Efficient noise-tolerant learning from statistical queries
STOC '93 Proceedings of the twenty-fifth annual ACM symposium on Theory of computing
A new identification scheme based on syndrome decoding
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Cryptographic primitives based on hard learning problems
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Noise-tolerant learning, the parity problem, and the statistical query model
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Encryption-Scheme Security in the Presence of Key-Dependent Messages
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Improved Cryptanalysis of Rijndael
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
More on Average Case vs Approximation Complexity
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
On lattices, learning with errors, random linear codes, and cryptography
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Security under key-dependent inputs
Proceedings of the 14th ACM conference on Computer and communications security
Intrusion-Resilient Secret Sharing
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
Lossy trapdoor functions and their applications
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
The bit extraction problem or t-resilient functions
SFCS '85 Proceedings of the 26th Annual Symposium on Foundations of Computer Science
SWIFFT: A Modest Proposal for FFT Hashing
Fast Software Encryption
A Unified Approach to Related-Key Attacks
Fast Software Encryption
How to Encrypt with the LPN Problem
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Circular-Secure Encryption from Decision Diffie-Hellman
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A Framework for Efficient and Composable Oblivious Transfer
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Leakage-Resilient Cryptography
FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Simultaneous Hardcore Bits and Cryptography against Memory Attacks
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
Non-malleable extractors and symmetric key cryptography from weak secrets
Proceedings of the forty-first annual ACM symposium on Theory of computing
On cryptography with auxiliary input
Proceedings of the forty-first annual ACM symposium on Theory of computing
Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Signature Schemes with Bounded Leakage Resilience
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
An efficient pseudo-random generator provably as secure as syndrome decoding
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Intrusion-resilient key exchange in the bounded retrieval model
TCC'07 Proceedings of the 4th conference on Theory of cryptography
A theoretical treatment of related-key attacks: RKA-PRPS, RKA-PRFs, and applications
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Related-key differential-linear attacks on reduced AES-192
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Towards key-dependent message security in the standard model
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Lattice-based identification schemes secure under active attacks
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Circular and leakage resilient public-key encryption under subgroup indistinguishability
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Pseudorandom functions and permutations provably secure against related-key attacks
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Efficient authentication from hard learning problems
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
New cryptanalytic results on IDEA
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Public-key encryption schemes with auxiliary inputs
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Cryptographic agility and its relation to circular encryption
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Bounded key-dependent message security
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Bonsai trees, or how to delegate a lattice basis
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient lattice (H)IBE in the standard model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Parallel and concurrent security of the HB and HB+ protocols
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Intrusion-Resilience via the bounded-storage model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Solving the learning parity with noise's open question
Information Processing Letters
Hi-index | 0.00 |
The (decisional) learning with errors problem (LWE) asks to distinguish "noisy" inner products of a secret vector with random vectors from uniform. The learning parities with noise problem (LPN) is the special case where the elements of the vectors are bits. In recent years, the LWE and LPN problems have found many applications in cryptography. In this paper we introduce a (seemingly) much stronger adaptive assumption, called "subspace LWE" (SLWE), where the adversary can learn the inner product of the secret and random vectors after they were projected into an adaptively and adversarially chosen subspace. We prove that, surprisingly, the SLWE problem mapping into subspaces of dimension d is almost as hard as LWE using secrets of length d (the other direction is trivial.) This result immediately implies that several existing cryptosystems whose security is based on the hardness of the LWE/LPN problems are provably secure in a much stronger sense than anticipated. As an illustrative example we show that the standard way of using LPN for symmetric CPA secure encryption is even secure against a very powerful class of related key attacks.