We describe the first hardware implementation of a quantum-secure encryption scheme along with its lowcost power side-channel countermeasures. The encryption uses an implementation-friendly Binary-Ring-Learning-with-Errors (BRLWE) problem with binary errors that can be efficiently generated in hardware. We demonstrate that a direct implementation of BRLWE exhibits vulnerability to power side-ch...

We present first a generalized LWE problem, which is essentially to extend the original LWE to the case of matrices. Then we use this new version of LWE problem, which we call matrix LWE problem to build new cryptographic schemes, which include a new key distribution scheme, a new key exchanges scheme and a new simple identity-based encryption scheme.

This paper shows how several ring-LWE based key exchange protocols can be broken, under the assumption that the same key share is used for multiple exchanges. This indicates that, if these key exchange protocols are used, then it will be necessary for a fresh key share be generated for each exchange, and that these key exchange protocols cannot be used as a drop in replacement for designs which...

This work revisits the security of classical signatures and ring in a quantum world. For (ordinary) signatures, we focus on arguably preferable notion blind-unforgeability recently proposed by Alagic et al. (Eurocrypt’20). We present two short signature schemes achieving this notion: one is random oracle model, assuming hardness SIS; other plain LWE with super-polynomial modulus. Prior to work,...

The “Ring Learning with Errors” (RLWE) problem was formulated as a variant of the “Learning with Errors” (LWE) problem, with the purpose of taking advantage of an additional algebraic structure in the underlying considered lattices; this enables improvements on the efficiency and cipher expansion on those cryptographic applications which were previously based on the LWE problem. In Eurocrypt 20...

The Learning with Errors problem (LWE) is one of the most important hardness assumptions latticebased constructions base their security on. Recently, Albrecht et al. (Journal of Mathematical Cryptology, 2015) presented the software tool LWE-Estimator to estimate the hardness of concrete LWE instances, making the choice of parameters for lattice-based primitives easier and better comparable. To ...

Recent advances in quantum computing and the announcement by the National Institute of Standards and Technology (NIST) to define new standards for digital-signature, encryption, and keyestablishment protocols increased interest in post-quantum cryptographic schemes. This paper introduces Kyber (part of the CRYSTALS – Cryptographic Suite for Algebraic Lattices – package that will be submitted to...

Along with the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) standardization process, lightweight PQC-related research, development have also gained substantial attention from research community. Ring-binary-learning-with-errors (RBLWE), a ring variant binary-LWE (BLWE), has been used to build promising PQC scheme for emerging Internet-of-Things (IoT) edg...

The hardness of the Learning-With-Errors (LWE) Problem has become one of the most useful assumptions in cryptography. It exhibits a worst-to-average-case reduction making the LWE assumption very plausible. This worst-to-average-case reduction is based on a Fourier argument and the errors for current applications of LWE must be chosen from a gaussian distribution. However, sampling from gaussian...

In this article, we study the geometry of units and ideals cyclotomic rings derive an algorithm to find a mildly short vector in any given ideal lattice quantum polynomial time, under some plausible number-theoretic assumptions. More precisely, ring conductor m , finds approximation shortest by factor exp (Õ(√ )). This result exposes unexpected hardness gap between these structured lattices gen...