The polynomial learning with errors problem and the smearing condition

Liljana Babinkostova; Ariana Chin; Aaron Kirtland; Vladyslav Nazarchuk; Esther Plotnick

doi:10.1515/jmc-2020-0035

The polynomial learning with errors problem and the smearing condition

Liljana Babinkostova, Ariana Chin, Aaron Kirtland, Vladyslav Nazarchuk, Esther Plotnick

Mathematics Department

Research output: Contribution to journal › Article › peer-review

Abstract

As quantum computing advances rapidly, guaranteeing the security of cryptographic protocols resistant to quantum attacks is paramount. Some leading candidate cryptosystems use the learning with errors (LWE) problem, attractive for its simplicity and hardness guaranteed by reductions from hard computational lattice problems. Its algebraic variants, ring-learning with errors (RLWE) and polynomial learning with errors (PLWE), gain efficiency over standard LWE, but their security remains to be thoroughly investigated. In this work, we consider the "smearing"condition, a condition for attacks on PLWE and RLWE introduced in Elias et al. We expand upon some questions about smearing posed by Elias et al. and show how smearing is related to the coupon collector's problem. Furthermore, we develop an algorithm for computing probabilities related to smearing. Finally, we present a smearing-based algorithm for solving the PLWE problem.

Original language	English
Pages (from-to)	215-232
Number of pages	18
Journal	Journal of Mathematical Cryptology
Volume	16
Issue number	1
DOIs	https://doi.org/10.1515/jmc-2020-0035
State	Published - 1 Jan 2022

Keywords

Coupon collector's problem
Lattices
Learning with errors
Polynomial learning with errors
Ring learning with errors
Smearing

Access to Document

10.1515/jmc-2020-0035

Cite this

@article{834271dd5dde4f95b9993ab1e5367837,

title = "The polynomial learning with errors problem and the smearing condition",

abstract = "As quantum computing advances rapidly, guaranteeing the security of cryptographic protocols resistant to quantum attacks is paramount. Some leading candidate cryptosystems use the learning with errors (LWE) problem, attractive for its simplicity and hardness guaranteed by reductions from hard computational lattice problems. Its algebraic variants, ring-learning with errors (RLWE) and polynomial learning with errors (PLWE), gain efficiency over standard LWE, but their security remains to be thoroughly investigated. In this work, we consider the {"}smearing{"}condition, a condition for attacks on PLWE and RLWE introduced in Elias et al. We expand upon some questions about smearing posed by Elias et al. and show how smearing is related to the coupon collector's problem. Furthermore, we develop an algorithm for computing probabilities related to smearing. Finally, we present a smearing-based algorithm for solving the PLWE problem.",

keywords = "Coupon collector's problem, Lattices, Learning with errors, Polynomial learning with errors, Ring learning with errors, Smearing",

author = "Liljana Babinkostova and Ariana Chin and Aaron Kirtland and Vladyslav Nazarchuk and Esther Plotnick",

note = "Publisher Copyright: {\textcopyright} 2022 Liljana Babinkostova et al., published by De Gruyter.",

year = "2022",

month = jan,

day = "1",

doi = "10.1515/jmc-2020-0035",

language = "English",

volume = "16",

pages = "215--232",

number = "1",

}

TY - JOUR

T1 - The polynomial learning with errors problem and the smearing condition

AU - Babinkostova, Liljana

AU - Chin, Ariana

AU - Kirtland, Aaron

AU - Nazarchuk, Vladyslav

AU - Plotnick, Esther

PY - 2022/1/1

Y1 - 2022/1/1

N2 - As quantum computing advances rapidly, guaranteeing the security of cryptographic protocols resistant to quantum attacks is paramount. Some leading candidate cryptosystems use the learning with errors (LWE) problem, attractive for its simplicity and hardness guaranteed by reductions from hard computational lattice problems. Its algebraic variants, ring-learning with errors (RLWE) and polynomial learning with errors (PLWE), gain efficiency over standard LWE, but their security remains to be thoroughly investigated. In this work, we consider the "smearing"condition, a condition for attacks on PLWE and RLWE introduced in Elias et al. We expand upon some questions about smearing posed by Elias et al. and show how smearing is related to the coupon collector's problem. Furthermore, we develop an algorithm for computing probabilities related to smearing. Finally, we present a smearing-based algorithm for solving the PLWE problem.

AB - As quantum computing advances rapidly, guaranteeing the security of cryptographic protocols resistant to quantum attacks is paramount. Some leading candidate cryptosystems use the learning with errors (LWE) problem, attractive for its simplicity and hardness guaranteed by reductions from hard computational lattice problems. Its algebraic variants, ring-learning with errors (RLWE) and polynomial learning with errors (PLWE), gain efficiency over standard LWE, but their security remains to be thoroughly investigated. In this work, we consider the "smearing"condition, a condition for attacks on PLWE and RLWE introduced in Elias et al. We expand upon some questions about smearing posed by Elias et al. and show how smearing is related to the coupon collector's problem. Furthermore, we develop an algorithm for computing probabilities related to smearing. Finally, we present a smearing-based algorithm for solving the PLWE problem.

KW - Coupon collector's problem

KW - Lattices

KW - Learning with errors

KW - Polynomial learning with errors

KW - Ring learning with errors

KW - Smearing

UR - http://www.scopus.com/inward/record.url?scp=85135935497&partnerID=8YFLogxK

U2 - 10.1515/jmc-2020-0035

DO - 10.1515/jmc-2020-0035

M3 - Article

AN - SCOPUS:85135935497

SN - 1862-2976

VL - 16

SP - 215

EP - 232

JO - Journal of Mathematical Cryptology

JF - Journal of Mathematical Cryptology

IS - 1

ER -

The polynomial learning with errors problem and the smearing condition

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this