Classical hardness of learning with errors
Zvika Brakerski,Adeline Langlois,Chris Peikert,Oded Regev,Damien Stehlé +4 more
- pp 575-584
Reads0
Chats0
TLDR
In this article, it was shown that learning with errors is classically at least as hard as standard worst-case lattice problems and that the tradeoff between the dimension and the modulus of LWE instances leads to a much better understanding of the landscape of the problem.Abstract:
We show that the Learning with Errors (LWE) problem is classically at least as hard as standard worst-case lattice problems. Previously this was only known under quantum reductions.Our techniques capture the tradeoff between the dimension and the modulus of LWE instances, leading to a much better understanding of the landscape of the problem. The proof is inspired by techniques from several recent cryptographic constructions, most notably fully homomorphic encryption schemes.read more
Citations
More filters
Book ChapterDOI
Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based
TL;DR: In this work, a comparatively simple fully homomorphic encryption (FHE) scheme based on the learning with errors (LWE) problem is described, with a new technique for building FHE schemes called the approximate eigenvector method.
Journal ArticleDOI
On Ideal Lattices and Learning with Errors over Rings
TL;DR: The ring-LWE distribution is pseudorandom as discussed by the authors, assuming that worst-case problems on ideal lattices are hard for polynomial-time quantum algorithms, which is not the case.
Book ChapterDOI
FHEW: Bootstrapping Homomorphic Encryption in Less Than a Second
Léo Ducas,Daniele Micciancio +1 more
TL;DR: A new method to homomorphically compute simple bit operations, and refresh (bootstrap) the resulting output, which runs on a personal computer in just about half a second, and is presented on the performance of the prototype implementation.
Posted Content
On Ideal Lattices and Learning with Errors Over Rings.
TL;DR: The ring-LWE distribution is pseudorandom as discussed by the authors, assuming that worst-case problems on ideal lattices are hard for polynomial-time quantum algorithms, which is not the case.
Proceedings Article
Post-quantum key exchange: a new hope
TL;DR: New parameters and a better suited error distribution are proposed, the scheme's hardness against attacks by quantum computers is analyzed in a conservative way, a new and more efficient error-reconciliation mechanism is introduced, and a defense against backdoors and all-for-the-price-of-one attacks is proposed.
References
More filters
Proceedings ArticleDOI
Fully homomorphic encryption using ideal lattices
TL;DR: This work proposes a fully homomorphic encryption scheme that allows one to evaluate circuits over encrypted data without being able to decrypt, and describes a public key encryption scheme using ideal lattices that is almost bootstrappable.
Proceedings ArticleDOI
Leveled) fully homomorphic encryption without bootstrapping
TL;DR: A novel approach to fully homomorphic encryption (FHE) that dramatically improves performance and bases security on weaker assumptions, using some new techniques recently introduced by Brakerski and Vaikuntanathan (FOCS 2011).
Journal ArticleDOI
A Pseudorandom Generator from any One-way Function
TL;DR: It is shown how to construct a pseudorandom generator from any one-way function, and it is shown that there is a Pseudorandom Generator if and only ifthere is a one- way function.
Proceedings ArticleDOI
Trapdoors for hard lattices and new cryptographic constructions
TL;DR: In this article, the authors show how to construct a variety of "trapdoor" cryptographic tools assuming the worst-case hardness of standard lattice problems (such as approximating the length of the shortest nonzero vector to within certain polynomial factors).
Journal ArticleDOI
On lattices, learning with errors, random linear codes, and cryptography
TL;DR: A (classical) public-key cryptosystem whose security is based on the hardness of the learning problem, which is a reduction from worst-case lattice problems such as GapSVP and SIVP to a certain learning problem that is quantum.