Abstract
Error distribution plays a central role in the security of encryption based on the Learning with Errors (LWE) problem and its variants. In this paper, we investigate the error distribution of weak Poly-LWE instances. For this purpose, we derive a closed-form formula to compute the mapped error distribution. With this algebraic approach to evaluate the error, we examine the recently proposed attacks on Poly-LWE and Ring-LWE and reassess their parameters in order to include more instances. Notably, our method can also be applied to non-Gaussian error. We conduct experiments to investigate the shape of the mapped error distribution and confirm that in many cases it is no longer Gaussian nor uniform; our experimental results from distinguishers also validate our theoretical analysis.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Bos, J.W., Lauter, K.E., Loftus, J., Naehrig, M.: Improved security for a ring-based fully homomorphic encryption scheme. In: IMA International Conference, pp. 45–64. Springer (2013)
Brakerski, Z., Langlois, A., Peikert, C., Regev, O., Stehlé, D.: Classical hardness of learning with errors. In: Proceedings of the Forty-Fifth Annual ACM Symposium on Theory of Computing, pp. 575–584. ACM (2013)
Brakerski, Z., Vaikuntanathan, V.: Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Advances in cryptology—CRYPTO 2011, volume 6841 of Lecture Notes in Computer Science, pp. 505–524. Springer, Heidelberg (2011)
Castryck, W., Iliashenko, I., Vercauteren, F.: Provably weak instances of ring-LWE revisited. In: Advances in cryptology—EUROCRYPT 2016. Part I, volume 9665 of Lecture Notes in Computer Science, pp. 147–167. Springer, Berlin (2016)
Chen, H., Lauter, K., Stange, K.E.: Attacks on search rlwe (2015)
Chen, H., Lauter, K.E., Stange, K.E.: Vulnerable galois rlwe families and improved attacks. In: IACR Cryptology ePrint Archive, vol. 2016, p. 193 (2016)
Eisenträger, K., Hallgren, S., Lauter, K.: Weak instances of PLWE. In: Selected areas in cryptography—SAC 2014, volume 8781 of Lecture Notes in Computer Science, pp. 183–194. Springer, Cham (2014)
Elias, Y., Lauter, K.E., Ozman, E., Stange, K.E.: Provably weak instances of ring-LWE. In: Advances in cryptology—CRYPTO 2015. Part I, volume 9215 of Lecture Notes in Computer Science, pp. 63–92. Springer, Heidelberg (2015)
Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. In: IACR Cryptology ePrint Archive 2012, p. 144 (2012)
Knuth, D.E., et al.: The art of computer programming. Sorting and searching 3, 426–458 (1999)
Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Advances in cryptology—EUROCRYPT 2010, volume 6110 of Lecture Notes in Computer Science, pp. 1–23. Springer, Berlin (2010)
Peikert, C.: How (not) to instantiate ring-LWE. In: Security and Cryptography for Networks, volume 9841 of Lecture Notes in Computer Science, pp. 411–430. Springer, Cham (2016)
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC’05: Proceedings of the 37th Annual ACM Symposium on Theory of Computing, pp. 84–93. ACM, New York (2005)
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), Art. 34, 40 (2009)
Author information
Authors and Affiliations
Corresponding author
Additional information
This article is part of the Topical Collection on Special Issue: Mathematical Methods for Cryptography
Rights and permissions
About this article
Cite this article
Chen, Y., Case, B.M., Gao, S. et al. Error analysis of weak Poly-LWE instances. Cryptogr. Commun. 11, 411–426 (2019). https://doi.org/10.1007/s12095-018-0301-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12095-018-0301-x