10,467 Hits in 4.8 sec

Analytical study of implementation issues of NTRU

Praveen Gauravaram Tata, Harika Narumanchi, Nitesh Emmadi
2014 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI)  
Lenstra-Lenstra-Lovàsz (LLL) lattice basis reduction algorithm [12] produces a relatively shortest vector in polynomial time but does not solve SVP.  ...  Approximating lattice problems to run within polynomial time is very hard. Time complexity of best known algorithm for solving lattice problems is 2 n [10] .  ... 
doi:10.1109/icacci.2014.6968468 dblp:conf/icacci/TataNE14 fatcat:lwugnbxpxrg7bkxl5wyevdmg6m

Lattice-based Key Sharing Schemes - A Survey [article]

Prasanna Ravi, James Howe, Anupam Chattopadhyay, Shivam Bhasin
2020 IACR Cryptology ePrint Archive  
note that our work is focussed on the results available from the second round of the NIST's standardization process while the standardization process has progressed to the third and final round at the time  ...  Lattice-based cryptography offers a very attractive alternative to traditional public-key cryptography mainly due to the variety of lattice-based schemes offering varying flavors of security and efficiency  ...  Barrett reduction is used to perform one-time reductions of numbers which can typically fit in one word (not too large) eg. output of addition.  ... 
dblp:journals/iacr/RaviHCB20 fatcat:gwfp7xfzbbgxnldzbngfc4ru7q

Adaptive Precision Floating Point LLL [chapter]

Thomas Plantard, Willy Susilo, Zhenfei Zhang
2013 Lecture Notes in Computer Science  
The LLL algorithm is one of the most studied lattice basis reduction algorithms in the literature.  ...  The LLL algorithm is one of the most studied lattice basis reduction algorithms in the literature.  ...  The LLL algorithm, named after its inventors, Lenstra, Lenstra and Lovász [11] , is a polynomial time lattice reduction algorithm.  ... 
doi:10.1007/978-3-642-39059-3_8 fatcat:s27mn24dgbhhxkx6ogdakksiwe

Privacy-Preserving Equality Test Towards Big Data [chapter]

Tushar Kanti Saha, Takeshi Koshiba
2018 Lecture Notes in Computer Science  
Also, our practical experiments show that our protocol works more than 8 times faster than Saha et al.'s protocol [13] .  ...  Also, we have been able to show that our protocol works more than 8 ∼ 20 times faster than the protocol of Saha et al.'s protocol.  ... 
doi:10.1007/978-3-319-75650-9_7 fatcat:7bnfcyugcnds3n2hoi55v6xegm

On Bounded Distance Decoding for General Lattices [chapter]

Yi-Kai Liu, Vadim Lyubashevsky, Daniele Micciancio
2006 Lecture Notes in Computer Science  
We show how a recent technique of Aharonov and Regev [2] can be used to solve -BDD with pre-processing in polynomial time for = O p (log n)=n .  ...  Since in coding theory the lattice is usually xed, we may \pre-process" it before receiving any targets, to make the subsequent decoding faster. This leads us to consider -BDD with pre-processing.  ...  The time that the algorithm expends in obtaining A does not count towards its running time. Then, it is given a vector x.  ... 
doi:10.1007/11830924_41 fatcat:t2elribd3fhhzgidxpo652y25m

Faster AVX2 optimized NTT multiplication for Ring-LWE lattice cryptography [article]

Gregor Seiler
2018 IACR Cryptology ePrint Archive  
Constant-time polynomial multiplication is one of the most time-consuming operations in many lattice-based cryptographic constructions.  ...  We show that by using a modification of the Montgomery reduction algorithm that enables a fast approach with integer instructions, we can improve on the polynomial multiplication speeds of NewHope and  ...  Moreover, if one only needs the low or high product as is the case in our Montgomery reduction algorithm, then these instructions are 4 times faster then vpmulld.  ... 
dblp:journals/iacr/Seiler18 fatcat:dhnpcdr5i5h3pexe4uarttpjim

Towards Efficient Arithmetic for Lattice-Based Cryptography on Reconfigurable Hardware [chapter]

Thomas Pöppelmann, Tim Güneysu
2012 Lecture Notes in Computer Science  
In practice, ideal lattices defined in the polynomial ring Zp[x]/ x n + 1 allow the reduction of the generally very large key sizes of lattice constructions.  ...  Another advantage of ideal lattices is that polynomial multiplication is a basic operation that has, in theory, only quasi-linear time complexity of O(n log n) in Zp[x]/ x n + 1 .  ...  reduction between several lattice problems.  ... 
doi:10.1007/978-3-642-33481-8_8 fatcat:53fo5qtatbe4nifvlaku7nxlvm

Formalizing the LLL Basis Reduction Algorithm and the LLL Factorization Algorithm in Isabelle/HOL

René Thiemann, Ralph Bottesch, Jose Divasón, Max W. Haslbeck, Sebastiaan J. C. Joosten, Akihisa Yamada
2020 Journal of automated reasoning  
The LLL basis reduction algorithm was the first polynomial-time algorithm to compute a reduced basis of a given lattice, and hence also a short vector in the lattice.  ...  Both its soundness and its polynomial running-time have been verified using Isabelle/HOL.  ...  The work is based on our previous formalization of the Berlekamp-Zassenhaus factorization algorithm, where the exponential reconstruction phase is replaced by the polynomial-time lattice-reduction algorithm  ... 
doi:10.1007/s10817-020-09552-1 pmid:32831440 pmcid:PMC7413592 fatcat:fhfgozhs5zhvzg7zfooxpdiina

Efficient Software Implementation of Ring-LWE Encryption on IoT Processors

Zhe Liu, Reza Azarderakhsh, Howon Kim, Hwajeong Seo
2017 IEEE transactions on computers  
These results are at least 7 times faster than the fastest ECC implementation on desired platforms with same security level.  ...  of SAMS2 technique for fast reduction.  ...  For comparison, our implementation of ring-LWE is roughly 8 times faster for encryption and 17.6 for decryption.  ... 
doi:10.1109/tc.2017.2750146 fatcat:i27eye5lprcolcnnlyim5n5thm

Improving the partial-global stochastic metropolis update for dynamical smeared link fermions

A. Hasenfratz, A. Alexandru
2003 Nuclear Physics B - Proceedings Supplements  
We present autocorrelation time measurements and argue that this update is feasible even on reasonably large lattices.  ...  On these 10 fm 4 lattices it is actually faster to create HYP smeared configurations with PGSM than thin link ones with a small step size algorithm.  ...  The PGSM algorithm scales with the square of the lattice volume. To repeat the above measurements on 100 fm 4 lattices would increase the computer time by 100.  ... 
doi:10.1016/s0920-5632(03)01741-9 fatcat:xgmx3iusxbgmxnq3o4jcsr75xe

Guest Editors' Introduction to the Special Issue on Cryptographic Engineering in a Post-Quantum World: State of the Art Advances

Zhe Liu, Patrick Longa, Cetin Kaya Koc
2018 IEEE transactions on computers  
However, these hard problems can be solved in polynomial time by using Shor's algorithm (or one of its variants) on a quantum computer.  ...  Recent progress towards the development of a largescale, fault-tolerant quantum computer has motivated the interest for post-quantum cryptography (a.k.a. quantum-safe or quantum-resistant cryptography)  ...  First, the authors optimize the BRAM access, use a fast Barrett like polynomial reduction method, optimize the cost of CRT, and design a fast divide-and-round unit.  ... 
doi:10.1109/tc.2018.2869611 fatcat:aw4i4jifm5ftrgmwn5bgonucje

ETRU: NTRU over the Eisenstein integers

Katherine Jarvis, Monica Nevins
2013 Designs, Codes and Cryptography  
NTRU keys are truncated polynomials with integer coefficients.  ...  In comparison with RSA and ECC, NTRU is faster and has significantly smaller keys.  ...  It follows that the convolution of Eisenstein polynomials is faster than for integer polynomials of twice the degree.  ... 
doi:10.1007/s10623-013-9850-3 fatcat:qxdwhb7te5a3bat2e7phhzehg4

High-Speed NTT-based Polynomial Multiplication Accelerator for CRYSTALS-Kyber Post-Quantum Cryptography [article]

Mojtaba Bisheh-Niasar, Reza Azarderakhsh, Mehran Mozaffari Kermani
2021 IACR Cryptology ePrint Archive  
In this paper, an efficient NTT architecture is presented to improve the respective computation time.  ...  This paper demonstrates an architecture for accelerating the polynomial multiplication using number theoretic transform (NTT).  ...  Thus, our hardware implementation of Kyber is around 1,000 times faster and 180 times more efficient than their hardware/software implementation.  ... 
dblp:journals/iacr/NiasarAK21 fatcat:n247ypl2xzekdchowlsyub7trm

Discrete Gaussian Sampling Reduces to CVP and SVP [article]

Noah Stephens-Davidowitz
2016 arXiv   pre-print
In particular, polynomial-time algorithms for DGS with very high parameters s have found many uses in cryptography and in reductions between lattice problems.  ...  Our first result is a polynomial-time dimension-preserving reduction from DGS to CVP. There is a simple reduction from CVP to DGS, so this shows that DGS is equivalent to CVP.  ...  First, we note that the reduction runs in expected polynomial time.  ... 
arXiv:1506.07490v4 fatcat:kpxdpcpsfzdcjpedbtehgczrse

Quantum-safe HIBE: does it cost a Latte? [article]

Raymond K. Zhao, Sarah McCarthy, Ron Steinfeld, Amin Sakzad, Máire O'Neill
2021 IACR Cryptology ePrint Archive  
In addition to providing quantum-safe traditional PKI, lattices support advanced primitives such as identity-based encryption (IBE).  ...  To date, several HIBE schemes over lattices have been proposed but there has been little in the way of practical evaluation.  ...  These are all concerned with finding short vectors in the lattice which can be attempted to be solved by lattice reduction algorithms such as LLL [25] and BKZ [9, 35] .  ... 
dblp:journals/iacr/ZhaoMSSO21 fatcat:bd4hrwi43nem7au5lfmokses4i
« Previous Showing results 1 — 15 out of 10,467 results