Generating hard instances of lattice problems (extended abstract)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
The hardness of approximate optima in lattices, codes, and systems of linear equations
Journal of Computer and System Sciences - Special issue: papers from the 32nd and 34th annual symposia on foundations of computer science, Oct. 2–4, 1991 and Nov. 3–5, 1993
A public-key cryptosystem with worst-case/average-case equivalence
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
The shortest vector problem in L2 is NP-hard for randomized reductions (extended abstract)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Approximating the SVP to within a factor (1+1/dimE) is NP-Hard under randomized reductions
Journal of Computer and System Sciences
Complexity of Lattice Problems
Complexity of Lattice Problems
The Shortest Vector in a Lattice is Hard to Approximate to within Some Constant
SIAM Journal on Computing
FOCS '02 Proceedings of the 43rd Symposium on Foundations of Computer Science
Public-Key Cryptosystems from Lattice Reduction Problems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
An Improved Worst-Case to Average-Case Connection for Lattice Problems
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Approximating-CVP to within Almost-Polynomial Factors is NP-Hard
FOCS '98 Proceedings of the 39th Annual Symposium on Foundations of Computer Science
Hardness of Approximating the Shortest Vector Problem in Lattices
FOCS '04 Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science
New lattice-based cryptographic constructions
Journal of the ACM (JACM)
On lattices, learning with errors, random linear codes, and cryptography
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Bounds on the Efficiency of Generic Cryptographic Constructions
SIAM Journal on Computing
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Lattices that admit logarithmic worst-case to average-case connection factors
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions
Computational Complexity
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Limits on the Hardness of Lattice Problems in lp Norms
Computational Complexity
SWIFFT: A Modest Proposal for FFT Hashing
Fast Software Encryption
Hash Functions from Sigma Protocols and Improvements to VSH
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Public Key Encryption Based on Ideal Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Multi-bit cryptosystems based on lattice problems
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Lattice-based identification schemes secure under active attacks
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Asymptotically efficient lattice-based digital signatures
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Toward basing fully homomorphic encryption on worst-case hardness
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Interpreting hash function security proofs
ProvSec'10 Proceedings of the 4th international conference on Provable security
Making NTRU as secure as worst-case problems over ideal lattices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
The geometry of lattice cryptography
Foundations of security analysis and design VI
Faster and smoother: VSH revisited
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Generalized compact knapsacks are collision resistant
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Lattice mixing and vanishing trapdoors: a framework for fully secure short signatures and more
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
On ideal lattices and learning with errors over rings
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Perfectly secure multiparty computation and the computational overhead of cryptography
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Bonsai trees, or how to delegate a lattice basis
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient lattice (H)IBE in the standard model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Efficient primitives from exponentiation in Zp
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Tightly-Secure signatures from lossy identification schemes
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Trapdoors for lattices: simpler, tighter, faster, smaller
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Lattice signatures without trapdoors
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
NTRUCCA: how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Strongly secure authenticated key exchange from factoring, codes, and lattices
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
An efficient lattice-based secret sharing construction
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Practical lattice-based cryptography: a signature scheme for embedded systems
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
A ciphertext policy attribute-based encryption scheme without pairings
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
A polynomial time algorithm for computing the HNF of a module over the integers of a number field
Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation
Classical hardness of learning with errors
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
On Ideal Lattices and Learning with Errors over Rings
Journal of the ACM (JACM)
| Hi-index | 0.00 |
The generalized knapsack function is defined as fa(x)=∑iai ·xi, where a=(a1,...,am) consists of m elements from some ring R, and x=(x1,...,xm) consists of m coefficients from a specified subset S⊆R. Micciancio (FOCS 2002) proposed a specific choice of the ring R and subset S for which inverting this function (for random a,x) is at least as hard as solving certain worst-case problems on cyclic lattices. We show that for a different choice of S ⊂ R, the generalized knapsack function is in fact collision-resistant, assuming it is infeasible to approximate the shortest vector in n-dimensional cyclic lattices up to factors $\tilde{O}(n)$. For slightly larger factors, we even get collision-resistance for anym≥ 2. This yields very efficient collision-resistant hash functions having key size and time complexity almost linear in the security parameter n. We also show that altering S is necessary, in the sense that Micciancio's original function is not collision-resistant (nor even universal one-way). Our results exploit an intimate connection between the linear algebra of n-dimensional cyclic lattices and the ring ℤ[α]/(αn−1), and crucially depend on the factorization of αn-1 into irreducible cyclotomic polynomials. We also establish a new bound on the discrete Gaussian distribution over general lattices, employing techniques introduced by Micciancio and Regev (FOCS 2004) and also used by Micciancio in his study of compact knapsacks.