Paper 2023/699
Lattice-based, more general anti-leakage model and its application in decentralization
Abstract
In the case of standard \LWE samples $(\mathbf{A},\mathbf{b = sA + e})$, $\mathbf{A}$ is typically uniformly over $\mathbb{Z}_q^{n \times m}$, and under the \LWE assumption, the conditional distribution of $\mathbf{s}$ given $\mathbf{b}$ and $\mathbf{s}$ should be consistent. However, if an adversary chooses $\mathbf{A}$ adaptively, the gap between the two may be larger. In this work, we are mainly interested in quantifying $\tilde{H}_\infty(\mathbf{s}|\mathbf{sA + e})$, while $\mathbf{A}$ an adversary chooses. Brakerski and D\"{o}ttling answered the question in one case: they proved that when $\mathbf{s}$ is uniformly chosen from $\mathbb{Z}_q^n$, it holds that $\tilde{H}_\infty(\mathbf{s}|\mathbf{sA + e}) \varpropto \rho_\sigma(\Lambda_q(\mathbf{A}))$. We prove that for any $d \leq q$, $\mathbf{s}$ is uniformly chosen from $\mathbb{Z}_d^n$ or is sampled from a discrete Gaussian, the above result still holds. In addition, as an independent result, we have also proved the regularity of the hash function mapped to the prime-order group and its Cartesian product. As an application of the above results, we improved the multi-key fully homomorphic encryption\cite{TCC:BraHalPol17} and answered the question raised at the end of their work positively: we have GSW-type ciphertext rather than Dual-GSW, and the improved scheme has shorter keys and ciphertexts
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- Leftover hash lemmaLeakage resilient cryptographyMulti-key FHE
- Contact author(s)
-
daixiaokang @ cigit ac cn
chenjingwei @ cigit ac cn
wuwenyuan @ cigit ac cn
yongfeng @ cigit ac cn - History
- 2023-07-27: last of 10 revisions
- 2023-05-16: received
- See all versions
- Short URL
- https://ia.cr/2023/699
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/699, author = {Xiaokang Dai and Jingwei Chen and Wenyuan Wu and Yong Feng}, title = {Lattice-based, more general anti-leakage model and its application in decentralization}, howpublished = {Cryptology ePrint Archive, Paper 2023/699}, year = {2023}, note = {\url{https://eprint.iacr.org/2023/699}}, url = {https://eprint.iacr.org/2023/699} }