Daniele Micciancio

Learn More
We show that solving modular linear equation on the average is at least as hard as approximating several lattice problems in the worst case within a factor almost linear in the rank of the lattice. The lattice problems we consider are the shortest vector problem, the shortest independent vectors problem and the covering radius problem. The approximation(More)
This paper provides theoretical foundations for the group signature primitive. We introduce strong, formal definitions for the core requirements of anonymity and traceability. We then show that these imply the large set of sometimes ambiguous existing informal requirements in the literature, thereby unifying and simplifying the requirements for this(More)
Multicast communication is becoming the basis for a growing number of applications. It is therefore critical to provide sound security mechanisms for multicast communication. Yet, existing security protocols for multicast offer only partial solutions. We first present a taxonomy of multicast scenarios on the Internet and point out relevant security(More)
We give new methods for generating and using “strong trapdoors” in cryptographic lattices, which are simultaneously simple, efficient, easy to implement (even in parallel), and asymptotically optimal with very small hidden constants. Our methods involve a new kind of trapdoor, and include specialized algorithms for inverting LWE, randomly sampling SIS(More)
We present a simple, new paradigm for the design of collision-free hash functions. Any function emanating from this paradigm is incremental. (This means that if a message x which I have previously hashed is modi ed to x0 then rather than having to re-compute the hash of x 0 from scratch, I can quickly \update" the old hash value to the new one, in time(More)
In this chapter we describe some of the recent progress in lattice-based cryptography. Lattice-based cryptographic constructions hold a great promise for post-quantum cryptography, as they enjoy very strong security proofs based on worst-case hardness, relatively efficient implementations, as well as great simplicity. In addition, lattice-based cryptography(More)
We present a general method to prove security properties of cryptographic protocols against active adversaries, when the messages exchanged by the honest parties are arbitrary expressions built using encryption and concatenation operations. The method allows to express security properties and carry out proofs using a simple logic based language, where(More)
We present new faster algorithms for the exact solution of the shortest vector problem in arbitrary lattices. Our main result shows that the shortest vector in any <i>n</i>-dimensional lattice can be found in time 2<sup>3.199<i>n</i></sup> (and space 2<sup>1.325<i>n</i></sup>), or in space 2<sup>1.095<i>n</i></sup> (and still time 2<sup><i>O(n)</i></sup>).(More)
The generalized knapsack problem is the following: given m random elements a1, . . . , am in a ring R, and a target t ∈ R, find z1, . . . , zm ∈ D such that P aizi = t, where D is some fixed subset of R. In (Micciancio, FOCS 2002) it was proved that for appropriate choices of R and D, solving the generalized compact knapsack problem on the average is as(More)
We give deterministic ~O(2<sup>2n+o(n)</sup>)-time algorithms to solve all the most important computational problems on point lattices in NP, including the Shortest Vector Problem (SVP), Closest Vector Problem (CVP), and Shortest Independent Vectors Problem (SIVP). This improves the n<sup>O(n)</sup> running time of the best previously known algorithms for(More)