Skip to main content
SpringerLink
Log in

Rényi divergence on learning with errors

  • Research Paper
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

Many lattice-based schemes are built from the hardness of the learning with errors problem, which naturally comes in two flavors: the decision LWE and search LWE. In this paper, we investigate the decision LWE and search LWE by Rényi divergence respectively and obtain the following results: For decision LWE, we apply RD on LWE variants with different error distributions (i.e., center binomial distribution and uniform distribution, which are frequently used in the NIST PQC submissions) and prove the pseudorandomness in theory. As a by-product, we extend the so-called public sampleability property and present an adaptively public sampling property to the application of Rényi divergence on more decision problems. As for search LWE, we improve the classical reduction proof from GapSVP to LWE. Besides, as an independent interest, we also explore the intrinsic relation between the decision problem and search problem.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Regev O. On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the 37th Annual ACM Symposium on Theory of Computing, Baltimore, 2005. 84–93

  2. Lyubashevsky V, Peikert C, Regev O. On ideal lattices and learning with errors over rings. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco, 2010

  3. Langlois A, Stehlé D. Worst-case to average-case reductions for module lattices. Des Codes Cryptogr, 2015, 75: 565–599

    Article  MathSciNet  Google Scholar 

  4. Gentry C, Peikert C, Vaikuntanathan V. Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, Victoria, 2008. 197–206

  5. Lindner R, Peikert C. Better key sizes (and attacks) for LWE-based encryption. In: Proceedings of Cryptographers’ Track at the RSA Conference, San Francisco, 2011. 319–339

  6. Brakerski Z, Vaikuntanathan V. Efficient fully homomorphic encryption from (standard) LWE. In: Proceedings of the 52nd Annual Symposium on Foundations of Computer Science, Palm Springs, 2011. 97–106

  7. Gentry C, Sahai A, Water B. Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Proceedings of Annual Cryptology Conference, Santa Barbara, 2013. 75–92

  8. Alkim E, Ducas L, Pöppelmann T, et al. Post-quantum key exchange — a new hope. In: Proceedings of the 25th USENIX Security Symposium, Austin, 2016. 327–343

  9. Bos J W, Costello C, Ducas L, et al. Frodo: take off the ring! practical, quantum-secure key exchange from LWE. In: Proceedings of the Conference on Computer and Communications Security, Vienna, 2016. 1006–1018

  10. Bos J W, Ducas L, Kiltz E, et al. CRYSTALS-Kyber: a CCA-secure module-lattice-based KEM. In: Proceedings of European Symposium on Security and Privacy, London, 2018. 353–367

  11. Alkim E, Avanzi R, Bos J, et al. NewHope: alogrithm specifcations and supporting documentation. http://newhopecrypto.org/

  12. Lu X H, Liu Y M, Zhang Z F, et al. LAC: practical ring-LWE based public-key encryption with byte-level modulus. 2018. https://eprint.iacr.org/2018/1009.pdf

  13. Smart N P, Albrecht M R, Lindell Y, et al. LIMA: a PQC encryption scheme. https://lima-pq.github.io/

  14. Bansarkhani R E. KINDI: 20171130 submission. http://kindi-kem.de/

  15. Ducas L, Kiltz E, Lepoint T, et al. CRYSTALS-Dilithium: a lattice-based digital signature scheme. IACR Trans Cryptogr Hardw Embed Syst, 2018, 2018: 238–268

    Google Scholar 

  16. Bai S, Lepoint T, Roux-Langlois A, et al. Improved security proofs in Lattice-based cryptography: using the Rényi divergence rather than the statistical distance. J Cryptol, 2018, 31: 610–640

    Article  Google Scholar 

  17. Bogdanov A, Guo S Y, Masny D, et al. On the hardness of learning with rounding over small modulus. In: Proceedings of Theory of Cryptography, Israel, 2016. 209–224

  18. Peikert C. Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, Bethesda, 2009. 333–342

  19. Takashima K, Takayasu A. Tighter security for efficient lattice cryptography via the rényi divergence of optimized orders. In: Proceedings of International Conference on Provable Security, Kanazawa, 2015. 412–431

  20. Prest T. Sharper bounds in lattice-based cryptography using the rényi divergence. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Hong Kong, 2017. 347–374

  21. Ducas L, Durmus A, Lepoint T, et al. Lattice signatures and bimodal gaussians. In: Proceedings of Annual Cryptology Conference, Santa Barbara, 2013. 40–56

  22. Micciancio D, Regev O. Worst-case to average-case reductions based on gaussian measures. In: Proceedings of the 45th Symposium on Foundations of Computer Science, Rome, 2004. 372–381

  23. Micciancio D, Mol P. Pseudorandom knapsacks and the sample complexity of LWE search-to-decision reductions. In: Proceedings of Annual Cryptology Conference, Santa Barbara, 2011. 465–484

  24. Micciancio D, Peikert C. Trapdoors for lattices: simpler, tighter, faster, smaller. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, 2012. 700–718

  25. van Erven T, Harremoes P. Renyi divergence and Kullback-Leibler divergence. IEEE Trans Inform Theory, 2014, 60: 3797–3820

    Article  MathSciNet  Google Scholar 

  26. Brakerski Z, Langlois A, Peikert C, et al. Classical hardness of learning with errors. In: Proceedings of Symposium on Theory of Computing Conference, Palo Alto, 2013. 575–584

Download references

Acknowledgements

This work was supported in part by National Natural Science Foundation of China (Nos. 61772520, 61632020, 61472416, 61802392), Key Research Project of Zhejiang Province (Grant No. 2017C01062), and National Key Research and Development Program of China (Grant No. 2017yfb0802200).

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Yang Tao, Han Wang & Rui Zhang

  2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100049, China

    Yang Tao, Han Wang & Rui Zhang

Authors
  1. Yang Tao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Han Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rui Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Han Wang.

Additional information

Supporting information

Appendixes A—C. The supporting information is available online at info.scichina.com and link.springer.com. The supporting materials are published as submitted, without typesetting or editing. The responsibility for scientific accuracy and content remains entirely with the authors.

Supplementary File

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tao, Y., Wang, H. & Zhang, R. Rényi divergence on learning with errors. Sci. China Inf. Sci. 63, 192101 (2020). https://doi.org/10.1007/s11432-018-9788-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11432-018-9788-1

Keywords

Search

Navigation