Description
Hard learning problems (e.g., LPN, LWE and their variants) are attractive topics recently in the cryptographic community due to the numerous cryptosystems (symmetric or public-key) based on them. Normally these systems employ an instantiation of the underlying problem with a large dimension and relatively small noise to ensure the security and the high decryption success probability, respectively. In the famous BKW algorithm, Blum et al. first pointed out that balancing these two parameters plays a key role in solving these hard instances. Along their path, I will present a new idea to form better dimension-bias trade-offs by using coding theory, thereby resulting in better solutions. Lattice codes are used for solving LWE, and covering codes for LPN. Moreover, I will also present an improved method if additional algebraic structures are provided (e.g., in the reducible Ring-LPN case).
Next sessions
-
Algorithms for post-quantum commutative group actions
Speaker : Marc Houben - Inria Bordeaux
At the historical foundation of isogeny-based cryptography lies a scheme known as CRS; a key exchange protocol based on class group actions on elliptic curves. Along with more efficient variants, such as CSIDH, this framework has emerged as a powerful building block for the construction of advanced post-quantum cryptographic primitives. Unfortunately, all protocols in this line of work are[…] -
Endomorphisms via Splittings
Speaker : Min-Yi Shen - No Affiliation
One of the fundamental hardness assumptions underlying isogeny-based cryptography is the problem of finding a non-trivial endomorphism of a given supersingular elliptic curve. In this talk, we show that the problem is related to the problem of finding a splitting of a principally polarised superspecial abelian surface. In particular, we provide formal security reductions and a proof-of-concept[…]-
Cryptography
-