We give new methods for generating and using "strong trapdoors" in cryptographic lattices, which are simultaneously simple, efficient, easy to implement (even in parallel), and asymptotically optimal with very small hidden constants.Expand

We show that finding small solutions to random modular linear equations is at least as hard as approximating several lattice problems in the worst case within a factor almost linear in the dimension of the lattice.Expand

We present a new method to homomorphically compute simple bit operations, and refresh (bootstrap) the resulting output, which runs on a personal computer in just about half a second.Expand

We show that solving modular linear equation on the average is at least as hard as approximating several lattice problems in the worst case within a factor almost linear in the rank of the lattice.Expand

An edited version of this paper appears in International Colloquium on Automata, Languages and Programming - Proceedings of ICALP 2006, Venice, Italy.Expand