Paper 2022/245

Entropic Hardness of Module-LWE from Module-NTRU

Katharina Boudgoust, Corentin Jeudy, Adeline Roux-Langlois, and Weiqiang Wen

Abstract

The Module Learning With Errors problem (M-LWE) has gained popularity in recent years for its security-efficiency balance, and its hardness has been established for a number of variants. In this paper, we focus on proving the hardness of (search) M-LWE for general secret distributions, provided they carry sufficient min-entropy. This is called entropic hardness of M-LWE. First, we adapt the line of proof of Brakerski and Döttling on R-LWE (TCC’20) to prove that the existence of certain distributions implies the entropic hardness of M-LWE. Then, we provide one such distribution whose required properties rely on the hardness of the decisional Module-NTRU problem.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint. Minor revision.
Keywords
Lattice-based CryptographyModule Learning With ErrorsEntropic HardnessModule-NTRU
Contact author(s)
corentin jeudy @ irisa fr
History
2022-04-14: revised
2022-03-02: received
See all versions
Short URL
https://ia.cr/2022/245
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/245,
      author = {Katharina Boudgoust and Corentin Jeudy and Adeline Roux-Langlois and Weiqiang Wen},
      title = {Entropic Hardness of Module-LWE from Module-NTRU},
      howpublished = {Cryptology ePrint Archive, Paper 2022/245},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/245}},
      url = {https://eprint.iacr.org/2022/245}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.