Results 1 
7 of
7
Latticebased Cryptography
, 2008
"... In this chapter we describe some of the recent progress in latticebased cryptography. Latticebased cryptographic constructions hold a great promise for postquantum cryptography, as they enjoy very strong security proofs based on worstcase hardness, relatively efficient implementations, as well a ..."
Abstract

Cited by 66 (5 self)
 Add to MetaCart
(Show Context)
In this chapter we describe some of the recent progress in latticebased cryptography. Latticebased cryptographic constructions hold a great promise for postquantum cryptography, as they enjoy very strong security proofs based on worstcase hardness, relatively efficient implementations, as well as great simplicity. In addition, latticebased cryptography is believed to be secure against quantum computers. Our focus here
Faster Fully Homomorphic Encryption
"... Abstract. We describe two improvements to Gentry's fully homomorphic scheme based on ideal lattices and its analysis: we provide a re ned analysis of one of the hardness assumptions (the one related to the Sparse Subset Sum Problem) and we introduce a probabilistic decryption algorithm that can ..."
Abstract

Cited by 43 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We describe two improvements to Gentry's fully homomorphic scheme based on ideal lattices and its analysis: we provide a re ned analysis of one of the hardness assumptions (the one related to the Sparse Subset Sum Problem) and we introduce a probabilistic decryption algorithm that can be implemented with an algebraic circuit of low multiplicative degree. Combined together, these improvements lead to a faster fully homomorphic scheme, with a e O(λ 3) bit complexity per elementary binary add/mult gate, where λ is the security parameter. These improvements also apply to the fully homomorphic schemes of Smart and Vercauteren [PKC'2010] and van Dijk et al. [Eurocrypt'2010]. Keywords: fully homomorphic encryption, ideal lattices, SSSP. 1
Explicit hard instances of the shortest vector problem
, 2008
"... Building upon a famous result due to Ajtai, we propose a sequence of lattice bases with growing dimension, which can be expected to be hard instances of the shortest vector problem (SVP) and which can therefore be used to benchmark lattice reduction algorithms. The SVP is the basis of security for ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
(Show Context)
Building upon a famous result due to Ajtai, we propose a sequence of lattice bases with growing dimension, which can be expected to be hard instances of the shortest vector problem (SVP) and which can therefore be used to benchmark lattice reduction algorithms. The SVP is the basis of security for potentially postquantum cryptosystems. We use our sequence of lattice bases to create a challenge, which may be helpful in determining appropriate parameters for these schemes.
Practical latticebased cryptography: NTRUEncrypt . . .
"... We provide a brief history and overview of lattice based cryptography and cryptanalysis: shortest vector problems, closest vector problems, subset sum problem and knapsack systems, GGH, AjtaiDwork and NTRU. A detailed discussion of the algorithms NTRUEncrypt and NTRUSign follows. These algorithms h ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
We provide a brief history and overview of lattice based cryptography and cryptanalysis: shortest vector problems, closest vector problems, subset sum problem and knapsack systems, GGH, AjtaiDwork and NTRU. A detailed discussion of the algorithms NTRUEncrypt and NTRUSign follows. These algorithms have attractive operating speed and keysize and are based on hard problems that are seemingly intractable. We discuss the state of current knowledge about the security of both algorithms and identify areas for further research.
Finding shortest lattice vectors faster using quantum search
"... Abstract By applying a quantum search algorithm to various heuristic and provable sieve algorithms from the literature, we obtain improved asymptotic quantum results for solving the shortest vector problem on lattices. With quantum computers we can provably find a shortest vector in time 21.799n+o(n ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
Abstract By applying a quantum search algorithm to various heuristic and provable sieve algorithms from the literature, we obtain improved asymptotic quantum results for solving the shortest vector problem on lattices. With quantum computers we can provably find a shortest vector in time 21.799n+o(n), improving upon the classical time complexities of 22.465n+o(n) of Pujol and Stehle ́ and the 22n+o(n) of Micciancio and Voulgaris, while heuristically we expect to find a shortest vector in time 20.286n+o(n), improving upon the classical time complexity of 20.337n+o(n) of Laarhoven. These quantum complexities will be an important guide for the selection of parameters for postquantum cryptosystems based on the hardness of the shortest vector problem. Keywords lattices · shortest vector problem · sieving · quantum search 1
Solving the shortest vector problem in lattices faster using quantum search
 PQCRYPTO
, 2013
"... By applying Grover’s quantum search algorithm to the lattice algorithms of Micciancio and Voulgaris, Nguyen and Vidick, Wang et al., and Pujol and Stehlé, we obtain improved asymptotic quantum results for solving the shortest vector problem. With quantum computers we can provably find a shortest ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
By applying Grover’s quantum search algorithm to the lattice algorithms of Micciancio and Voulgaris, Nguyen and Vidick, Wang et al., and Pujol and Stehlé, we obtain improved asymptotic quantum results for solving the shortest vector problem. With quantum computers we can provably find a shortest vector in time 21.799n+o(n), improving upon the classical time complexity of 22.465n+o(n) of Pujol and Stehlé and the 22n+o(n) of Micciancio and Voulgaris, while heuristically we expect to find a shortest vector in time 20.312n+o(n), improving upon the classical time complexity of 20.384n+o(n) of Wang et al. These quantum complexities will be an important guide for the selection of parameters for postquantum cryptosystems based on the hardness of the shortest vector problem.
Draft Standard for PublicKey Cryptographic Techniques Based on Hard Problems over Lattices
, 2008
"... All rights reserved. This document is an unapproved draft of a proposed IEEE Standard. As such, this document is subject to change. USE AT YOUR OWN RISK! Because this is an unapproved draft, this document must not be utilized for any conformance/compliance purposes. Permission is hereby granted for ..."
Abstract
 Add to MetaCart
(Show Context)
All rights reserved. This document is an unapproved draft of a proposed IEEE Standard. As such, this document is subject to change. USE AT YOUR OWN RISK! Because this is an unapproved draft, this document must not be utilized for any conformance/compliance purposes. Permission is hereby granted for IEEE Standards Committee participants to reproduce this document for purposes of international standardization consideration. Prior to adoption of this document, in whole or in part, by another standards development