Smooth Hash Proof System Based on the Learning With Errors Problem With Multi-Bit Key Output

We present several new and fairly practical public-key encryption schemes and prove them secure against adaptive chosen ciphertext attack. One scheme is based on Paillier's Decision Composite Residuosity (DCR) assumption, while another is based in the classical Quadratic Residuosity (QR) assumption. The analysis is in the standard cryptographic model, i.e., the security of our schemes does not rely on the Random Oracle model.<br /> <br />We also introduce the notion of a universal hash proof system. Essentially, this is a special kind of non-interactive zero-knowledge proof system for an NP language. We do not show that universal hash proof systems exist for all NP languages, but we do show how to construct very efficient universal hash proof systems for a general class of group-theoretic language membership problems.<br /> <br />Given an efficient universal hash proof system for a language with certain natural cryptographic indistinguishability properties, we show how to construct an efficient public-key encryption schemes secure against adaptive chosen ciphertext attack in the standard model. Our construction only uses the universal hash proof system as a primitive: no other primitives are required, although even more efficient encryption schemes can be obtained by using hash functions with appropriate collision-resistance properties. We show how to construct efficient universal hash proof systems for languages related to the DCR and QR assumptions. From these we get corresponding public-key encryption schemes that are secure under these assumptions. We also show that the Cramer-Shoup encryption scheme (which up until now was the only practical encryption scheme that could be proved secure against adaptive chosen ciphertext attack under a reasonable assumption, namely, the Decision Diffie-Hellman assumption) is also a special case of our general theory.

Download Full-text

A Secure and Fast Dispersal Storage Scheme Based on the Learning with Errors Problem

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering - Security and Privacy in Communication Networks ◽

10.1007/978-3-319-59608-2_23 ◽

2017 ◽

pp. 392-411 ◽

Cited By ~ 1

Author(s):

Ling Yang ◽

Fuyang Fang ◽

Xianhui Lu ◽

Wen-Tao Zhu ◽

Qiongxiao Wang ◽

...

Keyword(s):

Storage Scheme ◽

Learning With Errors ◽

Learning With Errors Problem

Download Full-text

New variant for Learning with Errors Problem

Procedia Computer Science ◽

10.1016/j.procs.2018.04.243 ◽

2018 ◽

Vol 131 ◽

pp. 502-510

Author(s):

Xuyang Wang ◽

Aiqun Hu ◽

Hao Fang

Keyword(s):

New Variant ◽

Learning With Errors ◽

Learning With Errors Problem

Download Full-text

Revisiting Multivariate Ring Learning with Errors and Its Applications on Lattice-Based Cryptography

Mathematics ◽

10.3390/math9080858 ◽

2021 ◽

Vol 9 (8) ◽

pp. 858

Author(s):

Alberto Pedrouzo-Ulloa ◽

Juan Ramón Troncoso-Pastoriza ◽

Nicolas Gama ◽

Mariya Georgieva ◽

Fernando Pérez-González

Keyword(s):

Cyclotomic Polynomials ◽

Time Efficiency ◽

Space And Time ◽

Low Degree ◽

Learning With Errors ◽

Lattice Based Cryptography ◽

Low Degree Polynomials ◽

Learning With Errors Problem ◽

Recent Attack

The “Multivariate Ring Learning with Errors” problem was presented as a generalization of Ring Learning with Errors (RLWE), introducing efficiency improvements with respect to the RLWE counterpart thanks to its multivariate structure. Nevertheless, the recent attack presented by Bootland, Castryck and Vercauteren has some important consequences on the security of the multivariate RLWE problem with “non-coprime” cyclotomics; this attack transforms instances of m-RLWE with power-of-two cyclotomic polynomials of degree n=∏ini into a set of RLWE samples with dimension maxi{ni}. This is especially devastating for low-degree cyclotomics (e.g., Φ4(x)=1+x2). In this work, we revisit the security of multivariate RLWE and propose new alternative instantiations of the problem that avoid the attack while still preserving the advantages of the multivariate structure, especially when using low-degree polynomials. Additionally, we show how to parameterize these instances in a secure and practical way, therefore enabling constructions and strategies based on m-RLWE that bring notable space and time efficiency improvements over current RLWE-based constructions.

Download Full-text

On the Possibility of Classical Client Blind Quantum Computing

Cryptography ◽

10.3390/cryptography5010003 ◽

2021 ◽

Vol 5 (1) ◽

pp. 3

Author(s):

Alexandru Cojocaru ◽

Léo Colisson ◽

Elham Kashefi ◽

Petros Wallden

Keyword(s):

Quantum Computing ◽

Remote State Preparation ◽

Third Party ◽

Security Framework ◽

State Preparation ◽

Learning With Errors ◽

Regular Family ◽

Learning With Errors Problem ◽

Random Quantum States ◽

Proof Of Principle

Classical client remote state preparation (CC − RSP) is a primitive where a fully classical party (client) can instruct the preparation of a sequence of random quantum states on some distant party (server) in a way that the description is known to the client but remains hidden from the server. This primitive has many applications, most prominently, it makes blind quantum computing possible for classical clients. In this work, we give a protocol for classical client remote state preparation, that requires minimal resources. The protocol is proven secure against honest-but-curious servers and any malicious third party in a game-based security framework. We provide an instantiation of a trapdoor (approximately) 2-regular family of functions whose security is based on the hardness of the Learning-With-Errors problem, including a first analysis of the set of usable parameters. We also run an experimentation on IBM’s quantum cloud using a toy function. This is the first proof-of-principle experiment of classical client remote state preparation.

Download Full-text