Abstract
In recent years, some fully homomorphic encryption schemes and cryptographic multilinear maps have been constructed by using short generators and ideal lattices arising from \(2^k\)th cyclotomic fields. Moreover, these systems are expected to have resistance to the attacks by quantum computers. The security of some of such cryptosystems depends on the principal ideal problem (PIP) and the recovering short generator problem (RSGP). Biasse and Song showed a quantum algorithm solving PIP on arbitrary number fields in polynomial time under GRH. On the other hand, Campbell et al. explain an algorithm solving RSGP on \(2^k\)th cyclotomic fields. Their algorithm is analyzed independently by Cramer, Ducas, Peikert and Regev/Okumura, Sugiyama, Yasuda and Takagi. Their analyses suggest that RSGP on \(2^k\)th cyclotomic fields is solved easily for practical parameters, and that cryptosystems of which the security is based on PIP and RSGP may not be post-quantum cryptosystems. Important tools in their analyses are upper and lower bounds of special values of Dirichlet L-functions at 1. In this paper, we give a survey on their analyses and explain some cryptographic and number theoretic open problems on RSGP.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
L. Babai, On Lovász’ lattice reduction and the nearest lattice point problem. Combinatorica 6(1), 1–13 (1986) (Preliminary version in STACS 1985)
D. Bernstein, A subfield-logarithm attack against ideal lattices (2014), http://blog.cr.yp.to/20140213-ideal.html
J.-F. Biasse, F. Song, Efficient quantum algorithms for computing class groups and solving the principal ideal problem in arbitrary degree number fields, in Proceedings of the Twenty-Seventh Annual ACM-SIAM Symposium on Discrete Algorithms, SODA ’16 (2016), pp. 893–902
D. Boneh, A. Silverberg, Applications of multilinear forms to cryptography, in Contemporary Mathematics, vol. 324 (American Mathematical Society, Providence, 2003), pp. 71–90
W. Bosma, J. Cannon, C. Playoust, The Magma algebra system. I. The user language. J. Symb. Comput. 24(3–4), 235–265 (1997)
P. Campbell, M. Groves, D. Shepherd, Soliloquy: a cautionary tale, in ETSI 2nd Quantum-Safe Crypto Workshop (2014)
J.W. Cooley, J.W. Tukey, An algorithm for the machine calculation of complex Fourier series. Math. Comput. 19, 297–301 (1965)
R. Cramer, L. Ducas, C. Peikert, O. Regev, Recovering short generators of principal ideals in cyclotomic rings, in EUROCRYPT 2016. LNCS, vol. 9666 (Springer, Berlin, 2016), pp. 559–585
S.S. Eddin, D.J. Platt, Explicit upper bounds for \(|L(1, \chi )|\) when \(\chi (3)=0\). Colloq. Math. 133(1), 23–34 (2013)
T. Espitau, P.-A. Fouque, A. Gélin, P. Kirchner, Computing generator in cyclotomic integer rings, in IACR Cryptology ePrint Archive, 2016/957 (2016)
S. Garg, C. Gentry, S. Halevi, Candidate multilinear maps from ideal lattices, in EUROCRYPT 2013. LNCS, vol. 7881 (Springer, Berlin, 2013), pp. 1–17
C. Gentry, Fully homomorphic encryption using ideal lattices, in Proceedings STOC 2009 (ACM, 2009), pp. 169–178
J. Hoffstein, J. Pipher, J.H. Silverman, NTRU: a ring-based public key cryptosystem, in Proceedings of ANTS-III. Lecture Notes in Computer Science, vol. 1423 (1998), pp. 267–288
E. Landau, Über Dirichletsche Reihen mit komplexen Charakteren. Journal für die reine und angewandte Mathematik 157, 26–32 (1927)
A. Langlois, D. Stehlé, R. Steinfeld, GGHLite: more efficient multilinear maps from ideal lattices, in EUROCRYPT 2014. LNCS, vol. 8441 (Springer, Berlin, 2014), pp. 239–256
S. Louboutin, Majorations explicites de \(|L(1, \chi )|\) (quatrième partie). C. R. Acad. Sci. Paris 334, 625–628 (2002)
S. Louboutin, An explicit lower bound on moduli of Dirichlet \(L\)-functions at \(s=1\). J. Ramanujan Math. Soc. 30(1), 101–113 (2015)
V. Lyubashevsky, C. Peikert, O. Regev, On ideal lattices and learning with errors over rings. J. ACM 60(3), 43 (2013)
V. Lyubashevsky, C. Peikert, O. Regev, A toolkit for ring-LWE cryptography, in IACR Cryptology ePrint Archive, 2013/293 (2013)
J. Neukirch, in Algebraic Number Theory. Grundlehren der mathematischen Wissenschaften, vol. 322 (Springer, Berlin, 1999)
S. Okumura, S. Sugiyama, M. Yasuda, T. Takagi, Security analysis of cryptosystems using short generators over ideal lattices, in IACR Cryptology ePrint Archive, 2015/1004 (2015)
S. Okumura, M. Yasuda, T. Takagi, An improvement on the recovering short generator attack over ideal lattices and its countermeasure, Preprint (2016)
O. Ramaré, Approximate formulae for \(L(1, \chi )\). Acta Arith. 100, 245–266 (2001)
O. Regev, On lattices, learning with errors, random linear codes, and cryptography, in Proceedings of the Thirty-seventh Annual ACM Symposium on Theory of Computing, STOC ’05 (2005), pp. 84–93
N.P. Smart, F. Vercauteren, Fully homomorphic encryption with relatively small key and ciphertext sizes, in Public Key Cryptography-PKC 2010. LNCS, vol. 6056 (Springer, Berlin, 2010), pp. 420–443
S. Sugiyama, On analysis of recovering short generator problems via upper and lower bounds of Dirichlet \(L\)-functions: part 1 (in this proceeding)
L. Washington, Introduction to Cyclotomic Fields, 2nd edn. Graduate Texts in Mathematics, vol. 83 (Springer, New York, 1997)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Okumura, S. (2018). On Analysis of Recovering Short Generator Problems via Upper and Lower Bounds of Dirichlet L-functions: Part 2. In: Takagi, T., Wakayama, M., Tanaka, K., Kunihiro, N., Kimoto, K., Duong, D. (eds) Mathematical Modelling for Next-Generation Cryptography. Mathematics for Industry, vol 29. Springer, Singapore. https://doi.org/10.1007/978-981-10-5065-7_15
Download citation
DOI: https://doi.org/10.1007/978-981-10-5065-7_15
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5064-0
Online ISBN: 978-981-10-5065-7
eBook Packages: EngineeringEngineering (R0)