Solving LWR via BDD strategy: Modulus switching approach

Huy Quoc Le, Pradeep Kumar Mishra, Dung Hoang Duong, Masaya Yasuda

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The typical approach in attacking an LWR m,n,q,p(χs) instance parameterized by four integers m, n, q, p (Formula Presented) and a probability distribution χs is just by simply regarding it as a Learning with Errors (LWE) modulo q instance and then trying to adapt known LWE attacks to this LWE instance. In this paper, we show that for an LWR m,n,q,p(χs) instance whose parameters satisfy a certain sufficient condition, one can use the BDD strategy to recover the secret with higher advantages if one transforms the LWR instance to an LWE modulo (Formula Presented) instance with (Formula Presented) chosen appropriately instead of an LWE modulo q instance. The optimal modulus q used in our BDD attack is quite close to p as well as typically smaller than q. Especially, our experiments confirm that our BDD attack is much better in solving search-LWR in terms of root Hermite factor, success probability and even running time either in case the ratio log (q)/log (p) is big or/and the dimension n is sufficiently large.

Original languageEnglish
Title of host publicationCryptology and Network Security - 17th International Conference, CANS 2018, Proceedings
EditorsPanos Papadimitratos, Jan Camenisch
PublisherSpringer Verlag
Pages357-376
Number of pages20
ISBN (Print)9783030004330
DOIs
Publication statusPublished - Jan 1 2018
Event17th International Conference on Cryptology and Network Security, CANS 2018 - Naples, Italy
Duration: Sep 30 2018Oct 3 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11124 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other17th International Conference on Cryptology and Network Security, CANS 2018
CountryItaly
CityNaples
Period9/30/1810/3/18

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Solving LWR via BDD strategy: Modulus switching approach'. Together they form a unique fingerprint.

Cite this