We focus on the simpler case, as chosen by Bos, Costello, Naehrig and Stebila in 2014, of cyclotomic rings whose degree is a power of two. We describe the necessary arithmetic setup and choices regarding error sampling, and give a possibly cleaner mechanism for reconciliation of the shared secrets. Then we present Peikert's Diffie-Hellman-like key exchange algorithms along with security, correctness and implementation analysis. We demonstrate parameter choices that outperform Bos et al by a factor of up to 13 for equivalent security.
Category / Keywords: Cryptography, Lattice, Ring-LWE, Ring Learning With Errors, Key Exchange, IKE, TLS Date: received 19 Feb 2015, last revised 22 Dec 2015 Contact author: vs77814 at gmail com Available format(s): PDF | BibTeX Citation Note: Updated GitHub repository URL Version: 20151222:164906 (All versions of this report) Short URL: ia.cr/2015/138