Cryptology ePrint Archive: Report 2015/971

Attacks on Search RLWE

Hao Chen, Kristin Lauter, and Katherine E. Stange

Abstract: We describe a new attack on the Search Ring Learning-With-Errors (RLWE) problem based on the chi-square statistical test, and give examples of RLWE instances in Galois number fields which are vulnerable to our attack. We prove a search-to-decision reduction for Galois fields which applies for any unramified prime modulus $q$, regardless of the residue degree $f$ of $q$, and we use this in our attacks. The time complexity of our attack is $O(q^{2f})$, where $f$ is the {\it residue degree} of $q$ in $K$.

We also show an attack on the RLWE problem in general cyclotomic rings (non $2$-power cyclotomic rings) which works when the modulus is a ramified prime. We demonstrate the attacks in practice by finding many vulnerable instances and successfully attacking them. We include the code for all attacks.

Category / Keywords: secret-key cryptography / RLWE, Attacks, Cryptanalysis

Date: received 8 Oct 2015

Contact author: chenh123 at uw edu

Available format(s): PDF | BibTeX Citation

Note: Under submission elsewhere.

Version: 20151009:210943 (All versions of this report)

Short URL: ia.cr/2015/971

Discussion forum: Show discussion | Start new discussion