19 research outputs found

    Revisiting the Hardness of Binary Error LWE

    Get PDF
    Binary error LWE is the particular case of the learning with errors (LWE) problem in which errors are chosen in {0,1}\{0,1\}. It has various cryptographic applications, and in particular, has been used to construct efficient encryption schemes for use in constrained devices. Arora and Ge showed that the problem can be solved in polynomial time given a number of samples quadratic in the dimension nn. On the other hand, the problem is known to be as hard as standard LWE given only slightly more than nn samples. In this paper, we first examine more generally how the hardness of the problem varies with the number of available samples. Under standard heuristics on the Arora--Ge polynomial system, we show that, for any ϵ>0\epsilon >0, binary error LWE can be solved in polynomial time nO(1/ϵ)n^{O(1/\epsilon)} given ϵn2\epsilon\cdot n^{2} samples. Similarly, it can be solved in subexponential time 2O~(n1α)2^{\tilde O(n^{1-\alpha})} given n1+αn^{1+\alpha} samples, for 0<α<10<\alpha<1. As a second contribution, we also generalize the binary error LWE to problem the case of a non-uniform error probability, and analyze the hardness of the non-uniform binary error LWE with respect to the error rate and the number of available samples. We show that, for any error rate 0<p<10 < p < 1, non-uniform binary error LWE is also as hard as worst-case lattice problems provided that the number of samples is suitably restricted. This is a generalization of Micciancio and Peikert\u27s hardness proof for uniform binary error LWE. Furthermore, we also discuss attacks on the problem when the number of available samples is linear but significantly larger than nn, and show that for sufficiently low error rates, subexponential or even polynomial time attacks are possible

    Secure Key Encapsulation Mechanism with Compact Ciphertext and Public Key from Generalized Srivastava code

    Get PDF
    Code-based public key cryptosystems have been found to be an interesting option in the area of Post-Quantum Cryptography. In this work, we present a key encapsulation mechanism (KEM) using a parity check matrix of the Generalized Srivastava code as the public key matrix. Generalized Srivastava codes are privileged with the decoding technique of Alternant codes as they belong to the family of Alternant codes. We exploit the dyadic structure of the parity check matrix to reduce the storage of the public key. Our encapsulation leads to a shorter ciphertext as compared to DAGS proposed by Banegas et al. in Journal of Mathematical Cryptology which also uses Generalized Srivastava code. Our KEM provides IND-CCA security in the random oracle model. Also, our scheme can be shown to achieve post-quantum security in the quantum random oracle model

    On Medical and Service Robots with Compliant Dynamic Control

    No full text

    Improved algebraic attacks on lightweight block ciphers

    No full text

    Measurement and significance of three-dimensional architecture to the mechanical integrity of trabecular bone

    Full text link
    The mechanical properties of trabecular bone have been shown to vary significantly with age, anatomic location, and metabolic condition. Efforts towards predicting its behavior have been extensive, and significant relationship between measures of density and mechanical integrity have been reported. Unfortunately, the significant heterogeneity in trabecular bone anisotropy contributes to significant unexplained variance in its strength and modulus when predicted using scalar measures of mass or density. As a result, numerous investigators have attempted to include measures of architecture in an effort to more rigorously investigate potential physiologic optimization strategies, as well as account for the increased fragility associated with advancing age. In our laboratories we have utilized a unique three-dimensional, microcomputed tomography system to measure trabecular plate thickness, trabecular plate separation, trabecular plate number, surface to volume ratio, bone volume fraction, anisotropy, and connectivity in isolated specimens of trabecular bone. The results of these studies demonstrate that in normal bone, more than 80% of the variance in its mechanical behavior can be explained by measures of density and orientation. The independent measures of connectivity and trabecular plate number were found to be significantly correlated with bone volume fraction, suggesting a potential strategy in the formation of trabecular bone. It might be hypothesized, however, that the relationship between bone volume fraction and connectivity may be substantially altered under conditions associated with aging, fragility, or metabolic bone disease. This hypothesis would be consistent with the histologic, evidence of reduced connectivity in osteopenic patients.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/48005/1/223_2005_Article_BF01673421.pd
    corecore