Solving the search-LWE problem over projected lattices

Satoshi Nakamura; Nariaki Tateiwa; Masaya Yasuda; Katsuki Fujisawa

doi:10.1016/j.dam.2022.04.018

Solving the search-LWE problem over projected lattices

Satoshi Nakamura, Nariaki Tateiwa, Masaya Yasuda, Katsuki Fujisawa

Division for Intelligent Societal Implementation of Mathmatical Computation

Research output: Contribution to journal › Article › peer-review

Abstract

The learning with errors (LWE) problem is one of the hard problems assuring the security of modern lattice-based cryptography. Kannan's embedding can reduce Search-LWE, the search version of LWE, to a specific case of the shortest vector problem (SVP). Lattice basis reduction is a powerful instrument for solving lattice problems including SVP. We propose a new way for efficiently solving Search-LWE. While a whole basis is reduced in a standard way, ours reduces only a projected basis. To realize our strategy, we also provide an algorithm for reducing projected bases, based on DeepBKZ that is an enhancement of the block Korkine–Zolotarev (BKZ) algorithm. Moreover, we show implementation results for solving some instances within the Darmstadt LWE challenge.

Original language	English
Pages (from-to)	69-81
Number of pages	13
Journal	Discrete Applied Mathematics
Volume	318
DOIs	https://doi.org/10.1016/j.dam.2022.04.018
Publication status	Published - Sept 15 2022

All Science Journal Classification (ASJC) codes

Discrete Mathematics and Combinatorics
Applied Mathematics

Access to Document

10.1016/j.dam.2022.04.018

Cite this

@article{44ac2d0764ec4d8f9e7bc953563f30b2,

title = "Solving the search-LWE problem over projected lattices",

abstract = "The learning with errors (LWE) problem is one of the hard problems assuring the security of modern lattice-based cryptography. Kannan's embedding can reduce Search-LWE, the search version of LWE, to a specific case of the shortest vector problem (SVP). Lattice basis reduction is a powerful instrument for solving lattice problems including SVP. We propose a new way for efficiently solving Search-LWE. While a whole basis is reduced in a standard way, ours reduces only a projected basis. To realize our strategy, we also provide an algorithm for reducing projected bases, based on DeepBKZ that is an enhancement of the block Korkine–Zolotarev (BKZ) algorithm. Moreover, we show implementation results for solving some instances within the Darmstadt LWE challenge.",

author = "Satoshi Nakamura and Nariaki Tateiwa and Masaya Yasuda and Katsuki Fujisawa",

note = "Funding Information: This work was supported by JSPS KAKENHI Grant Number JP20H04142 , Japan. Publisher Copyright: {\textcopyright} 2022 Elsevier B.V.",

year = "2022",

month = sep,

day = "15",

doi = "10.1016/j.dam.2022.04.018",

language = "English",

volume = "318",

pages = "69--81",

journal = "Discrete Applied Mathematics",

issn = "0166-218X",

publisher = "Elsevier",

}

TY - JOUR

T1 - Solving the search-LWE problem over projected lattices

AU - Nakamura, Satoshi

AU - Tateiwa, Nariaki

AU - Yasuda, Masaya

AU - Fujisawa, Katsuki

PY - 2022/9/15

Y1 - 2022/9/15

N2 - The learning with errors (LWE) problem is one of the hard problems assuring the security of modern lattice-based cryptography. Kannan's embedding can reduce Search-LWE, the search version of LWE, to a specific case of the shortest vector problem (SVP). Lattice basis reduction is a powerful instrument for solving lattice problems including SVP. We propose a new way for efficiently solving Search-LWE. While a whole basis is reduced in a standard way, ours reduces only a projected basis. To realize our strategy, we also provide an algorithm for reducing projected bases, based on DeepBKZ that is an enhancement of the block Korkine–Zolotarev (BKZ) algorithm. Moreover, we show implementation results for solving some instances within the Darmstadt LWE challenge.

AB - The learning with errors (LWE) problem is one of the hard problems assuring the security of modern lattice-based cryptography. Kannan's embedding can reduce Search-LWE, the search version of LWE, to a specific case of the shortest vector problem (SVP). Lattice basis reduction is a powerful instrument for solving lattice problems including SVP. We propose a new way for efficiently solving Search-LWE. While a whole basis is reduced in a standard way, ours reduces only a projected basis. To realize our strategy, we also provide an algorithm for reducing projected bases, based on DeepBKZ that is an enhancement of the block Korkine–Zolotarev (BKZ) algorithm. Moreover, we show implementation results for solving some instances within the Darmstadt LWE challenge.

UR - http://www.scopus.com/inward/record.url?scp=85131459148&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85131459148&partnerID=8YFLogxK

U2 - 10.1016/j.dam.2022.04.018

DO - 10.1016/j.dam.2022.04.018

M3 - Article

AN - SCOPUS:85131459148

SN - 0166-218X

VL - 318

SP - 69

EP - 81

JO - Discrete Applied Mathematics

JF - Discrete Applied Mathematics

ER -

Solving the search-LWE problem over projected lattices

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this