CDT-Based Gaussian Sampling: From Multi to Double Precision

CDT-Based Gaussian Sampling: From Multi to Double Precision

The Rényi divergence is a measure of closeness of two probability distributions which has found several applications over the last years as an alternative to the statistical distance in lattice-based cryptography. A tight bound has recently been presented for the Rényi divergence of distributions th...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on computers 2018-11, Vol.67 (11), p.1610-1621
Hauptverfasser: Aguilar-Melchor, Carlos, Ricosset, Thomas
Format: Artikel
Sprache:eng
Schlagworte:
Algorithms
Cryptography
Distribution functions
Divergence
Floating point arithmetic
Gaussian distribution
Gaussian sampling
Lattices
Parameter modification
Probability distribution
Sampling
signature
Special issues and sections
Statistical analysis
trapdoor
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 1621
container_issue 11
container_start_page 1610
container_title IEEE transactions on computers
container_volume 67
creator Aguilar-Melchor, Carlos
Ricosset, Thomas
description The Rényi divergence is a measure of closeness of two probability distributions which has found several applications over the last years as an alternative to the statistical distance in lattice-based cryptography. A tight bound has recently been presented for the Rényi divergence of distributions that have a bounded relative error. We show that it can be used to bound the precision requirement in Gaussian sampling to the IEEE 754 floating-point standard double precision for usual lattice-based signature parameters by using a modified cumulative distribution table (CDT), which reduces the memory needed by CDT-based algorithms and, makes their constant-time implementation faster and simpler. Then, we apply this approach to a variable-center variant of the CDT algorithm which occasionally requires the online computation of the cumulative distribution function. As a result, the amount of costly floating-point operations is drastically decreased, which makes the constant-time and cache-resistant variants of this algorithm viable and efficient. Finally, we provide some experimental results indicating that comparing to rejection sampling our approach increases the GPV signature rate by a factor 4 to 8 depending on the security parameter.
doi_str_mv 10.1109/TC.2018.2807839
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_8295226</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8295226</ieee_id><sourcerecordid>2117184874</sourcerecordid><originalsourceid>FETCH-LOGICAL-c289t-f469f12bf796420d746c1ac082dc35b3d96eb58c05f6e1e3a01dcf4f1618ae9d3</originalsourceid><addsrcrecordid>eNo9kDFPwzAQhS0EEqUwM7BEYk57ZyeODROktCAVgUSYLcexUao0KXYy9N-TqhXTDe9776SPkFuEGSLIeZHPKKCYUQGZYPKMTDBNs1jKlJ-TCYxRLFkCl-QqhA0AcApyQh7zRRE_62CraKWHEGrdRl96u2vq9uchWvpuG70PTV9HfRctuqFsbPTpralD3bXX5MLpJtib052S7-VLkb_G64_VW_60jg0Vso9dwqVDWrpM8oRClSXcoDYgaGVYWrJKclumwkDquEXLNGBlXOKQo9BWVmxK7o-7O9_9Djb0atMNvh1fKoqYoUhElozU_EgZ34XgrVM7X2-13ysEdTCkilwdDKmTobFxd2zU1tp_WlCZUsrZH6bQX8c</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2117184874</pqid></control><display><type>article</type><title>CDT-Based Gaussian Sampling: From Multi to Double Precision</title><source>IEEE Electronic Library Online</source><creator>Aguilar-Melchor, Carlos ; Ricosset, Thomas</creator><creatorcontrib>Aguilar-Melchor, Carlos ; Ricosset, Thomas</creatorcontrib><description>The Rényi divergence is a measure of closeness of two probability distributions which has found several applications over the last years as an alternative to the statistical distance in lattice-based cryptography. A tight bound has recently been presented for the Rényi divergence of distributions that have a bounded relative error. We show that it can be used to bound the precision requirement in Gaussian sampling to the IEEE 754 floating-point standard double precision for usual lattice-based signature parameters by using a modified cumulative distribution table (CDT), which reduces the memory needed by CDT-based algorithms and, makes their constant-time implementation faster and simpler. Then, we apply this approach to a variable-center variant of the CDT algorithm which occasionally requires the online computation of the cumulative distribution function. As a result, the amount of costly floating-point operations is drastically decreased, which makes the constant-time and cache-resistant variants of this algorithm viable and efficient. Finally, we provide some experimental results indicating that comparing to rejection sampling our approach increases the GPV signature rate by a factor 4 to 8 depending on the security parameter.</description><identifier>ISSN: 0018-9340</identifier><identifier>EISSN: 1557-9956</identifier><identifier>DOI: 10.1109/TC.2018.2807839</identifier><identifier>CODEN: ITCOB4</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Algorithms ; Cryptography ; Distribution functions ; Divergence ; Floating point arithmetic ; Gaussian distribution ; Gaussian sampling ; Lattices ; Parameter modification ; Probability distribution ; Sampling ; signature ; Special issues and sections ; Statistical analysis ; trapdoor</subject><ispartof>IEEE transactions on computers, 2018-11, Vol.67 (11), p.1610-1621</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2018</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c289t-f469f12bf796420d746c1ac082dc35b3d96eb58c05f6e1e3a01dcf4f1618ae9d3</citedby><cites>FETCH-LOGICAL-c289t-f469f12bf796420d746c1ac082dc35b3d96eb58c05f6e1e3a01dcf4f1618ae9d3</cites><orcidid>0000-0002-8841-1087 ; 0000-0003-2745-884X</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8295226$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>315,781,785,797,27926,27927,54760</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8295226$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Aguilar-Melchor, Carlos</creatorcontrib><creatorcontrib>Ricosset, Thomas</creatorcontrib><title>CDT-Based Gaussian Sampling: From Multi to Double Precision</title><title>IEEE transactions on computers</title><addtitle>TC</addtitle><description>The Rényi divergence is a measure of closeness of two probability distributions which has found several applications over the last years as an alternative to the statistical distance in lattice-based cryptography. A tight bound has recently been presented for the Rényi divergence of distributions that have a bounded relative error. We show that it can be used to bound the precision requirement in Gaussian sampling to the IEEE 754 floating-point standard double precision for usual lattice-based signature parameters by using a modified cumulative distribution table (CDT), which reduces the memory needed by CDT-based algorithms and, makes their constant-time implementation faster and simpler. Then, we apply this approach to a variable-center variant of the CDT algorithm which occasionally requires the online computation of the cumulative distribution function. As a result, the amount of costly floating-point operations is drastically decreased, which makes the constant-time and cache-resistant variants of this algorithm viable and efficient. Finally, we provide some experimental results indicating that comparing to rejection sampling our approach increases the GPV signature rate by a factor 4 to 8 depending on the security parameter.</description><subject>Algorithms</subject><subject>Cryptography</subject><subject>Distribution functions</subject><subject>Divergence</subject><subject>Floating point arithmetic</subject><subject>Gaussian distribution</subject><subject>Gaussian sampling</subject><subject>Lattices</subject><subject>Parameter modification</subject><subject>Probability distribution</subject><subject>Sampling</subject><subject>signature</subject><subject>Special issues and sections</subject><subject>Statistical analysis</subject><subject>trapdoor</subject><issn>0018-9340</issn><issn>1557-9956</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kDFPwzAQhS0EEqUwM7BEYk57ZyeODROktCAVgUSYLcexUao0KXYy9N-TqhXTDe9776SPkFuEGSLIeZHPKKCYUQGZYPKMTDBNs1jKlJ-TCYxRLFkCl-QqhA0AcApyQh7zRRE_62CraKWHEGrdRl96u2vq9uchWvpuG70PTV9HfRctuqFsbPTpralD3bXX5MLpJtib052S7-VLkb_G64_VW_60jg0Vso9dwqVDWrpM8oRClSXcoDYgaGVYWrJKclumwkDquEXLNGBlXOKQo9BWVmxK7o-7O9_9Djb0atMNvh1fKoqYoUhElozU_EgZ34XgrVM7X2-13ysEdTCkilwdDKmTobFxd2zU1tp_WlCZUsrZH6bQX8c</recordid><startdate>20181101</startdate><enddate>20181101</enddate><creator>Aguilar-Melchor, Carlos</creator><creator>Ricosset, Thomas</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-8841-1087</orcidid><orcidid>https://orcid.org/0000-0003-2745-884X</orcidid></search><sort><creationdate>20181101</creationdate><title>CDT-Based Gaussian Sampling: From Multi to Double Precision</title><author>Aguilar-Melchor, Carlos ; Ricosset, Thomas</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c289t-f469f12bf796420d746c1ac082dc35b3d96eb58c05f6e1e3a01dcf4f1618ae9d3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Algorithms</topic><topic>Cryptography</topic><topic>Distribution functions</topic><topic>Divergence</topic><topic>Floating point arithmetic</topic><topic>Gaussian distribution</topic><topic>Gaussian sampling</topic><topic>Lattices</topic><topic>Parameter modification</topic><topic>Probability distribution</topic><topic>Sampling</topic><topic>signature</topic><topic>Special issues and sections</topic><topic>Statistical analysis</topic><topic>trapdoor</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Aguilar-Melchor, Carlos</creatorcontrib><creatorcontrib>Ricosset, Thomas</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005–Present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998–Present</collection><collection>IEEE Electronic Library Online</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on computers</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Aguilar-Melchor, Carlos</au><au>Ricosset, Thomas</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>CDT-Based Gaussian Sampling: From Multi to Double Precision</atitle><jtitle>IEEE transactions on computers</jtitle><stitle>TC</stitle><date>2018-11-01</date><risdate>2018</risdate><volume>67</volume><issue>11</issue><spage>1610</spage><epage>1621</epage><pages>1610-1621</pages><issn>0018-9340</issn><eissn>1557-9956</eissn><coden>ITCOB4</coden><abstract>The Rényi divergence is a measure of closeness of two probability distributions which has found several applications over the last years as an alternative to the statistical distance in lattice-based cryptography. A tight bound has recently been presented for the Rényi divergence of distributions that have a bounded relative error. We show that it can be used to bound the precision requirement in Gaussian sampling to the IEEE 754 floating-point standard double precision for usual lattice-based signature parameters by using a modified cumulative distribution table (CDT), which reduces the memory needed by CDT-based algorithms and, makes their constant-time implementation faster and simpler. Then, we apply this approach to a variable-center variant of the CDT algorithm which occasionally requires the online computation of the cumulative distribution function. As a result, the amount of costly floating-point operations is drastically decreased, which makes the constant-time and cache-resistant variants of this algorithm viable and efficient. Finally, we provide some experimental results indicating that comparing to rejection sampling our approach increases the GPV signature rate by a factor 4 to 8 depending on the security parameter.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TC.2018.2807839</doi><tpages>12</tpages><orcidid>https://orcid.org/0000-0002-8841-1087</orcidid><orcidid>https://orcid.org/0000-0003-2745-884X</orcidid></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 0018-9340
ispartof IEEE transactions on computers, 2018-11, Vol.67 (11), p.1610-1621
issn 0018-9340
1557-9956
language eng
recordid cdi_ieee_primary_8295226
source IEEE Electronic Library Online
subjects Algorithms
Cryptography
Distribution functions
Divergence
Floating point arithmetic
Gaussian distribution
Gaussian sampling
Lattices
Parameter modification
Probability distribution
Sampling
signature
Special issues and sections
Statistical analysis
trapdoor
title CDT-Based Gaussian Sampling: From Multi to Double Precision
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-17T16%3A12%3A32IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=CDT-Based%20Gaussian%20Sampling:%20From%20Multi%20to%20Double%20Precision&rft.jtitle=IEEE%20transactions%20on%20computers&rft.au=Aguilar-Melchor,%20Carlos&rft.date=2018-11-01&rft.volume=67&rft.issue=11&rft.spage=1610&rft.epage=1621&rft.pages=1610-1621&rft.issn=0018-9340&rft.eissn=1557-9956&rft.coden=ITCOB4&rft_id=info:doi/10.1109/TC.2018.2807839&rft_dat=%3Cproquest_RIE%3E2117184874%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2117184874&rft_id=info:pmid/&rft_ieee_id=8295226&rfr_iscdi=true