Paper 2015/483

Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance

Shi Bai, Adeline Langlois, Tancrëde Lepoint, Amin Sakzad, Damien Stehle, and Ron Steinfeld

Abstract

The Rényi divergence is a measure of closeness of two probability distributions. We show that it can often be used as an alternative to the statistical distance in security proofs for lattice-based cryptography. Using the Rényi divergence is particularly suited for security proofs of primitives in which the attacker is required to solve a search problem (e.g., forging a signature). We show that it may also be used in the case of distinguishing problems (e.g., semantic security of encryption schemes), when they enjoy a public sampleability property. The techniques lead to security proofs for schemes with smaller parameters, and sometimes to simpler security proofs than the existing ones.

Note: Added a correction to our claims in a previous version regarding the first dimension-preserving reduction for LWR: we have recently become aware that [BGM+16] already gave a dimension-preserving reduction for prime modulus q. Our reduction works for composite q.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Contact author(s)
ron steinfeld @ monash edu
History
2018-02-25: last of 4 revisions
2015-05-21: received
See all versions
Short URL
https://ia.cr/2015/483
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/483,
      author = {Shi Bai and Adeline Langlois and Tancrëde Lepoint and Amin Sakzad and Damien Stehle and Ron Steinfeld},
      title = {Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance},
      howpublished = {Cryptology ePrint Archive, Paper 2015/483},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/483}},
      url = {https://eprint.iacr.org/2015/483}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.