Classical hardness of learning with errors

@inproceedings{Brakerski2013ClassicalHO,
  title={Classical hardness of learning with errors},
  author={Zvika Brakerski and A. Langlois and Chris Peikert and O. Regev and D. Stehl{\'e}},
  booktitle={STOC '13},
  year={2013}
}
  • Zvika Brakerski, A. Langlois, +2 authors D. Stehlé
  • Published in STOC '13 2013
  • Mathematics, Computer Science
  • We show that the Learning with Errors (LWE) problem is classically at least as hard as standard worst-case lattice problems. Previously this was only known under quantum reductions. Our techniques capture the tradeoff between the dimension and the modulus of LWE instances, leading to a much better understanding of the landscape of the problem. The proof is inspired by techniques from several recent cryptographic constructions, most notably fully homomorphic encryption schemes. 
    479 Citations

    Figures and Topics from this paper

    Hardness of SIS and LWE with Small Parameters
    • 220
    • PDF
    Hardness of LWE on General Entropic Distributions
    • 7
    • PDF
    On the Hardness of Learning With Errors with Binary Secrets
    • 9
    • Highly Influenced
    • PDF
    Pseudorandomness of ring-LWE for any ring and modulus
    • 116
    • PDF
    Cryptography based on the Hardness of Decoding
    • 6
    • PDF
    On the concrete hardness of Learning with Errors
    • 369
    • PDF
    Learning with Errors in the Exponent
    • 7
    • PDF
    Towards Classical Hardness of Module-LWE: The Linear Rank Case
    • PDF

    References

    SHOWING 1-3 OF 3 REFERENCES
    Cryptographic Hardness for Learning Intersections of Halfspaces
    • 133
    • Highly Influential
    • PDF
    Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes
    • 267
    • Highly Influential
    • PDF
    Fully homomorphic encryption using ideal lattices
    • C. Gentry
    • Mathematics, Computer Science
    • STOC '09
    • 2009
    • 4,350
    • Highly Influential
    • PDF