Summary
The 2018 International Symposium on Information Theory and Its Applications (ISITA2018)
2018
Session Number:Tu-AM-1-2
Session:
Number:Tu-AM-1-2.1
An Experimental Analysis on Lattice Attacks against Ring-LWE over Decomposition Fields
Shota Terada, Hideto Nakano, Shinya Okumura, Atsuko Miyaji,
pp.306-310
Publication Date:2018/10/18
Online ISSN:2188-5079
DOI:10.34385/proc.55.Tu-AM-1-2.1
PDF download
Summary:
The ring variant of learning with errors (Ring-LWE) problem has provided efficient post-quantum cryptographic schemes including homomorphic encryption (HE) schemes. Usually, cyclotomic fields are used as underlying number fields of Ring-LWE from the viewpoints of efficiency and security. However, especially in the case of HE schemes, improving the efficiency and ensuring the security are important tasks even now. Arita and Handa proposed to use decomposition fields as underlying number fields of Ring-LWE and successfully constructed a HE scheme which can encrypt many plaintexts efficiently at a time. However, there is no enough evidence that decomposition fields do not provide weak Ring-LWE instances. In this paper, we give an experimental analysis on lattice attacks against Ring-LWE over decomposition fields. More precisely, we conducted lattice attacks against Ring-LWE over decomposition fields and over the ?-th cyclotomic fields with some prime numbers ?, respectively, and compared each of the running-time, the success rate and the root hermite factor. We also compared the results of the same attacks on various decomposition fields to find decomposition fields providing weak Ring-LWE instances. As a result of our analysis, we expect that decomposition fields would provide more secure and efficient HE schemes based on Ring-LWE compared to the ?-th cyclotomic fields.