Skip to main content
SpringerLink
Log in

A Secure Algorithm for Rounded Gaussian Sampling

  • Conference paper
  • First Online:
Cryptology and Network Security (CANS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12579))

Included in the following conference series:

Abstract

Presented in this paper is a new Gaussian sampler targeted at lattice-based signatures. It is the first secure algorithm for implementing the Box-Muller Gaussian sampling algorithm, which produces continuous Gaussian samples. The samples can be made discrete by rounding and this method has recently been shown to suffice for the purpose of discrete Gaussian sampling for lattice-based signatures. Rounded Gaussians allow quick transformations from samples of low standard deviation to samples with a high standard deviation. This makes them well-suited to producing the wide distributions needed for the target primitives. Current state-of-the-art methods sample wide distributions with multiple samples from a narrow distribution, joined by a convolution algorithm, for each single sample. The number of required samples per output sample grows with the width of the distribution. The rounded Gaussian method allows sampling wide distributions with complexity which is constant with increasing standard deviation. The main contribution of the work is a novel, low-memory algorithm, based on the CORDIC family of algorithms, for the fixed-point and secure evaluation of the elementary functions necessary for the Box-Muller continuous sampling method. It is the first secure, continuous sampler for the production of rounded Gaussian distributions. A proof-of-concept implementation of the algorithm is used to demonstrate that Box-Muller sampling is a competitive alternative to sampling the discrete Gaussian distribution, for lattice-based signatures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kuznetsov, A., Svatovskij, I., Kiyan, N., Pushkar’ov, A.: Code-basedpublic-key cryptosystems for the post-quantum period. In: 2017 4thInternational Scientific-Practical Conference Problems of Infocommunications. Science and Technology (PIC S&T), pp. 125–130. IEEE (2017)

    Google Scholar 

  2. Finiasz, M., Sendrier, N.: Security bounds for the design of code-based cryptosystems. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 88–105. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_6

    Chapter  Google Scholar 

  3. Mozaffari-Kermani, M., Azarderakhsh, R.: Reliable hash trees for post-quantum stateless cryptographic hash-based signatures. In: 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS), pp. 103–108. IEEE (2015)

    Google Scholar 

  4. Ding, J., Petzoldt, A.: Current state of multivariate cryptography. IEEE Secur. Priv. 15(4), 28–36 (2017)

    Article  Google Scholar 

  5. Azarderakhsh, R., et al.: Supersingular isogeny key encapsulation. Submission to the NIST Post-Quantum Standardization Project (2017)

    Google Scholar 

  6. Seo, H., Liu, Z., Longa, P., Hu, Z.: SIDH on ARM: faster modular multiplications for faster post-quantum supersingular isogeny key exchange. IACR Trans. Cryptogr. Hardw. Embed. Syst. 1–20 (2018)

    Google Scholar 

  7. Bos, J., et al.: Frodo: take off the ring! practical, quantum-secure key exchange from LWE. Cryptology ePrint Archive, Report 2016/659 (2016). https://eprint.iacr.org/2016/659

  8. Bos, J., et al.: CRYSTALS - Kyber: a CCA-secure module-lattice-based KEM. Cryptology ePrint Archive, Report 2017/634 (2017). https://eprint.iacr.org/2017/634

  9. Ducas, L., Lepoint, T., Lyubashevsky, V., Schwabe, P., Seiler, G., Stehlé, D.: CRYSTALS - Dilithium: digital signatures from module lattices. IACR Cryptology ePrint Archive, vol. 2017, p. 633 (2017)

    Google Scholar 

  10. Peikert, C.: A decade of lattice cryptography. Found. Trends® Theor. Comput. Sci. 10(4), 283–424 (2016). https://doi.org/10.1561/0400000074

    Article  MathSciNet  MATH  Google Scholar 

  11. Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, ser. STOC 2008, pp. 197–206. ACM, New York (2008). https://doi.org/10.1145/1374376.1374407

  12. Chen, J., Lim, H.W., Ling, S., Wang, H., Nguyen, K.: Revocable identity-based encryption from lattices. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 390–403. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31448-3_29

    Chapter  Google Scholar 

  13. Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: 45th Annual IEEE Symposium on Foundations of Computer Science, pp. 372–381 (October 2004)

    Google Scholar 

  14. Groot Bruinderink, L., Hülsing, A., Lange, T., Yarom, Y.: Flush, gauss, and reload – a cache attack on the BLISS lattice-based signature scheme. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 323–345. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_16

    Chapter  MATH  Google Scholar 

  15. Fouque, P.-A., et al.: Falcon: fast-Fourier lattice-based compact signatures over NTRU. Submission to the NIST’s Post-Quantum Cryptography Standardization Process (2018)

    Google Scholar 

  16. Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange - a new hope. In: IACR Cryptology ePrint Archive (2015)

    Google Scholar 

  17. Zhao, R.K., Steinfeld, R., Sakzad, A.: FACCT: fast, compact, and constant-time discrete gaussian sampler over integers. IEEE Trans. Comput. 69(1), 126–137 (2019)

    Article  MathSciNet  MATH  Google Scholar 

  18. Karmakar, A., Roy, S.S., Reparaz, O., Vercauteren, F., Verbauwhede, I.: Constant-time discrete gaussian sampling. IEEE Trans. Comput. 67(11), 1561–1571 (2018)

    Article  MathSciNet  MATH  Google Scholar 

  19. Micciancio, D., Walter, M.: Gaussian sampling over the integers: efficient, generic, constant-time. Tech. Rep. 259 (2017). https://eprint.iacr.org/2017/259

  20. Hülsing, A., Lange, T., Smeets, K.: Rounded Gaussians. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10770, pp. 728–757. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-76581-5_25

    Chapter  Google Scholar 

  21. Andrysco, M., Nötzli, A., Brown, F., Jhala, R., Stefan, D.: Towards verified, constant-time floating point operations. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS 2018, pp. 1369–1382. ACM, New York (2018). https://doi.org/10.1145/3243734.3243766

  22. Box, G.E.P., Muller, M.E.: A note on the generation of random normal deviates. Ann. Math. Stat. 29, 610–611 (1958)

    Article  MATH  Google Scholar 

  23. Walther, J.S.: A unified algorithm for elementary functions. In: Proceedings of the May 18–20, 1971, Spring Joint Computer Conference, ser. AFIPS 1971 (Spring), pp. 379–385. ACM, New York (1971). https://doi.org/10.1145/1478786.1478840

  24. Boppana, L., Dhar, A.: CORDIC architectures: a survey. VLSI Des. 2010, 03 (2010)

    MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre for Secure Information Technologies (CSIT), Queen’s University, Belfast, Northern Ireland

    Séamus Brannigan, Maire O’Neill, Ayesha Khalid & Ciara Rafferty

Authors
  1. Séamus Brannigan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maire O’Neill
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ayesha Khalid
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ciara Rafferty
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Séamus Brannigan .

Editor information

Editors and Affiliations

  1. AIT Austrian Institute of Technology GmbH, Vienna, Austria

    Stephan Krenn

  2. Fraunhofer SIT, Darmstadt, Germany

    Haya Shulman

  3. IC LASEC, EPFL, Lausanne, Switzerland

    Serge Vaudenay

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Brannigan, S., O’Neill, M., Khalid, A., Rafferty, C. (2020). A Secure Algorithm for Rounded Gaussian Sampling. In: Krenn, S., Shulman, H., Vaudenay, S. (eds) Cryptology and Network Security. CANS 2020. Lecture Notes in Computer Science(), vol 12579. Springer, Cham. https://doi.org/10.1007/978-3-030-65411-5_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-65411-5_29

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-65410-8

  • Online ISBN: 978-3-030-65411-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation