How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A hierarchy of polynomial time lattice basis reduction algorithms
Theoretical Computer Science
Generating hard instances of lattice problems (extended abstract)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
A public-key cryptosystem with worst-case/average-case equivalence
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
A sieve algorithm for the shortest lattice vector problem
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Structured matrices and polynomials: unified superfast algorithms
Structured matrices and polynomials: unified superfast algorithms
Quantum computation and quantum information
Quantum computation and quantum information
Complexity of Lattice Problems
Complexity of Lattice Problems
Generating Hard Instances of the Short Basis Problem
ICAL '99 Proceedings of the 26th International Colloquium on Automata, Languages and Programming
Public-Key Cryptosystems from Lattice Reduction Problems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
NTRU: A Ring-Based Public Key Cryptosystem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
On lattices, learning with errors, random linear codes, and cryptography
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Worst-Case to Average-Case Reductions Based on Gaussian Measures
SIAM Journal on Computing
Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions
Computational Complexity
Lossy trapdoor functions and their applications
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Limits on the Hardness of Lattice Problems in lp Norms
Computational Complexity
A Framework for Efficient and Composable Oblivious Transfer
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Chosen-Ciphertext Security via Correlated Products
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
Towards practical lattice-based cryptography
Towards practical lattice-based cryptography
On lattices, learning with errors, random linear codes, and cryptography
Journal of the ACM (JACM)
On Bounded Distance Decoding, Unique Shortest Vectors, and the Minimum Distance Problem
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Lattice-based identification schemes secure under active attacks
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Asymptotically efficient lattice-based digital signatures
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Generalized compact knapsacks are collision resistant
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
An efficient and parallel Gaussian sampler for lattices
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Accelerating lattice reduction with FPGAs
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Adaptively secure identity-based identification from lattices without random oracles
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Making NTRU as secure as worst-case problems over ideal lattices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Homomorphic signatures for polynomial functions
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
The geometry of lattice cryptography
Foundations of security analysis and design VI
Pseudorandom knapsacks and the sample complexity of LWE search-to-decision reductions
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
On ideal lattices and learning with errors over rings
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Bonsai trees, or how to delegate a lattice basis
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient lattice (H)IBE in the standard model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Parallel shortest lattice vector enumeration on graphics cards
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Tightly-Secure signatures from lossy identification schemes
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Trapdoors for lattices: simpler, tighter, faster, smaller
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
NTRUCCA: how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Strongly secure authenticated key exchange from factoring, codes, and lattices
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Practical lattice-based cryptography: a signature scheme for embedded systems
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
A ciphertext policy attribute-based encryption scheme without pairings
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
A polynomial time algorithm for computing the HNF of a module over the integers of a number field
Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
On Ideal Lattices and Learning with Errors over Rings
Journal of the ACM (JACM)
Hi-index | 0.00 |
We describe public key encryption schemes with security provably based on the worst case hardness of the approximate Shortest Vector Problem in some structured lattices, called ideal lattices. Under the assumption that the latter is exponentially hard to solve even with a quantum computer, we achieve CPA-security against subexponential attacks, with (quasi-)optimal asymptotic performance: if n is the security parameter, both keys are of bit-length ${\widetilde{O}}(n)$ and the amortized costs of both encryption and decryption are ${\widetilde{O}}(1)$ per message bit. Our construction adapts the trapdoor one-way function of Gentry et al. (STOC'08), based on the Learning With Errors problem, to structured lattices. Our main technical tools are an adaptation of Ajtai's trapdoor key generation algorithm (ICALP'99) and a re-interpretation of Regev's quantum reduction between the Bounded Distance Decoding problem and sampling short lattice vectors.