Improved Security Proofs in Lattice-Based Cryptography: Using the Rényi Divergence Rather than the Statistical Distance
نویسندگان
چکیده
منابع مشابه
Sharper Bounds in Lattice-Based Cryptography Using the Rényi Divergence
The Rényi divergence is a measure of divergence between distributions. It has recently found several applications in lattice-based cryptography. The contribution of this paper is twofold. First, we give theoretic results which renders it more efficient and easier to use. This is done by providing two lemmas, which give tight bounds in very common situations – for distributions that are tailcut ...
متن کاملTighter Security for Efficient Lattice Cryptography via the Rényi Divergence of Optimized Orders
In security proofs of lattice based cryptography, bounding the closeness of two probability distributions is an important procedure. To measure the closeness, the Rényi divergence has been used instead of the classical statistical distance. Recent results have shown that the Rényi divergence offers security reductions with better parameters, e.g. smaller deviations for discrete Gaussian distrib...
متن کاملthe investigation of research articles in applied linguistics: convergence and divergence in iranian elt context
چکیده ندارد.
Rényi Divergence Variational Inference
This paper introduces the variational Rényi bound (VR) that extends traditional variational inference to Rényi’s α-divergences. This new family of variational methods unifies a number of existing approaches, and enables a smooth interpolation from the evidence lower-bound to the log (marginal) likelihood that is controlled by the value of α that parametrises the divergence. The reparameterizati...
متن کاملCs 7880 Graduate Cryptography Lecture 2: Macs, Statistical Distance, Statistical Security
The MAC construction that we saw in the previous lecture was not very practical in the sense that we can improve the construction by using the same key and tag length as before but for a bigger message space. That is, for some prime p we have: • K = Zp × Zp • M = Zp for some d ≥ 1 • T = Zp (We can replace Zp by any finite field F. In particular, it’s useful to use a binary extension field F2` s...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Cryptology
سال: 2017
ISSN: 0933-2790,1432-1378
DOI: 10.1007/s00145-017-9265-9