LWE from Non-commutative Group Rings
نویسندگان
چکیده
The Ring Learning-With-Errors (LWE) problem, whose security is based on hard ideal lattice problems, has proven to be a promising primitive with diverse applications in cryptography. There are however recent discoveries of faster algorithms for the principal ideal SVP problem, and attempts to generalize the attack to non-principal ideals. In this work, we study the LWE problem on group rings, and build cryptographic schemes based on this new primitive. One can regard the LWE on cyclotomic integers as a special case when the underline group is cyclic, while our proposal utilizes non-commutative groups that eliminates the weakness associated with the principal ideal lattices. In particular, we show how to build public key encryption schemes from dihedral group rings, which maintains the efficiency of the Ring-LWE, and improves its security. We also propose a simple modification of the PeikertVaikuntanathan-Waters cryptosystem, which is an amortized version of Regev’s original proposal based on LWE. Our modification improves the encryption and decryption complexity per bit to sublinear in the security level, without affecting the security.
منابع مشابه
On the commuting graph of non-commutative rings of order $p^nq$
Let $R$ be a non-commutative ring with unity. The commuting graph of $R$ denoted by $Gamma(R)$, is a graph with vertex set $RZ(R)$ and two vertices $a$ and $b$ are adjacent iff $ab=ba$. In this paper, we consider the commuting graph of non-commutative rings of order pq and $p^2q$ with Z(R) = 0 and non-commutative rings with unity of order $p^3q$. It is proved that $C_R(a)$ is a commutative ring...
متن کاملOn the commuting graph of some non-commutative rings with unity
Let $R$ be a non-commutative ring with unity. The commuting graph of $R$ denoted by $Gamma(R)$, is a graph with a vertex set $Rsetminus Z(R)$ and two vertices $a$ and $b$ are adjacent if and only if $ab=ba$. In this paper, we investigate non-commutative rings with unity of order $p^n$ where $p$ is prime and $n in lbrace 4,5 rbrace$. It is shown that, $Gamma(R)$ is the disjoint ...
متن کاملGeneralized Learning Problems and Applications to Non-commutative Cryptography
We propose a generalization of the learning parity with noise (LPN) and learning with errors (LWE) problems to an abstract class of group-theoretic learning problems that we term learning homomorphisms with noise (LHN). This class of problems contains LPN and LWE as special cases, but is much more general. It allows, for example, instantiations based on non-abelian groups, resulting in a new av...
متن کاملOn Commutative Reduced Baer Rings
It is shown that a commutative reduced ring R is a Baer ring if and only if it is a CS-ring; if and only if every dense subset of Spec (R) containing Max (R) is an extremally disconnected space; if and only if every non-zero ideal of R is essential in a principal ideal generated by an idempotent.
متن کاملThe sum-annihilating essential ideal graph of a commutative ring
Let $R$ be a commutative ring with identity. An ideal $I$ of a ring $R$is called an annihilating ideal if there exists $rin Rsetminus {0}$ such that $Ir=(0)$ and an ideal $I$ of$R$ is called an essential ideal if $I$ has non-zero intersectionwith every other non-zero ideal of $R$. Thesum-annihilating essential ideal graph of $R$, denoted by $mathcal{AE}_R$, isa graph whose vertex set is the set...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2016 شماره
صفحات -
تاریخ انتشار 2016