| Journal of mathematical cryptology | |
| Estimation of the hardness of the learning with errors problem with a restricted number of samples | |
| article | |
| Nina Bindel1 Johannes Buchmann1 Florian Göpfert1 Markus Schmidt1 | |
| [1] Department of Computer Science, Technische Universität Darmstadt | |
| 关键词: Lattice-based cryptography; learning with errors problem; LWE; post-quantum cryptography; | |
| DOI : 10.1515/jmc-2017-0040 | |
| 学科分类:社会科学、人文和艺术(综合) | |
| 来源: De Gruyter | |
 PDF
|
|
【 摘 要 】
The Learning With Errors (LWE) problem is one of the most important hardness assumptions lattice-based constructions base their security on. In 2015, Albrecht, Player and Scott presented the software tool LWE-Estimator to estimate the hardness of concrete LWE instances, making the choice of parameters for lattice-based primitives easier and better comparable. To give lower bounds on the hardness, it is assumed that each algorithm has given the corresponding optimal number of samples. However, this is not the case for many cryptographic applications. In this work we first analyze the hardness of LWE instances given a restricted number of samples. For this, we describe LWE solvers from the literature and estimate their runtime considering a limited number of samples. Based on our theoretical results we extend the LWE-Estimator. Furthermore, we evaluate LWE instances proposed for cryptographic schemes and show the impact of restricting the number of available samples.
【 授权许可】
CC BY|CC BY-NC-ND
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO202107200005222ZK.pdf | 1578KB |  download |
878987797
028-85220240
