300 research outputs found
Implementing a Toolkit for Ring-LWE Based Cryptography in Arbitrary Cyclotomic Number Fields
Recent research in the field of lattice-based cryptography, especially on the topic of the ring-based primitive ring-LWE, provided efficient and practical ring-based cryptographic schemes, which can compete with more traditional number-theoretic ones. In the case of ring-LWE these cryptographic schemes operated mainly in power-of-two cyclotomics, which vastly restricted the variety of possible applications. Due to the toolkit for ring-LWE of Lyubashevsky, Peikert and Regev, there are now cryptographic schemes that operate in arbitrary cyclotomics, with no loss in their underlying hardness guarantees, and only little loss computational efficiency.
Next to some further refinements and explanations of the theory and additional implementation notes, we provide the - as far as we know - first implementation of the toolkit of Lyubashevsky, Peikert and Regev. This includes a complete framework with fast and modular algorithms that can be used to build cryptographic schemes around ring-LWE. Our framework is easy to use, open source and has only little third party dependencies. For demonstration purposes we implemented two public-key cryptographic schemes using our framework. The complete source code is available at https://github.com/CMMayer/Toolkit-for-Ring-LWE.git
Learning with Errors is easy with quantum samples
Learning with Errors is one of the fundamental problems in computational
learning theory and has in the last years become the cornerstone of
post-quantum cryptography. In this work, we study the quantum sample complexity
of Learning with Errors and show that there exists an efficient quantum
learning algorithm (with polynomial sample and time complexity) for the
Learning with Errors problem where the error distribution is the one used in
cryptography. While our quantum learning algorithm does not break the LWE-based
encryption schemes proposed in the cryptography literature, it does have some
interesting implications for cryptography: first, when building an LWE-based
scheme, one needs to be careful about the access to the public-key generation
algorithm that is given to the adversary; second, our algorithm shows a
possible way for attacking LWE-based encryption by using classical samples to
approximate the quantum sample state, since then using our quantum learning
algorithm would solve LWE
Integration of post-quantum cryptography in the TLS protocol (LWE Option)
Dissertação de mestrado em Computer ScienceWith the possibility of quantum computers making an appearance, possibly capable of
breaking several well established and widespread crytposystems (especially those that
implement public key cryptography), necessity has arisen to create new cryptographic
algorithms which remain safe even against adversaries using quantum computers.
Several algorithms based on different mathematical problems have been proposed which
are considered to be hard to solve with quantum computers. In recent years, a new
lattice-based mathematical problem called Learning With Errors (and its variant Ring -
Learning With Errors) was introduced, and several cryptosystems based on this problem
were introduced, some of which are becoming practical enough to compete with traditional
schemes that have been used for decades.
The primary focus in this work is the implementation of two Ring - Learning With Errors
based schemes (one key exchange mechanism and one digital signature scheme) on the TLS
protocol via the OpenSSL library as a way of checking their overall viability in real-world
scenarios, by comparing them to classical schemes implementing the same functionalities.Com a possibilidade do surgimento dos primeiros computadores quânticos, possivelmente
capazes de quebrar muitos dos cripto-sistemas bem difundidos e considerados seguros,
tornou-se necessário tomar precauções com a criação de novas técnicas criptográficas que
visam manter as suas propriedades de segurança mesmo contra adversários que usem
computadores quânticos.
Existem já muitas propostas de algoritmos baseados em problemas matemáticos
distintos que são considerados difíceis de resolver recorrendo a computadores quânticos.
Recentemente, foi introduzido um novo problema baseado em reticulados denominado de
Learning With Errors (e a sua variante Ring - Learning With Errors), e consequentemente
foram propostos vários cripto-sistemas baseados nesse problema, alguns dos quais começam
já a ser utilizáveis ao ponto de poderem ser comparados com os esquemas clássicos usados
há décadas.
O foco principal neste trabalho é a implementação de dois esquemas baseados no problema
Ring - Learning With Errors (mais precisamente, um esquema de troca de chaves e uma
assinatura digital) no protocolo TLS através da sua integração no OpenSSL como forma de
verificar a sua viabilidade em contextos reais, comparando-os com esquemas clássicos que
implementem as mesmas funcionalidades
Algebraic aspects of solving Ring-LWE, including ring-based improvements in the Blum-Kalai-Wasserman algorithm
We provide a reduction of the Ring-LWE problem to Ring-LWE problems in
subrings, in the presence of samples of a restricted form (i.e. such
that is restricted to a multiplicative coset of the subring). To create and
exploit such restricted samples, we propose Ring-BKW, a version of the
Blum-Kalai-Wasserman algorithm which respects the ring structure. Off-the-shelf
BKW dimension reduction (including coded-BKW and sieving) can be used for the
reduction phase. Its primary advantage is that there is no need for
back-substitution, and the solving/hypothesis-testing phase can be
parallelized. We also present a method to exploit symmetry to reduce table
sizes, samples needed, and runtime during the reduction phase. The results
apply to two-power cyclotomic Ring-LWE with parameters proposed for practical
use (including all splitting types).Comment: 25 pages; section on advanced keying significantly extended; other
minor revision
Wyner-Ziv reconciliation for key exchange based on Ring-LWE
We consider a key encapsulation mechanism (KEM) based on ring-LWE where reconciliation is performed on an N-dimensional lattice using Wyner-Ziv coding. More precisely, we consider Barnes-Wall lattices and use Micciancio and Nicolosi's bounded distance decoder with polynomial complexity O(N log(N)^2). We show that in the asymptotic regime for large N, the achievable key rate is Θ(log N) bits per dimension, while the error probability P_e ≈ O(e −Nε). Unlike previous works, our scheme does not require a dither
- …