Relating different Polynomial-LWE problems

In this paper we focus on Polynomial Learning with Errors (PLWE). This problem is parametrized by a polynomial and we are interested in relating the hardness of the $\text{PLWE}^f$ and $\text{PLWE}^h$ problems for different polynomials $f$ and $h$. More precisely, our main result shows that for a fixed monic polynomial $f$, $\text{PLWE}^{f\circ g}$ is at least as hard as $\text{PLWE}^f$, in both search and decision variants, for any monic polynomial $g$. As a consequence, $\text{PLWE}^{\phi_n}$ is harder than $\text{PLWE}^{f},$ for a minimal polynomial $f$ of an algebraic integer from the cyclotomic field $\mathbb{Q}(\zeta_n)$ with specific properties. Moreover, we prove in decision variant that in the case of power-of-2 polynomials, $\text{PLWE}^{\phi_n}$ is at least as hard as $\text{PLWE}^f,$ for a minimal polynomial $f$ of algebraic integers from the $n$th cyclotomic field with weaker specifications than those from the previous result

Fast polynomial arithmetic in homomorphic encryption with cyclo-multiquadratic fields

This work provides refined polynomial upper bounds for the condition number of the transformation between RLWE/PLWE for cyclotomic number fields with up to 6 primes dividing the conductor. We also provide exact expressions of the condition number for any cyclotomic field, but under what we call the twisted power basis. Finally, from a more practical perspective, we discuss the advantages and limitations of cyclotomic fields to have fast polynomial arithmetic within homomorphic encryption, for which we also study the RLWE/PLWE equivalence of a concrete non-cyclotomic family of number fields. We think this family could be of particular interest due to its arithmetic efficiency properties