbjjfztt7dd3a

Structured Module Learning With Errors From Cyclic Algebras [article]

Charles Grover, Cong Ling
2019 IACR Cryptology ePrint Archive  
The Learning with Errors (LWE) problem is the fundamental backbone of modern lattice based cryptography, allowing one to establish cryptography on the hardness of well-studied computational problems.  ...  This ring structure compares favorably with Module LWE, and naturally allows a larger message space for error correction coding.  ...  Acknowledgment The authors would like to thank Jyrki Lahtonen, Damien Stehle and Martin Albrecht for helpful discussions.  ... 
dblp:journals/iacr/GroverL19 fatcat:p3dgsphajjed3d4tb6xumv4xry

Reduction from Module-SIS to Ring-SIS Under Norm Constraint of Ring-SIS

Zahyun Koo, Jong-Seon No, Young-Sik Kim
2020 IEEE Access  
Lattice-based cryptographic scheme is constructed based on hard problems on a lattice such as the short integer solution (SIS) problem and the learning with error (LWE).  ...  Thus, most cryptographic schemes use the variants of LWE and SIS with ring and module structures.  ...  Let K R = K ⊗ Q R and T R ∨ = K R /R ∨ , where ⊗ denotes the tensor product. Let ψ be a distribution on T R ∨ . Let be a family of distribution over K R and D a distribution over R ∨ q .  ... 
doi:10.1109/access.2020.3011146 fatcat:465lx3zb2jgktemxjllvw363hy

A Central Limit Framework for Ring-LWE Decryption [article]

Sean Murphy, Rachel Player
2019 IACR Cryptology ePrint Archive  
We apply our framework and results to a homomorphic Ring-LWE cryptosystem of Lyubashevsky, Peikert and Regev (Eurocrypt 2013, full version) in order to illustrate the benefit of this approach.  ...  The main contribution of this paper is to develop a statistical framework, based on a Central Limit argument, for analysing the noise in ciphertexts in homomorphic encryption schemes that are based on  ...  The Ring Learning with Errors or Ring-LWE problem [21, 11] is a generalisation of the LWE problem from the ring of integers to certain other number field rings that potentially give far better efficiency  ... 
dblp:journals/iacr/MurphyP19 fatcat:vrc2u6tmtncdxexelpleuk5svm

On the Hardness of Module Learning With Errors with Short Distributions [article]

Katharina Boudgoust, Corentin Jeudy, Adeline Roux-Langlois, Weiqiang Wen
2022 IACR Cryptology ePrint Archive  
The Module Learning With Errors problem (M-LWE) is a core computational assumption of lattice-based cryptography which offers an interesting trade-off between guaranteed security and concrete efficiency  ...  We also prove that the search version of M-LWE with large uniform secret and uniform η-bounded error is at least as hard as the standard M-LWE problem, if the number of samples m is close to the module  ...  We thank our anonymous referees of Asiacrypt 2020, Indocrypt 2020 and CT-RSA 2021 for their throrough proof reading and constructive feedback on the original papers.  ... 
dblp:journals/iacr/BoudgoustJRW22a fatcat:pbj4bnzb6bbjtmy24guqnp6uzu
« Previous Showing results 1 — 15 out of 308 results