التفاصيل البيبلوغرافية
| العنوان: |
The Ring-LWE Problem in Lattice-Based Cryptography: The Case of Twisted Embeddings. |
| المؤلفون: |
Ortiz, Jheyne N., de Araujo, Robson R., Aranha, Diego F., Costa, Sueli I. R., Dahab, Ricardo |
| المصدر: |
Entropy; Sep2021, Vol. 23 Issue 9, p1108-1108, 1p |
| مصطلحات موضوعية: |
CYCLOTOMIC fields, GAUSSIAN distribution, STANDARD deviations, CRYPTOGRAPHY, HARDNESS |
| مستخلص: |
Several works have characterized weak instances of the Ring-LWE problem by exploring vulnerabilities arising from the use of algebraic structures. Although these weak instances are not addressed by worst-case hardness theorems, enabling other ring instantiations enlarges the scope of possible applications and favors the diversification of security assumptions. In this work, we extend the Ring-LWE problem in lattice-based cryptography to include algebraic lattices, realized through twisted embeddings. We define the class of problems Twisted Ring-LWE, which replaces the canonical embedding by an extended form. By doing so, we allow the Ring-LWE problem to be used over maximal real subfields of cyclotomic number fields. We prove that Twisted Ring-LWE is secure by providing a security reduction from Ring-LWE to Twisted Ring-LWE in both search and decision forms. It is also shown that the twist factor does not affect the asymptotic approximation factors in the worst-case to average-case reductions. Thus, Twisted Ring-LWE maintains the consolidated hardness guarantee of Ring-LWE and increases the existing scope of algebraic lattices that can be considered for cryptographic applications. Additionally, we expand on the results of Ducas and Durmus (Public-Key Cryptography, 2012) on spherical Gaussian distributions to the proposed class of lattices under certain restrictions. As a result, sampling from a spherical Gaussian distribution can be done directly in the respective number field while maintaining its format and standard deviation when seen in Z n via twisted embeddings. [ABSTRACT FROM AUTHOR] |
|
Copyright of Entropy is the property of MDPI and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) |
| قاعدة البيانات: |
Complementary Index |
Full Text Finder