Paper 2019/674
Polar Sampler: Discrete Gaussian Sampling over the Integers Using Polar Codes
Jiabo Wang and Cong Ling
Abstract
Cryptographic constructions based on hard lattice problems have emerged as a front runner for the standardization of post quantum public key cryptography. As the standardization process takes place, optimizing specific parts of proposed schemes becomes a worthwhile endeavor. Gaussian sampling over the integers is one of the fundamental building blocks of latticed-based cryptography. In this work, we propose a new integer Gaussian sampler based on polar codes, dubbed ``polar sampler". The polar sampler is asymptotically information theoretically optimum in the sense that the number of uniformly random bits it uses approaches the entropy bound. It also features quasi-linear complexity and constant-time implementation. Our algorithm becomes effective when sufficiently many samples are required at each query to the sampler. Security analysis is given based on the statistical distance, Kullback-Leibler divergence and Rényi divergence. A comparison between the polar sampler and the Knuth-Yao sampler verifies its time efficiency and the memory cost can be further optimized if space-efficient successive-cancellation decoding is adopted.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Preprint. MINOR revision.
- Keywords
- Discrete Gaussian samplingPolar codesInteger latticeKullback-Leibler divergenceConstant-time implementation
- Contact author(s)
-
j wang16 @ imperial ac uk
c ling @ imperial ac uk - History
- 2022-01-10: last of 3 revisions
- 2019-06-06: received
- See all versions
- Short URL
- https://ia.cr/2019/674
- License
-
CC BY