Abstract
Many lattice-based schemes are built from the hardness of the learning with errors problem, which naturally comes in two flavors: the decision LWE and search LWE. In this paper, we investigate the decision LWE and search LWE by Rényi divergence respectively and obtain the following results: For decision LWE, we apply RD on LWE variants with different error distributions (i.e., center binomial distribution and uniform distribution, which are frequently used in the NIST PQC submissions) and prove the pseudorandomness in theory. As a by-product, we extend the so-called public sampleability property and present an adaptively public sampling property to the application of Rényi divergence on more decision problems. As for search LWE, we improve the classical reduction proof from GapSVP to LWE. Besides, as an independent interest, we also explore the intrinsic relation between the decision problem and search problem.
Similar content being viewed by others
References
Regev O. On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the 37th Annual ACM Symposium on Theory of Computing, Baltimore, 2005. 84–93
Lyubashevsky V, Peikert C, Regev O. On ideal lattices and learning with errors over rings. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco, 2010
Langlois A, Stehlé D. Worst-case to average-case reductions for module lattices. Des Codes Cryptogr, 2015, 75: 565–599
Gentry C, Peikert C, Vaikuntanathan V. Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, Victoria, 2008. 197–206
Lindner R, Peikert C. Better key sizes (and attacks) for LWE-based encryption. In: Proceedings of Cryptographers’ Track at the RSA Conference, San Francisco, 2011. 319–339
Brakerski Z, Vaikuntanathan V. Efficient fully homomorphic encryption from (standard) LWE. In: Proceedings of the 52nd Annual Symposium on Foundations of Computer Science, Palm Springs, 2011. 97–106
Gentry C, Sahai A, Water B. Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Proceedings of Annual Cryptology Conference, Santa Barbara, 2013. 75–92
Alkim E, Ducas L, Pöppelmann T, et al. Post-quantum key exchange — a new hope. In: Proceedings of the 25th USENIX Security Symposium, Austin, 2016. 327–343
Bos J W, Costello C, Ducas L, et al. Frodo: take off the ring! practical, quantum-secure key exchange from LWE. In: Proceedings of the Conference on Computer and Communications Security, Vienna, 2016. 1006–1018
Bos J W, Ducas L, Kiltz E, et al. CRYSTALS-Kyber: a CCA-secure module-lattice-based KEM. In: Proceedings of European Symposium on Security and Privacy, London, 2018. 353–367
Alkim E, Avanzi R, Bos J, et al. NewHope: alogrithm specifcations and supporting documentation. http://newhopecrypto.org/
Lu X H, Liu Y M, Zhang Z F, et al. LAC: practical ring-LWE based public-key encryption with byte-level modulus. 2018. https://eprint.iacr.org/2018/1009.pdf
Smart N P, Albrecht M R, Lindell Y, et al. LIMA: a PQC encryption scheme. https://lima-pq.github.io/
Bansarkhani R E. KINDI: 20171130 submission. http://kindi-kem.de/
Ducas L, Kiltz E, Lepoint T, et al. CRYSTALS-Dilithium: a lattice-based digital signature scheme. IACR Trans Cryptogr Hardw Embed Syst, 2018, 2018: 238–268
Bai S, Lepoint T, Roux-Langlois A, et al. Improved security proofs in Lattice-based cryptography: using the Rényi divergence rather than the statistical distance. J Cryptol, 2018, 31: 610–640
Bogdanov A, Guo S Y, Masny D, et al. On the hardness of learning with rounding over small modulus. In: Proceedings of Theory of Cryptography, Israel, 2016. 209–224
Peikert C. Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, Bethesda, 2009. 333–342
Takashima K, Takayasu A. Tighter security for efficient lattice cryptography via the rényi divergence of optimized orders. In: Proceedings of International Conference on Provable Security, Kanazawa, 2015. 412–431
Prest T. Sharper bounds in lattice-based cryptography using the rényi divergence. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Hong Kong, 2017. 347–374
Ducas L, Durmus A, Lepoint T, et al. Lattice signatures and bimodal gaussians. In: Proceedings of Annual Cryptology Conference, Santa Barbara, 2013. 40–56
Micciancio D, Regev O. Worst-case to average-case reductions based on gaussian measures. In: Proceedings of the 45th Symposium on Foundations of Computer Science, Rome, 2004. 372–381
Micciancio D, Mol P. Pseudorandom knapsacks and the sample complexity of LWE search-to-decision reductions. In: Proceedings of Annual Cryptology Conference, Santa Barbara, 2011. 465–484
Micciancio D, Peikert C. Trapdoors for lattices: simpler, tighter, faster, smaller. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, 2012. 700–718
van Erven T, Harremoes P. Renyi divergence and Kullback-Leibler divergence. IEEE Trans Inform Theory, 2014, 60: 3797–3820
Brakerski Z, Langlois A, Peikert C, et al. Classical hardness of learning with errors. In: Proceedings of Symposium on Theory of Computing Conference, Palo Alto, 2013. 575–584
Acknowledgements
This work was supported in part by National Natural Science Foundation of China (Nos. 61772520, 61632020, 61472416, 61802392), Key Research Project of Zhejiang Province (Grant No. 2017C01062), and National Key Research and Development Program of China (Grant No. 2017yfb0802200).
Author information
Authors and Affiliations
Corresponding author
Additional information
Supporting information
Appendixes A—C. The supporting information is available online at info.scichina.com and link.springer.com. The supporting materials are published as submitted, without typesetting or editing. The responsibility for scientific accuracy and content remains entirely with the authors.
Supplementary File
Rights and permissions
About this article
Cite this article
Tao, Y., Wang, H. & Zhang, R. Rényi divergence on learning with errors. Sci. China Inf. Sci. 63, 192101 (2020). https://doi.org/10.1007/s11432-018-9788-1
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11432-018-9788-1