2 research outputs found
LWE λ¬Έμ κΈ°λ° κ³΅κ°ν€ μνΈ λ° commitment μ€ν΄μ ν¨μ¨μ μΈ μΈμ€ν΄μ€ν
Get PDFνμλ
Όλ¬Έ (λ°μ¬)-- μμΈλνκ΅ λνμ : μμ°κ³Όνλν μ리과νλΆ, 2018. 2. μ²μ ν¬.The Learning with Errors (LWE) problem has been used as a underlying problem of a variety of cryptographic schemes. It makes possible constructing advanced solutions like fully homomorphic encryption, multi linear map as well as basic primitives like key-exchange, public-key encryption, signature. Recently, developments in quantum computing have triggered interest in constructing practical cryptographic schemes. In this thesis, we propose efficient post-quantum public-key encryption and commitment schemes based on a variant LWE, named as spLWE. We also suggest related zero-knowledge proofs and LWE-based threshold cryptosystems as an application of the proposed schemes. In order to achieve these results, it is essential investigating the hardness about the variant LWE problem, spLWE. We describe its theoretical, and concrete hardness from a careful analysis.1.Introduction 1
2.Preliminaries 5
2.1 Notations 5
2.2 Cryptographic notions 5
2.2.1 Key Encapsulation Mechanism 5
2.2.2 Commitment Scheme 6
2.2.3 Zero-Knowledge Proofs and Sigma-Protocols 7
2.3 Lattices 9
2.4 Discrete Gaussian Distribution 11
2.5 Computational Problems 12
2.5.1 SVP 12
2.5.2 LWE and Its Variants 12
2.6 Known Attacks for LWE 13
2.6.1 The Distinguishing Attack 14
2.6.2 The Decoding Attack 15
3.LWE with Sparse Secret, spLWE 16
3.1 History 16
3.2 Theoratical Hardness 17
3.2.1 A Reduction from LWE to spLWE 18
3.3 Concrete Hardness 21
3.3.1 Dual Attack (distinguish version) 21
3.3.2 Dual Attack (search version) 23
3.3.3 Modifed Embedding Attack 25
3.3.4 Improving Lattice Attacks for spLWE 26
4.LWE-based Public-Key Encryptions 29
4.1 History 29
4.2 spLWE-based Instantiations 31
4.2.1 Our Key Encapsulation Mechanism 31
4.2.2 Our KEM-Based Encryption Scheme 33
4.2.3 Security 35
4.2.4 Correctness 36
4.3 Implementation 37
4.3.1 Parameter Selection 38
4.3.2 Implementation Result 39
5.LWE-based Commitments and Zero-Knowledge Proofs 41
5.1 History 42
5.2 spLWE-based Instantiations 43
5.2.1 Our spLWE-based Commitments 44
5.2.2 Proof for Opening Information 47
5.3 Application to LWE-based Threshold Crytosystems 50
5.3.1 Zero-Knowledge Proofs of Knowledge for Threshold Decryption 50
5.3.2 Actively Secure Threshold Cryptosystems 58
6.Conclusions 63Docto
