Open AccessClassical reduction of gap SVP to LWE: A concrete security analysis
Author(s) -
Palash Sarkar,
Subhadip Singha
Publication year - 2021
Publication title -
advances in mathematics of communications
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.601
H-Index - 26
eISSN - 1930-5346
pISSN - 1930-5338
DOI - 10.3934/amc.2021004
Subject(s) - reduction (mathematics) , mathematics , lattice problem , learning with errors , lattice reduction , lattice based cryptography , chatterjee , quantum , dimensionality reduction , cryptosystem , lattice (music) , cryptography , algorithm , quantum mechanics , statistics , computer science , quantum cryptography , geometry , quantum information , artificial intelligence , physics , beamforming , bengali , mimo , acoustics
Regev (2005) introduced the learning with errors (LWE) problem and showed a quantum reduction from a worst case lattice problem to LWE. Building on the work of Peikert (2009), a classical reduction from the gap shortest vector problem to LWE was obtained by Brakerski et al. (2013). A concrete security analysis of Regev's reduction by Chatterjee et al. (2016) identified a huge tightness gap. The present work performs a concrete analysis of the tightness gap in the classical reduction of Brakerski et al. It turns out that the tightness gap in the Brakerski et al. classical reduction is even larger than the tightness gap in the quantum reduction of Regev. This casts doubts on the implication of the reduction to security assurance of practical cryptosystems.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom