Vandermonde meets Regev: public key encryption schemes based on partial Vandermonde problems

Vandermonde meets Regev: public key encryption schemes based on partial Vandermonde problems

PASS Encrypt is a lattice-based public key encryption scheme introduced by Hoffstein and Silverman (Des Codes Cryptogr 77(2–3):541–552, 2015). The efficiency and algebraic properties of  PASS Encrypt and of the underlying partial Vandermonde knapsack problem ( PV - Knap ) make them an attractive sta...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Designs, codes, and cryptography codes, and cryptography, 2022-08, Vol.90 (8), p.1899-1936
Hauptverfasser: Boudgoust, Katharina, Sakzad, Amin, Steinfeld, Ron
Format: Artikel
Sprache:eng
Schlagworte:
Coding and Information Theory
Computer Science
Cryptography
Cryptology
Discrete Mathematics in Computer Science
Knapsack problem
Polynomials
Security
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 1936
container_issue 8
container_start_page 1899
container_title Designs, codes, and cryptography
container_volume 90
creator Boudgoust, Katharina
Sakzad, Amin
Steinfeld, Ron
description PASS Encrypt is a lattice-based public key encryption scheme introduced by Hoffstein and Silverman (Des Codes Cryptogr 77(2–3):541–552, 2015). The efficiency and algebraic properties of  PASS Encrypt and of the underlying partial Vandermonde knapsack problem ( PV - Knap ) make them an attractive starting point for building efficient post-quantum cryptographic primitives. Recall that  PV - Knap asks to recover a polynomial of small norm from a partial list of its Vandermonde transform. Unfortunately, the security foundations of  PV - Knap -based encryption are not well understood, and in particular, no security proof for  PASS Encrypt is known. In this work, we make progress in this direction. First, we present a modified version of  PASS Encrypt with a security proof based on decision  PV - Knap and a leaky variant of it, named the  PASS problem. We next study an alternative approach to build encryption based on  PV - Knap . To this end, we introduce the partial Vandermonde  LWE problem ( PV - LWE ), which we show is computationally equivalent to  PV - Knap . Following Regev’s design for LWE -based encryption, we use  PV - LWE to construct an efficient encryption scheme. Its security is based on  PV - LWE and a hybrid variant of  PV - Knap and Polynomial  LWE . Finally, we give a refined analysis of the concrete security of both schemes against best known lattice attacks.
doi_str_mv 10.1007/s10623-022-01083-7
format Article
fullrecord <record><control><sourceid>proquest_hal_p</sourceid><recordid>TN_cdi_hal_primary_oai_HAL_hal_04535099v1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2696689215</sourcerecordid><originalsourceid>FETCH-LOGICAL-c348t-a744e5b677f1aedcdbec4fd874c6c1380ddcc0e8a2130f2ec39675465096ecba3</originalsourceid><addsrcrecordid>eNp9kE9LxDAQxYMouK5-AU8BTx6qk6RNWm_Loq6wIIh6EkKaTtdq_5l0F_bbm7WinrxMhsnvPR6PkFMGFwxAXXoGkosIOI-AQSoitUcmLFFhSVK5TyaQ8SRi4f-QHHn_BgBMAJ-Ql2fTFuiaLkzaIA6ePuAKN1e0X-d1Zek7bim21m37oepa6u0rNuhpbjwWNBx644bK1PSvT--6vMbGH5OD0tQeT77fKXm6uX6cL6Ll_e3dfLaMrIjTITIqjjHJpVIlM1jYIkcbl0WqYistEykUhbWAqeEhc8nRikyqJJYJZBJtbsSUnI--r6bWvasa47a6M5VezJZ6d4M4EYHONiywZyMbQn6s0Q_6rVu7NsTTXGZSphlnSaD4SFnXee-w_LFloHeN67FxHRrVX41rFURiFPkAtyt0v9b_qD4BWuiEKw</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2696689215</pqid></control><display><type>article</type><title>Vandermonde meets Regev: public key encryption schemes based on partial Vandermonde problems</title><source>SpringerLink Journals - AutoHoldings</source><creator>Boudgoust, Katharina ; Sakzad, Amin ; Steinfeld, Ron</creator><creatorcontrib>Boudgoust, Katharina ; Sakzad, Amin ; Steinfeld, Ron</creatorcontrib><description>PASS Encrypt is a lattice-based public key encryption scheme introduced by Hoffstein and Silverman (Des Codes Cryptogr 77(2–3):541–552, 2015). The efficiency and algebraic properties of  PASS Encrypt and of the underlying partial Vandermonde knapsack problem ( PV - Knap ) make them an attractive starting point for building efficient post-quantum cryptographic primitives. Recall that  PV - Knap asks to recover a polynomial of small norm from a partial list of its Vandermonde transform. Unfortunately, the security foundations of  PV - Knap -based encryption are not well understood, and in particular, no security proof for  PASS Encrypt is known. In this work, we make progress in this direction. First, we present a modified version of  PASS Encrypt with a security proof based on decision  PV - Knap and a leaky variant of it, named the  PASS problem. We next study an alternative approach to build encryption based on  PV - Knap . To this end, we introduce the partial Vandermonde  LWE problem ( PV - LWE ), which we show is computationally equivalent to  PV - Knap . Following Regev’s design for LWE -based encryption, we use  PV - LWE to construct an efficient encryption scheme. Its security is based on  PV - LWE and a hybrid variant of  PV - Knap and Polynomial  LWE . Finally, we give a refined analysis of the concrete security of both schemes against best known lattice attacks.</description><identifier>ISSN: 0925-1022</identifier><identifier>EISSN: 1573-7586</identifier><identifier>DOI: 10.1007/s10623-022-01083-7</identifier><language>eng</language><publisher>New York: Springer US</publisher><subject>Coding and Information Theory ; Computer Science ; Cryptography ; Cryptology ; Discrete Mathematics in Computer Science ; Knapsack problem ; Polynomials ; Security</subject><ispartof>Designs, codes, and cryptography, 2022-08, Vol.90 (8), p.1899-1936</ispartof><rights>The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2022</rights><rights>The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2022.</rights><rights>Distributed under a Creative Commons Attribution 4.0 International License</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c348t-a744e5b677f1aedcdbec4fd874c6c1380ddcc0e8a2130f2ec39675465096ecba3</cites><orcidid>0000-0002-3971-9368</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s10623-022-01083-7$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s10623-022-01083-7$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>230,314,776,780,881,27901,27902,41464,42533,51294</link.rule.ids><backlink>$$Uhttps://hal.science/hal-04535099$$DView record in HAL$$Hfree_for_read</backlink></links><search><creatorcontrib>Boudgoust, Katharina</creatorcontrib><creatorcontrib>Sakzad, Amin</creatorcontrib><creatorcontrib>Steinfeld, Ron</creatorcontrib><title>Vandermonde meets Regev: public key encryption schemes based on partial Vandermonde problems</title><title>Designs, codes, and cryptography</title><addtitle>Des. Codes Cryptogr</addtitle><description>PASS Encrypt is a lattice-based public key encryption scheme introduced by Hoffstein and Silverman (Des Codes Cryptogr 77(2–3):541–552, 2015). The efficiency and algebraic properties of  PASS Encrypt and of the underlying partial Vandermonde knapsack problem ( PV - Knap ) make them an attractive starting point for building efficient post-quantum cryptographic primitives. Recall that  PV - Knap asks to recover a polynomial of small norm from a partial list of its Vandermonde transform. Unfortunately, the security foundations of  PV - Knap -based encryption are not well understood, and in particular, no security proof for  PASS Encrypt is known. In this work, we make progress in this direction. First, we present a modified version of  PASS Encrypt with a security proof based on decision  PV - Knap and a leaky variant of it, named the  PASS problem. We next study an alternative approach to build encryption based on  PV - Knap . To this end, we introduce the partial Vandermonde  LWE problem ( PV - LWE ), which we show is computationally equivalent to  PV - Knap . Following Regev’s design for LWE -based encryption, we use  PV - LWE to construct an efficient encryption scheme. Its security is based on  PV - LWE and a hybrid variant of  PV - Knap and Polynomial  LWE . Finally, we give a refined analysis of the concrete security of both schemes against best known lattice attacks.</description><subject>Coding and Information Theory</subject><subject>Computer Science</subject><subject>Cryptography</subject><subject>Cryptology</subject><subject>Discrete Mathematics in Computer Science</subject><subject>Knapsack problem</subject><subject>Polynomials</subject><subject>Security</subject><issn>0925-1022</issn><issn>1573-7586</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><recordid>eNp9kE9LxDAQxYMouK5-AU8BTx6qk6RNWm_Loq6wIIh6EkKaTtdq_5l0F_bbm7WinrxMhsnvPR6PkFMGFwxAXXoGkosIOI-AQSoitUcmLFFhSVK5TyaQ8SRi4f-QHHn_BgBMAJ-Ql2fTFuiaLkzaIA6ePuAKN1e0X-d1Zek7bim21m37oepa6u0rNuhpbjwWNBx644bK1PSvT--6vMbGH5OD0tQeT77fKXm6uX6cL6Ll_e3dfLaMrIjTITIqjjHJpVIlM1jYIkcbl0WqYistEykUhbWAqeEhc8nRikyqJJYJZBJtbsSUnI--r6bWvasa47a6M5VezJZ6d4M4EYHONiywZyMbQn6s0Q_6rVu7NsTTXGZSphlnSaD4SFnXee-w_LFloHeN67FxHRrVX41rFURiFPkAtyt0v9b_qD4BWuiEKw</recordid><startdate>20220801</startdate><enddate>20220801</enddate><creator>Boudgoust, Katharina</creator><creator>Sakzad, Amin</creator><creator>Steinfeld, Ron</creator><general>Springer US</general><general>Springer Nature B.V</general><general>Springer Verlag</general><scope>AAYXX</scope><scope>CITATION</scope><scope>1XC</scope><scope>VOOES</scope><orcidid>https://orcid.org/0000-0002-3971-9368</orcidid></search><sort><creationdate>20220801</creationdate><title>Vandermonde meets Regev: public key encryption schemes based on partial Vandermonde problems</title><author>Boudgoust, Katharina ; Sakzad, Amin ; Steinfeld, Ron</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c348t-a744e5b677f1aedcdbec4fd874c6c1380ddcc0e8a2130f2ec39675465096ecba3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Coding and Information Theory</topic><topic>Computer Science</topic><topic>Cryptography</topic><topic>Cryptology</topic><topic>Discrete Mathematics in Computer Science</topic><topic>Knapsack problem</topic><topic>Polynomials</topic><topic>Security</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Boudgoust, Katharina</creatorcontrib><creatorcontrib>Sakzad, Amin</creatorcontrib><creatorcontrib>Steinfeld, Ron</creatorcontrib><collection>CrossRef</collection><collection>Hyper Article en Ligne (HAL)</collection><collection>Hyper Article en Ligne (HAL) (Open Access)</collection><jtitle>Designs, codes, and cryptography</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Boudgoust, Katharina</au><au>Sakzad, Amin</au><au>Steinfeld, Ron</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Vandermonde meets Regev: public key encryption schemes based on partial Vandermonde problems</atitle><jtitle>Designs, codes, and cryptography</jtitle><stitle>Des. Codes Cryptogr</stitle><date>2022-08-01</date><risdate>2022</risdate><volume>90</volume><issue>8</issue><spage>1899</spage><epage>1936</epage><pages>1899-1936</pages><issn>0925-1022</issn><eissn>1573-7586</eissn><abstract>PASS Encrypt is a lattice-based public key encryption scheme introduced by Hoffstein and Silverman (Des Codes Cryptogr 77(2–3):541–552, 2015). The efficiency and algebraic properties of  PASS Encrypt and of the underlying partial Vandermonde knapsack problem ( PV - Knap ) make them an attractive starting point for building efficient post-quantum cryptographic primitives. Recall that  PV - Knap asks to recover a polynomial of small norm from a partial list of its Vandermonde transform. Unfortunately, the security foundations of  PV - Knap -based encryption are not well understood, and in particular, no security proof for  PASS Encrypt is known. In this work, we make progress in this direction. First, we present a modified version of  PASS Encrypt with a security proof based on decision  PV - Knap and a leaky variant of it, named the  PASS problem. We next study an alternative approach to build encryption based on  PV - Knap . To this end, we introduce the partial Vandermonde  LWE problem ( PV - LWE ), which we show is computationally equivalent to  PV - Knap . Following Regev’s design for LWE -based encryption, we use  PV - LWE to construct an efficient encryption scheme. Its security is based on  PV - LWE and a hybrid variant of  PV - Knap and Polynomial  LWE . Finally, we give a refined analysis of the concrete security of both schemes against best known lattice attacks.</abstract><cop>New York</cop><pub>Springer US</pub><doi>10.1007/s10623-022-01083-7</doi><tpages>38</tpages><orcidid>https://orcid.org/0000-0002-3971-9368</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 0925-1022
ispartof Designs, codes, and cryptography, 2022-08, Vol.90 (8), p.1899-1936
issn 0925-1022
1573-7586
language eng
recordid cdi_hal_primary_oai_HAL_hal_04535099v1
source SpringerLink Journals - AutoHoldings
subjects Coding and Information Theory
Computer Science
Cryptography
Cryptology
Discrete Mathematics in Computer Science
Knapsack problem
Polynomials
Security
title Vandermonde meets Regev: public key encryption schemes based on partial Vandermonde problems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-08T17%3A53%3A39IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_hal_p&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Vandermonde%20meets%20Regev:%20public%20key%20encryption%20schemes%20based%20on%20partial%20Vandermonde%20problems&rft.jtitle=Designs,%20codes,%20and%20cryptography&rft.au=Boudgoust,%20Katharina&rft.date=2022-08-01&rft.volume=90&rft.issue=8&rft.spage=1899&rft.epage=1936&rft.pages=1899-1936&rft.issn=0925-1022&rft.eissn=1573-7586&rft_id=info:doi/10.1007/s10623-022-01083-7&rft_dat=%3Cproquest_hal_p%3E2696689215%3C/proquest_hal_p%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2696689215&rft_id=info:pmid/&rfr_iscdi=true