An experimental study of the BDD approach for the search LWE problem

Rui Xu, Sze Ling Yeo, Kazuhide Fukushima, Tsuyoshi Takagi, Hwajung Seo, Shinsaku Kiyomoto, Matt Henricksen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

The proved hardness of the Learning With Errors (LWE) problem, assuming the worst case intractability of classic lattice problems, has made it a standard building block in the recent design of lattice based cryptosystems. Nonetheless, a thorough understanding of the security of these schemes from the perspective of existing attacks remains an open problem. In this manuscript, we report our implementation of the Bounded Distance Decoding (BDD) approach for solving the search LWE problem. We implement a parallel version of the pruned enumeration method of the BDD strategy proposed by Liu and Nguyen. In our implementation we use the embarrassingly parallel design so that the power of multi-cores can be fully utilized. We let each thread take a randomized basis and perform independent enumerations to find the solution instead of parallelizing the enumeration algorithm itself. Other optimizations include fine-tuning the BKZ block size, the enumeration bound and the pruning coefficients and the optimal dimension of the LWE problem. Experiments are done using the TU Darmstadt LWE challenge. Finally we compare our implementation with a recent parallel BDD implementation by Kirshanova et al. [18] and show that our implementation is more efficient.

Original languageEnglish
Title of host publicationApplied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings
EditorsDieter Gollmann, Atsuko Miyaji, Hiroaki Kikuchi
PublisherSpringer Verlag
Pages253-272
Number of pages20
ISBN (Print)9783319612034
DOIs
Publication statusPublished - Jan 1 2017
Event15th International Conference on Applied Cryptography and Network Security, ACNS 2017 - Kanazawa, Japan
Duration: Jul 10 2017Jul 12 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10355 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other15th International Conference on Applied Cryptography and Network Security, ACNS 2017
CountryJapan
CityKanazawa
Period7/10/177/12/17

Fingerprint

Decoding
Experimental Study
Enumeration
Cryptography
Cryptosystem
Pruning
Tuning
Thread
Hardness
Building Blocks
Open Problems
Attack
Learning
Optimization
Coefficient
Experiments
Experiment
Design

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Xu, R., Yeo, S. L., Fukushima, K., Takagi, T., Seo, H., Kiyomoto, S., & Henricksen, M. (2017). An experimental study of the BDD approach for the search LWE problem. In D. Gollmann, A. Miyaji, & H. Kikuchi (Eds.), Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings (pp. 253-272). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10355 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-61204-1_13

An experimental study of the BDD approach for the search LWE problem. / Xu, Rui; Yeo, Sze Ling; Fukushima, Kazuhide; Takagi, Tsuyoshi; Seo, Hwajung; Kiyomoto, Shinsaku; Henricksen, Matt.

Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings. ed. / Dieter Gollmann; Atsuko Miyaji; Hiroaki Kikuchi. Springer Verlag, 2017. p. 253-272 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10355 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Xu, R, Yeo, SL, Fukushima, K, Takagi, T, Seo, H, Kiyomoto, S & Henricksen, M 2017, An experimental study of the BDD approach for the search LWE problem. in D Gollmann, A Miyaji & H Kikuchi (eds), Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10355 LNCS, Springer Verlag, pp. 253-272, 15th International Conference on Applied Cryptography and Network Security, ACNS 2017, Kanazawa, Japan, 7/10/17. https://doi.org/10.1007/978-3-319-61204-1_13
Xu R, Yeo SL, Fukushima K, Takagi T, Seo H, Kiyomoto S et al. An experimental study of the BDD approach for the search LWE problem. In Gollmann D, Miyaji A, Kikuchi H, editors, Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings. Springer Verlag. 2017. p. 253-272. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-61204-1_13
Xu, Rui ; Yeo, Sze Ling ; Fukushima, Kazuhide ; Takagi, Tsuyoshi ; Seo, Hwajung ; Kiyomoto, Shinsaku ; Henricksen, Matt. / An experimental study of the BDD approach for the search LWE problem. Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings. editor / Dieter Gollmann ; Atsuko Miyaji ; Hiroaki Kikuchi. Springer Verlag, 2017. pp. 253-272 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{5203ff2ad0f64726b03f44b99a73bd27,
title = "An experimental study of the BDD approach for the search LWE problem",
abstract = "The proved hardness of the Learning With Errors (LWE) problem, assuming the worst case intractability of classic lattice problems, has made it a standard building block in the recent design of lattice based cryptosystems. Nonetheless, a thorough understanding of the security of these schemes from the perspective of existing attacks remains an open problem. In this manuscript, we report our implementation of the Bounded Distance Decoding (BDD) approach for solving the search LWE problem. We implement a parallel version of the pruned enumeration method of the BDD strategy proposed by Liu and Nguyen. In our implementation we use the embarrassingly parallel design so that the power of multi-cores can be fully utilized. We let each thread take a randomized basis and perform independent enumerations to find the solution instead of parallelizing the enumeration algorithm itself. Other optimizations include fine-tuning the BKZ block size, the enumeration bound and the pruning coefficients and the optimal dimension of the LWE problem. Experiments are done using the TU Darmstadt LWE challenge. Finally we compare our implementation with a recent parallel BDD implementation by Kirshanova et al. [18] and show that our implementation is more efficient.",
author = "Rui Xu and Yeo, {Sze Ling} and Kazuhide Fukushima and Tsuyoshi Takagi and Hwajung Seo and Shinsaku Kiyomoto and Matt Henricksen",
year = "2017",
month = "1",
day = "1",
doi = "10.1007/978-3-319-61204-1_13",
language = "English",
isbn = "9783319612034",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "253--272",
editor = "Dieter Gollmann and Atsuko Miyaji and Hiroaki Kikuchi",
booktitle = "Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings",
address = "Germany",

}

TY - GEN

T1 - An experimental study of the BDD approach for the search LWE problem

AU - Xu, Rui

AU - Yeo, Sze Ling

AU - Fukushima, Kazuhide

AU - Takagi, Tsuyoshi

AU - Seo, Hwajung

AU - Kiyomoto, Shinsaku

AU - Henricksen, Matt

PY - 2017/1/1

Y1 - 2017/1/1

N2 - The proved hardness of the Learning With Errors (LWE) problem, assuming the worst case intractability of classic lattice problems, has made it a standard building block in the recent design of lattice based cryptosystems. Nonetheless, a thorough understanding of the security of these schemes from the perspective of existing attacks remains an open problem. In this manuscript, we report our implementation of the Bounded Distance Decoding (BDD) approach for solving the search LWE problem. We implement a parallel version of the pruned enumeration method of the BDD strategy proposed by Liu and Nguyen. In our implementation we use the embarrassingly parallel design so that the power of multi-cores can be fully utilized. We let each thread take a randomized basis and perform independent enumerations to find the solution instead of parallelizing the enumeration algorithm itself. Other optimizations include fine-tuning the BKZ block size, the enumeration bound and the pruning coefficients and the optimal dimension of the LWE problem. Experiments are done using the TU Darmstadt LWE challenge. Finally we compare our implementation with a recent parallel BDD implementation by Kirshanova et al. [18] and show that our implementation is more efficient.

AB - The proved hardness of the Learning With Errors (LWE) problem, assuming the worst case intractability of classic lattice problems, has made it a standard building block in the recent design of lattice based cryptosystems. Nonetheless, a thorough understanding of the security of these schemes from the perspective of existing attacks remains an open problem. In this manuscript, we report our implementation of the Bounded Distance Decoding (BDD) approach for solving the search LWE problem. We implement a parallel version of the pruned enumeration method of the BDD strategy proposed by Liu and Nguyen. In our implementation we use the embarrassingly parallel design so that the power of multi-cores can be fully utilized. We let each thread take a randomized basis and perform independent enumerations to find the solution instead of parallelizing the enumeration algorithm itself. Other optimizations include fine-tuning the BKZ block size, the enumeration bound and the pruning coefficients and the optimal dimension of the LWE problem. Experiments are done using the TU Darmstadt LWE challenge. Finally we compare our implementation with a recent parallel BDD implementation by Kirshanova et al. [18] and show that our implementation is more efficient.

UR - http://www.scopus.com/inward/record.url?scp=85022323708&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85022323708&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-61204-1_13

DO - 10.1007/978-3-319-61204-1_13

M3 - Conference contribution

AN - SCOPUS:85022323708

SN - 9783319612034

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 253

EP - 272

BT - Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Proceedings

A2 - Gollmann, Dieter

A2 - Miyaji, Atsuko

A2 - Kikuchi, Hiroaki

PB - Springer Verlag

ER -