A public-key cryptosystem with worst-case/average-case equivalence
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
On polynomial approximation to the shortest lattice vector length
SODA '01 Proceedings of the twelfth annual ACM-SIAM symposium on Discrete algorithms
A sieve algorithm for the shortest lattice vector problem
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Relations between average case complexity and approximation complexity
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Improved cryptographic hash functions with worst-case/average-case connection
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Complexity of Lattice Problems
Complexity of Lattice Problems
Lattices and Codes: A Course Partially Based on Lectures by F. Hirzebruch
Lattices and Codes: A Course Partially Based on Lectures by F. Hirzebruch
Cryptographic Primitives Based on Hard Learning Problems
CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
New lattice based cryptographic constructions
Proceedings of the thirty-fifth annual ACM symposium on Theory of computing
Noise-tolerant learning, the parity problem, and the statistical query model
Journal of the ACM (JACM)
An Improved Worst-Case to Average-Case Connection for Lattice Problems
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
More on Average Case vs Approximation Complexity
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
FOCS '04 Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science
Worst-Case to Average-Case Reductions Based on Gaussian Measures
FOCS '04 Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science
Almost Perfect Lattices, the Covering Radius Problem, and Applications to Ajtai's Connection Factor
SIAM Journal on Computing
Representing hard lattices with O(n log n) bits
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Lattices that admit logarithmic worst-case to average-case connection factors
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
Foundations and Trends® in Theoretical Computer Science
Lossy trapdoor functions and their applications
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
On agnostic boosting and parity learning
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Limits on the Hardness of Lattice Problems in lp Norms
Computational Complexity
Separating Models of Learning with Faulty Teachers
ALT '07 Proceedings of the 18th international conference on Algorithmic Learning Theory
How to Encrypt with the LPN Problem
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Oblivious Transfer Based on the McEliece Assumptions
ICITS '08 Proceedings of the 3rd international conference on Information Theoretic Security
Noninteractive Statistical Zero-Knowledge Proofs for Lattice Problems
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A Framework for Efficient and Composable Oblivious Transfer
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A tamper-proof and lightweight authentication scheme
Pervasive and Mobile Computing
Cryptographic hardness for learning intersections of halfspaces
Journal of Computer and System Sciences
Explicit Hard Instances of the Shortest Vector Problem
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Separating models of learning with faulty teachers
Theoretical Computer Science
Simultaneous Hardcore Bits and Cryptography against Memory Attacks
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
On cryptography with auxiliary input
Proceedings of the forty-first annual ACM symposium on Theory of computing
A CCA2 Secure Public Key Encryption Scheme Based on the McEliece Assumptions in the Standard Model
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Broadcast Attacks against Lattice-Based Cryptosystems
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
On lattices, learning with errors, random linear codes, and cryptography
Journal of the ACM (JACM)
Quantum-Secure Coin-Flipping and Applications
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Public Key Encryption Based on Ideal Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Smooth Projective Hashing and Password-Based Authenticated Key Exchange from Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Memory Leakage-Resilient Encryption Based on Physically Unclonable Functions
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Multi-bit cryptosystems based on lattice problems
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Efficient cryptographic protocols based on the hardness of learning parity with noise
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
PUF-HB: a tamper-resilient HB based authentication protocol
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
An efficient electronic marketplace bidding auction protocol with bid privacy
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Lattice-based identification schemes secure under active attacks
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Public-key cryptography from different assumptions
Proceedings of the forty-second ACM symposium on Theory of computing
Faster exponential time algorithms for the shortest vector problem
SODA '10 Proceedings of the twenty-first annual ACM-SIAM symposium on Discrete Algorithms
Survey: leakage resilience and the bounded retrieval model
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Circular and leakage resilient public-key encryption under subgroup indistinguishability
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Toward basing fully homomorphic encryption on worst-case hardness
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
On strong simulation and composable point obfuscation
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Accelerating lattice reduction with FPGAs
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Generic constructions of parallel key-insulated encryption
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Improved Nguyen-Vidick heuristic sieve algorithm for shortest vector problem
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
The future of high-speed cryptography: new computing platforms and new ciphers
Proceedings of the 21st edition of the great lakes symposium on Great lakes symposium on VLSI
Black-box circular-secure encryption beyond affine functions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Efficient authentication from hard learning problems
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Semi-homomorphic encryption and multiparty computation
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Deniable encryption with negligible detection probability: an interactive construction
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Improving BDD cryptosystems in general lattices
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Algorithms for the shortest and closest lattice vector problems
IWCC'11 Proceedings of the Third international conference on Coding and cryptology
Gate elimination for linear functions and new feebly secure constructions
CSR'11 Proceedings of the 6th international conference on Computer science: theory and applications
Fully simulatable quantum-secure coin-flipping and applications
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Lattice-based completely non-malleable PKE in the standard model
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
McEliece and niederreiter cryptosystems that resist quantum fourier sampling attacks
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Generalized learning problems and applications to non-commutative cryptography
ProvSec'11 Proceedings of the 5th international conference on Provable security
Ring signature schemes from lattice basis delegation
ICICS'11 Proceedings of the 13th international conference on Information and communications security
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
(Leveled) fully homomorphic encryption without bootstrapping
Proceedings of the 3rd Innovations in Theoretical Computer Science Conference
Proceedings of the 3rd Innovations in Theoretical Computer Science Conference
Threshold decryption and zero-knowledge proofs for lattice-based cryptosystems
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Public-key encryption schemes with auxiliary inputs
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Public-key cryptographic primitives provably as secure as subset sum
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Lattice mixing and vanishing trapdoors: a framework for fully secure short signatures and more
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Public-Key encryption in the bounded-retrieval model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient lattice (H)IBE in the standard model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Construction of a non-malleable encryption scheme from any semantically secure one
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Parallel and concurrent security of the HB and HB+ protocols
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Efficient threshold encryption from lossy trapdoor functions
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Functional encryption for inner product predicates from learning with errors
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Decoding random linear codes in Õ(20.054n)
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
The leakage-resilience limit of a computational problem is equal to its unpredictability entropy
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
A general NTRU-Like framework for constructing lattice-based public-key cryptosystems
WISA'11 Proceedings of the 12th international conference on Information Security Applications
On CCA-Secure somewhat homomorphic encryption
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
The cryptographic power of random selection
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Expressive encryption systems from lattices
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
A new lattice-based public-key cryptosystem mixed with a knapsack
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Cryptography from learning parity with noise
SOFSEM'12 Proceedings of the 38th international conference on Current Trends in Theory and Practice of Computer Science
Quantum money from hidden subspaces
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Communications of the ACM
Identity-based encryption resilient to continual auxiliary leakage
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Identity-Based (lossy) trapdoor functions and applications
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Multiparty computation with low communication, computation and interaction via threshold FHE
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Decoding random binary linear codes in 2n/20: how 1 + 1 = 0 improves information set decoding
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Polly cracker, revisited, revisited
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
On homomorphic encryption and chosen-ciphertext security
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Functional encryption for threshold functions (or fuzzy IBE) from lattices
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
From selective to full security: semi-generic transformations in the standard model
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Multi-Committer threshold commitment scheme from lattice
PAISI'12 Proceedings of the 2012 Pacific Asia conference on Intelligence and Security Informatics
Inner-product lossy trapdoor functions and applications
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
An algebraic broadcast attack against NTRU
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Leakage-resilience of stateless/stateful public-key encryption from hash proofs
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Revocable identity-based encryption from lattices
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Universally composable oblivious transfer from lossy encryption and the mceliece assumptions
ICITS'12 Proceedings of the 6th international conference on Information Theoretic Security
Lattice-Based hierarchical inner product encryption
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
On the design of hardware building blocks for modern lattice-based encryption schemes
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Zero-Knowledge proofs with low amortized communication from lattice assumptions
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
New attacks for knapsack based cryptosystems
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
A ciphertext policy attribute-based encryption scheme without pairings
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
Adaptively secure efficient lattice (H)IBE in standard model with short public parameters
SPACE'12 Proceedings of the Second international conference on Security, Privacy, and Applied Cryptography Engineering
Signature schemes secure against hard-to-invert leakage
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
IND-CCA secure cryptography based on a variant of the LPN problem
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Commitments and efficient zero-knowledge proofs from learning parity with noise
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Solving BDD by enumeration: an update
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Attribute-Based functional encryption on lattices
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Anonymous lattice-based broadcast encryption
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
Revisiting lightweight authentication protocols based on hard learning problems
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
Leakage-resilient lossy trapdoor functions and public-key encryption
Proceedings of the first ACM workshop on Asia public-key cryptography
Reusable garbled circuits and succinct functional encryption
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
On the list decodability of random linear codes with large error rates
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Leakage-resilient identity-based encryption scheme
International Journal of Grid and Utility Computing
Lattice-based FHE as secure as PKE
Proceedings of the 5th conference on Innovations in theoretical computer science
Efficient Linear Homomorphic Encryption from LWE Over Rings
Wireless Personal Communications: An International Journal
Lattice-based completely non-malleable public-key encryption in the standard model
Designs, Codes and Cryptography
Public-key searchable encryption from lattices
International Journal of High Performance Systems Architecture
| Hi-index | 0.02 |
Our main result is a reduction from worst-case lattice problems such as SVP and SIVP to a certain learning problem. This learning problem is a natural extension of the 'learning from parity with error' problem to higher moduli. It can also be viewed as the problem of decoding from a random linear code. This, we believe, gives a strong indication that these problems are hard. Our reduction, however, is quantum. Hence, an efficient solution to the learning problem implies a quantum algorithm for SVP and SIVP. A main open question is whether this reduction can be made classical.Using the main result, we obtain a public-key cryptosystem whose hardness is based on the worst-case quantum hardness of SVP and SIVP. Previous lattice-based public-key cryptosystems such as the one by Ajtai and Dwork were only based on unique-SVP, a special case of SVP. The new cryptosystem is much more efficient than previous cryptosystems: the public key is of size Õ(n2) and encrypting a message increases its size by Õ(n)(in previous cryptosystems these values are Õ(n4) and Õ(n2), respectively). In fact, under the assumption that all parties share a random bit string of length Õ(n2), the size of the public key can be reduced to Õ(n).