Paper 2025/304

Lattice-based Cryptography: A survey on the security of the lattice-based NIST finalists

Koen de Boer, Leiden University
Wessel van Woerden, University of Bordeaux, PQShield
Abstract

This survey, mostly written in the years 2022-2023, is meant as an as short as possible description of the current state-of-the-art lattice attacks on lattice-based cryptosystems, without losing the essence of the matter. The main focus is the security of the NIST finalists and alternatives that are based on lattices, namely CRYSTALS-Kyber, CRYSTALS-Dilithium and Falcon. Instead of going through these cryptosystems case by case, this survey considers attacks on the underlying hardness assumptions: in the case of the mentioned lattice-based schemes, these are (variants of) LWE (Learning With Errors) and NTRU.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
lattice-based cryptographycryptanalysisNIST candidatesNIST finalistsNTRULWEsecurity estimatessurvey
Contact author(s)
kboer research @ gmail com
wessel vanwoerden @ pqshield com
History
2025-02-21: approved
2025-02-20: received
See all versions
Short URL
https://ia.cr/2025/304
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/304,
      author = {Koen de Boer and Wessel van Woerden},
      title = {Lattice-based Cryptography: A survey on the security of the lattice-based {NIST} finalists},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/304},
      year = {2025},
      url = {https://eprint.iacr.org/2025/304}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.