Improvements on Making BKW Practical for Solving LWE
نویسندگان
چکیده
The learning with errors (LWE) problem is one of the main mathematical foundations post-quantum cryptography. One groups algorithms for solving LWE Blum–Kalai–Wasserman (BKW) algorithm. This paper presents new improvements BKW-style instances. We target minimum concrete complexity, and we introduce a reduction step where partially reduce last position in an iteration finish next iteration, allowing non-integer sizes. also procedure secret recovery by mapping to binary problems applying fast Walsh Hadamard transform. complexity resulting algorithm compares favorably all other previous approaches, including lattice sieving. additionally show steps implementing approach large provide two implementations algorithm, RAM-based that optimized speed, file-based which overcomes RAM limitations using storage.
منابع مشابه
Coded-BKW: Solving LWE Using Lattice Codes
In this paper we propose a new algorithm for solving the Learning With Errors (LWE) problem based on the steps of the famous Blum-Kalai-Wasserman (BKW) algorithm. The new idea is to introduce an additional procedure of mapping subvectors into codewords of a lattice code, thereby increasing the amount of positions that can be cancelled in each BKW step. The procedure introduces an additional noi...
متن کاملLazy Modulus Switching for the BKW Algorithm on LWE
Some recent constructions based on LWE do not sample the secret uniformly at random but rather from some distribution which produces small entries. The most prominent of these is the binary-LWE problem where the secret vector is sampled from {0, 1}∗ or {−1, 0, 1}∗. We present a variant of the BKW algorithm for binary-LWE and other small secret variants and show that this variant reduces the com...
متن کاملOn the complexity of the BKW algorithm on LWE
This work presents a study of the complexity of the Blum-Kalai-Wasserman (BKW) algorithm when applied to the Learning with Errors (LWE) problem, by providing refined estimates for the data and computational effort requirements for solving concrete instances of the LWE problem. We apply this refined analysis to suggested parameters for various LWE-based cryptographic schemes from the literature ...
متن کاملPractical Improvements to Parity Game Solving
The aim of this thesis is to investigate how parity game problems may be solved efficiently in practice. Parity games are a worthwhile research topic because their simultaneous simplicity and expressiveness makes them a useful formalism to represent the problems that occur when formal methods are applied to software and hardware engineering. In this thesis, first an overview of the state of the...
متن کاملOn the asymptotic complexity of solving LWE
We provide for the first time an asymptotic comparison of all known algorithms for the search version of the Learning with Errors (LWE) problem. This includes an analysis of several lattice-based approaches as well as the combinatorial BKW algorithm. Our analysis of the lattice-based approaches defines a general framework, in which the algorithms of Babai, Lindner-Peikert and several pruning st...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Cryptography
سال: 2021
ISSN: ['2410-387X']
DOI: https://doi.org/10.3390/cryptography5040031