The First and Fourth Public-Key Cryptosystems with Worst-Case/Average-Case Equivalence
نویسندگان
چکیده
We describe a public-key cryptosystem with worst-case/average case equivalence. The cryptosystem has an amortized plaintext to ciphertext expansion of O(n), relies on the hardness of the Õ(n)-unique shortest vector problem for lattices, and requires a public key of size at most O(n) bits. The new cryptosystem generalizes a conceptually simple modification of the “Ajtai-Dwork” cryptosystem. We provide a unified treatment of the two cryptosystems.
منابع مشابه
Multiplicative Learning with Errors and Cryptosystems
We introduce a new concept, called multiplicative learning with errors (MLWE), which is a corresponding multiplicative version of the additive learning with errors (LWE), and show the equivalence between the decisional version and the search version for MLWE such that p is a product of sufficiently large smoothing prime factors. Then we construct the MLWE-based private-key and public-key encryp...
متن کاملAsynchronous Proactive Cryptosystems Without Agreement
In this paper, we present efficient asynchronous protocols that allow to build proactive cryptosystems secure against a mobile fail-stop adversary. Such systems distribute the power of a public-key cryptosystem among a set of servers, so that the security and functionality of the overall system is preserved against an adversary that crashes and/or eavesdrops every server repeatedly and transien...
متن کاملPublic-Key Cryptosystems from the Worst-Case Shortest Vector Problem
We construct public-key cryptosystems that are secure assuming the worst-case hardness of approximating the length of a shortest nonzero vector in an n-dimensional lattice to within a small poly(n) factor. Prior cryptosystems with worst-case connections were based either on the shortest vector problem for a special class of lattices (Ajtai and Dwork, STOC 1997; Regev, J. ACM 2004), or on the co...
متن کاملPositive Applications of Lattices to Cryptography
We describe constructions of several cryptographic primitives, including hash functions, public key cryptosystems, pseudo-random bit generators, and digital signatures, whose security depends on the assumed worst-case or average-case hardness of problems involving lattices.
متن کاملRevision 01 of a Public-key Cryptosystem with Worst-case/average-case Equivalence
We present a probabilistic public key cryptosystem which is secure unless the worst case of the following lattice problem can be solved in polynomial time: \Find the shortest nonzero vector in an n dimensional lattice L where the shortest vector v is unique in the sense that any other vector whose length is at most n c kvk is parallel to v."
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Electronic Colloquium on Computational Complexity (ECCC)
دوره 14 شماره
صفحات -
تاریخ انتشار 2007