Subquadratic-time factoring of polynomials over finite fields
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
Algorithmic number theory
Generating hard instances of lattice problems (extended abstract)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
A public-key cryptosystem with worst-case/average-case equivalence
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
SIAM Journal on Computing
Improved cryptographic hash functions with worst-case/average-case connection
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
FOCS '02 Proceedings of the 43rd Symposium on Foundations of Computer Science
Generating Hard Instances of the Short Basis Problem
ICAL '99 Proceedings of the 26th International Colloquium on Automata, Languages and Programming
Improving Lattice Based Cryptosystems Using the Hermite Normal Form
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
An Improved Worst-Case to Average-Case Connection for Lattice Problems
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Worst-Case to Average-Case Reductions Based on Gaussian Measures
FOCS '04 Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science
New lattice-based cryptographic constructions
Journal of the ACM (JACM)
On lattices, learning with errors, random linear codes, and cryptography
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Lattices that admit logarithmic worst-case to average-case connection factors
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
On Bounded Distance Decoding, Unique Shortest Vectors, and the Minimum Distance Problem
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Asymptotically efficient lattice-based digital signatures
TCC'08 Proceedings of the 5th conference on Theory of cryptography
A fully homomorphic encryption scheme
A fully homomorphic encryption scheme
Generalized compact knapsacks are collision resistant
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Adapting density attacks to low-weight knapsacks
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
On ideal lattices and learning with errors over rings
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Bonsai trees, or how to delegate a lattice basis
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Making NTRU as secure as worst-case problems over ideal lattices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Implementing Gentry's fully-homomorphic encryption scheme
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Homomorphic signatures for polynomial functions
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Benaloh's dense probabilistic encryption revisited
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
The geometry of lattice cryptography
Foundations of security analysis and design VI
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Generalized learning problems and applications to non-commutative cryptography
ProvSec'11 Proceedings of the 5th international conference on Provable security
Can homomorphic encryption be practical?
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Improving the parallel schnorr-euchner lll algorithm
ICA3PP'11 Proceedings of the 11th international conference on Algorithms and architectures for parallel processing - Volume Part I
Lattice signatures without trapdoors
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Functional encryption for threshold functions (or fuzzy IBE) from lattices
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Protecting data confidentiality in cloud systems
Proceedings of the Fourth Asia-Pacific Symposium on Internetware
Attribute-Based functional encryption on lattices
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
When homomorphism becomes a liability
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Lattice-based FHE as secure as PKE
Proceedings of the 5th conference on Innovations in theoretical computer science
Public-key searchable encryption from lattices
International Journal of High Performance Systems Architecture
| Hi-index | 0.00 |
Gentry proposed a fully homomorphic public key encryption scheme that uses ideal lattices. He based the security of his scheme on the hardness of two problems: an average-case decision problem over ideal lattices, and the sparse (or "low-weight") subset sum problem (SSSP). We provide a key generation algorithm for Gentry's scheme that generates ideal lattices according to a "nice" average-case distribution. Then, we prove a worst-case / average-case connection that bases Gentry's scheme (in part) on the quantum hardness of the shortest independent vector problem (SIVP) over ideal lattices in the worst-case. (We cannot remove the need to assume that the SSSP is hard.) Our worst-case / average-case connection is the first where the average-case lattice is an ideal lattice, which seems to be necessary to support the security of Gentry's scheme.