Cryptology ePrint Archive: Report 2019/1001

Middle-Product Learning with Rounding Problem and its Applications

Shi Bai and Katharina Boudgoust and Dipayan Das and Adeline Roux-Langlois and Weiqiang Wen and Zhenfei Zhang

Abstract: At CRYPTO 2017, Rosca et al. introduce a new variant of the Learning With Errors (LWE) problem, called the Middle-Product LWE (MP-LWE). The hardness of this new assumption is based on the hardness of the Polynomial LWE (P-LWE) problem parameterized by a set of polynomials, making it more secure against the possible weakness of a single defining polynomial. As a cryptographic application, they also provide an encryption scheme based on the MP-LWE problem. In this paper, we propose a deterministic variant of their encryption scheme, which does not need Gaussian sampling and is thus simpler than the original one. Still, it has the same quasi-optimal asymptotic key and ciphertext sizes. The main ingredient for this purpose is the Learning With Rounding (LWR) problem which has already been used to derandomize LWE type encryption. The hardness of our scheme is based on a new assumption called Middle-Product Computational Learning With Rounding, an adaption of the computational LWR problem over rings, introduced by Chen et al. at ASIACRYPT 2018. We prove that this new assumption is as hard as the decisional version of MP-LWE and thus benefits from worst-case to average-case hardness guarantees.

Category / Keywords: foundations / LWE, LWR, Middle-Product, Public Key Encryption

Original Publication (with minor differences): IACR-ASIACRYPT-2019

Date: received 4 Sep 2019, last revised 24 Aug 2020

Contact author: katharina boudgoust at irisa fr

Available format(s): PDF | BibTeX Citation

Version: 20200824:075242 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]