4,607 research outputs found
Continuous LWE is as Hard as LWE & Applications to Learning Gaussian Mixtures
We show direct and conceptually simple reductions between the classical
learning with errors (LWE) problem and its continuous analog, CLWE (Bruna,
Regev, Song and Tang, STOC 2021). This allows us to bring to bear the powerful
machinery of LWE-based cryptography to the applications of CLWE. For example,
we obtain the hardness of CLWE under the classical worst-case hardness of the
gap shortest vector problem. Previously, this was known only under quantum
worst-case hardness of lattice problems. More broadly, with our reductions
between the two problems, any future developments to LWE will also apply to
CLWE and its downstream applications.
As a concrete application, we show an improved hardness result for density
estimation for mixtures of Gaussians. In this computational problem, given
sample access to a mixture of Gaussians, the goal is to output a function that
estimates the density function of the mixture. Under the (plausible and widely
believed) exponential hardness of the classical LWE problem, we show that
Gaussian mixture density estimation in with roughly
Gaussian components given samples requires time
quasi-polynomial in . Under the (conservative) polynomial hardness of LWE,
we show hardness of density estimation for Gaussians for any
constant , which improves on Bruna, Regev, Song and Tang (STOC
2021), who show hardness for at least Gaussians under polynomial
(quantum) hardness assumptions.
Our key technical tool is a reduction from classical LWE to LWE with
-sparse secrets where the multiplicative increase in the noise is only
, independent of the ambient dimension
Attacks on the Search-RLWE problem with small errors
The Ring Learning-With-Errors (RLWE) problem shows great promise for
post-quantum cryptography and homomorphic encryption. We describe a new attack
on the non-dual search RLWE problem with small error widths, using ring
homomorphisms to finite fields and the chi-squared statistical test. In
particular, we identify a "subfield vulnerability" (Section 5.2) and give a new
attack which finds this vulnerability by mapping to a finite field extension
and detecting non-uniformity with respect to the number of elements in the
subfield. We use this attack to give examples of vulnerable RLWE instances in
Galois number fields. We also extend the well-known search-to-decision
reduction result to Galois fields with any unramified prime modulus q,
regardless of the residue degree f of q, and we use this in our attacks. The
time complexity of our attack is O(nq2f), where n is the degree of K and f is
the residue degree of q in K. We also show an attack on the non-dual (resp.
dual) RLWE problem with narrow error distributions in prime cyclotomic rings
when the modulus is a ramified prime (resp. any integer). We demonstrate the
attacks in practice by finding many vulnerable instances and successfully
attacking them. We include the code for all attacks
Are the Central European Stock Markets Still Different? A Cointegration Analysis
The Central European countries became members of the European Union (EU) in May 2004. Has their accession into the EU also resulted in a stronger financial integration with the global economy in general and with the "old" EU countries in particular? Based on a cointegration analysis applied to stock market movements, I detect for the period after the EU enlargement two new long-run equilibrium relations that indeed suggest a stronger inter-dependence of the markets, whereas no such relations can be observed before this date. In particular, one new relation links the Central European markets to the Western European market, reflecting tighter co-movements of the "new" and the "old" EU markets. The second relation points at the role of the US market for both the Central and the Western European markets
Security considerations for Galois non-dual RLWE families
We explore further the hardness of the non-dual discrete variant of the
Ring-LWE problem for various number rings, give improved attacks for certain
rings satisfying some additional assumptions, construct a new family of
vulnerable Galois number fields, and apply some number theoretic results on
Gauss sums to deduce the likely failure of these attacks for 2-power cyclotomic
rings and unramified moduli
- …