A signature scheme from Learning with Truncation

In this paper we revisit the modular lattice signature scheme and its efficient instantiation known as pqNTRUSign. First, we show that a modular lattice signature scheme can be based on a standard lattice problem. As the fundamental problem that needs to be solved by the signer or a potential forger is recovering a lattice vector with a restricted norm, given the least significant bits, we refer to this general class of problems as the “learning with truncation” problem. We show that by replacing the uniform sampling in pqNTRUSign with a bimodal Gaussian sampling, we can further reduce the size of a signature. As an example, we show that the size of the signature can be as low as 4608 bits for a security level of 128 bits. The most significant new contribution, enabled by this Gaussian sam- pling version of pqNTRUSign, is that we can now perform batch verifi- cation, which allows the verifier to check approximately 2000 signatures in a single verification process

Additive twists and a conjecture by Mazur, Rubin and Stein

In this paper, a conjecture of Mazur, Rubin and Stein concerning certain averages of modular symbols is proved. To cover levels that are important for elliptic curves, namely those that are not square-free, we establish results about L-functions with additive twists that are of independent interest

A signature scheme from the finite field isomorphism problem

In a recent paper the authors and their collaborators proposed a new hard problem, called the finite field isomorphism problem, and they used it to construct a fully homomorphic encryption scheme. In this paper, we investigate how one might build a digital signature scheme from this new problem. Intuitively, the hidden field isomorphism allows us to convert short vectors in the underlying lattice of one field into generic looking vectors in an isomorphic field

Modular lattice signatures, revisited

In this paper we revisit the modular lattice signature scheme and its efficient instantiation known as pqNTRUSign. First, we show that a modular lattice signature scheme can be based on a standard lattice problem. The fundamental problem that needs to be solved by the signer or a potential forger is recovering a lattice vector with a restricted norm, given the least significant bits. We show that this problem is equivalent to the short integer solution (SIS) problem over the corresponding lattice. In addition, we show that by replacing the uniform sampling in pqNTRUSign with a bimodal Gaussian sampling, we can further reduce the size of a signature. An important new contribution, enabled by this Gaussian sampling version of pqNTRUSign, is that we can now perform batch verification of messages signed by the same public key, which allows the verifier to check approximately 24 signatures in a single verification process

Toroidal automorphic forms, Waldspurger periods and double Dirichlet series

The space of toroidal automorphic forms was introduced by Zagier in the 1970s: a GL_2-automorphic form is toroidal if it has vanishing constant Fourier coefficients along all embedded non-split tori. The interest in this space stems (amongst others) from the fact that an Eisenstein series of weight s is toroidal for a given torus precisely if s is a non-trivial zero of the zeta function of the quadratic field corresponding to the torus. In this paper, we study the structure of the space of toroidal automorphic forms for an arbitrary number field F. We prove that it decomposes into a space spanned by all derivatives up to order n-1 of an Eisenstein series of weight s and class group character omega precisely if s is a zero of order n of the L-series corresponding to omega at s, and a space consisting of exactly those cusp forms the central value of whose L-series is zero. The proofs are based on an identity of Hecke for toroidal integrals of Eisenstein series and a result of Waldspurger about toroidal integrals of cusp forms combined with non-vanishing results for twists of L-series proven by the method of double Dirichlet series.Comment: 14 page

A Subfield Lattice Attack on Overstretched NTRU Assumptions:Cryptanalysis of Some FHE and Graded Encoding Schemes

International audienc