Paper 2021/1354
SoK: On the Security of Cryptographic Problems from Linear Algebra
Carl Bootland, Wouter Castryck, Alan Szepieniec, and Frederik Vercauteren
Abstract
There are two main aims to this paper. Firstly, we survey the relevant existing attack strategies known to apply to the most commonly used lattice-based cryptographic problems as well as to a number of their variants. In particular, we consider attacks against problems in the style of LWE, SIS and NTRU defined over rings of the form $\mathbb{Z}[X]/(f(X), g(X))$, where classically $g(X) = q$ is an integer modulus. We also include attacks on variants which use only large integer arithmetic, corresponding to the degree one case $g(X) = X - c$. Secondly, for each of these approaches we investigate whether they can be generalised to the case of a polynomial modulus $g(X)$ having degree larger than one, thus addressing the security of the generalised cryptographic problems from linear algebra introduced by Bootland et al. We find that some attacks readily generalise to a wide range of parameters while others require very specific conditions to be met in order to work.
Metadata
- Available format(s)
- Category
- Foundations
- Publication info
- Preprint. MINOR revision.
- Keywords
- lattice-based cryptographynoisy linear algebralearning with errorsshort integer solutionsNTRU
- Contact author(s)
-
carl bootland @ esat kuleuven be
wouter castryck @ esat kuleuven be
alan @ nervos org
frederik vercauteren @ esat kuleuven be - History
- 2021-10-12: received
- Short URL
- https://ia.cr/2021/1354
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/1354, author = {Carl Bootland and Wouter Castryck and Alan Szepieniec and Frederik Vercauteren}, title = {{SoK}: On the Security of Cryptographic Problems from Linear Algebra}, howpublished = {Cryptology {ePrint} Archive, Paper 2021/1354}, year = {2021}, url = {https://eprint.iacr.org/2021/1354} }