Please use this identifier to cite or link to this item: http://hdl.handle.net/1959.14/147985
69 Visitors56 Hits0 Downloads
Efficient public key encryption based on ideal lattices (extended abstract)
International Conference on the Theory and Application of Cryptology and Information Security (15th : 2009) (6 - 10 December 2009 : Tokyo)
Matsui, Mitsuru. Advances in cryptology - ASIACRYPT 2009 : 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6-10, 2009 : proceedings, p.617-635
We describe public key encryption schemes with security provably based on the worst case hardness of the approximate Shortest Vector Problem in some structured lattices, called ideal lattices. Under the assumption that the latter is exponentially hard to solve even with a quantum computer, we achieve CPA-security against subexponential attacks, with (quasi-)optimal asymptotic performance: if n is the security parameter, both keys are of bit-length O(n) and the amortized costs of both encryption and decryption are O(1) per message bit. Our construction adapts the trapdoor one-way function of Gentry et al. (STOC’08), based on the Learning With Errors problem, to structured lattices. Our main technical tools are an adaptation of Ajtai’s trapdoor key generation algorithm (ICALP’99) and a re-interpretation of Regev’s quantum reduction between the Bounded Distance Decoding problem and sampling short lattice vectors.