Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

Ring/Module Learning with Errors Under Linear Leakage – Hardness and Applications

  • Conference paper
  • First Online:
Public-Key Cryptography – PKC 2024 (PKC 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14602))

Included in the following conference series:

  • 301 Accesses

Abstract

This paper studies the hardness of decision Module Learning with Errors (\(\textsf{MLWE}\)) under linear leakage, which has been used as a foundation to derive more efficient lattice-based zero-knowledge proofs in a recent paradigm of Lyubashevsky, Nguyen, and Seiler (PKC 21). Unlike in the plain \(\textsf{LWE}\) setting, it was unknown whether this problem remains provably hard in the module/ring setting.

This work shows a reduction from the standard search \(\textsf{MLWE}\) to decision \(\textsf{MLWE}\) with linear leakage. Thus, the main problem remains hard asymptotically as long as the non-leakage version of \(\textsf{MLWE}\) is hard. Additionally, we also refine the paradigm of Lyubashevsky, Nguyen, and Seiler (PKC 21) by showing a more fine-grained tradeoff between efficiency and leakage. This can lead to further optimizations of lattice proofs under the paradigm.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In fact, the work [36] only needs a slightly weaker version known as extended (R)LWE.

  2. 2.

    In the very recent work [33], while the full-splitting structure is not required to prove the \(\ell _2\) norm, it is still necessary to prove the \(\ell _\infty \) norm or the knowledge of the component-wise product of two vectors.

  3. 3.

    In fact, our leakage class in the main body is slightly more general, i.e., the leakage function can include slight multiplicative shifts. Nevertheless, this simplified version is sufficient to demonstrate our core ideas in the introduction.

  4. 4.

    For such function \(\mathcal {M}(\boldsymbol{v},\boldsymbol{z})=\exp \left( \frac{3\langle \boldsymbol{v},\boldsymbol{z}\rangle }{\alpha ^2}\right) \), the condition \(\mathcal {M}(\boldsymbol{v},\boldsymbol{z})\in [1,M]\) implies \(\langle \boldsymbol{z},\boldsymbol{v}\rangle \in [0,(\alpha ^2\cdot \ln M)/3]\).

  5. 5.

    Of course, the number of \(\hat{k}\) will affect the proof size of opening proof. Thus, we try to set it as small as possible.

References

  1. Abla, P., Liu, F.-H., Wang, H., Wang, Z.: Ring-based identity based encryption – asymptotically shorter MPK and tighter security. In: Nissim, K., Waters, B. (eds.) TCC 2021, Part III. LNCS, vol. 13044, pp. 157–187. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-90456-2_6

    Chapter  Google Scholar 

  2. Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (H)IBE in the standard model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 553–572. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_28

    Chapter  Google Scholar 

  3. Agrawal, S., Boneh, D., Boyen, X.: Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 98–115. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_6

    Chapter  Google Scholar 

  4. Alperin-Sheriff, J., Peikert, C.: Circular and KDM security for identity-based encryption. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 334–352. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30057-8_20

    Chapter  Google Scholar 

  5. Alwen, J., Krenn, S., Pietrzak, K., Wichs, D.: Learning with rounding, revisited - new reduction, properties and applications. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 57–74. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_4

    Chapter  Google Scholar 

  6. Applebaum, B., Cash, D., Peikert, C., Sahai, A.: Fast cryptographic primitives and circular-secure encryption based on hard learning problems. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 595–618. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_35

    Chapter  Google Scholar 

  7. Attema, T., Lyubashevsky, V., Seiler, G.: Practical product proofs for lattice commitments. In: Micciancio and Ristenpart [40], pp. 470–499 (2020). https://doi.org/10.1007/978-3-030-56880-1_17

  8. Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Math. Ann. 296(1), 625–635 (1993)

    Article  MathSciNet  Google Scholar 

  9. Baum, C., Damgård, I., Lyubashevsky, V., Oechsner, S., Peikert, C.: More efficient commitments from structured lattice assumptions. In: Catalano, D., De Prisco, R. (eds.) SCN 2018. LNCS, vol. 11035, pp. 368–385. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98113-0_20

    Chapter  Google Scholar 

  10. Boldyreva, A., Micciancio, D. (eds.): CRYPTO 2019, Part I. LNCS, vol. 11692. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-030-26948-7

    Book  Google Scholar 

  11. Bootle, J., Lyubashevsky, V., Seiler, G.: Algebraic techniques for short(er) exact lattice-based zero-knowledge proofs. In: Boldyreva and Micciancio [10], pp. 176–202 (2019). https://doi.org/10.1007/978-3-030-26948-7_7

  12. Boudgoust, K., Jeudy, C., Roux-Langlois, A., Wen, W.: On the hardness of module-LWE with binary secret. In: Paterson, K.G. (ed.) CT-RSA 2021. LNCS, vol. 12704, pp. 503–526. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75539-3_21

    Chapter  Google Scholar 

  13. Boudgoust, K., Jeudy, C., Roux-Langlois, A., Wen, W.: On the hardness of module learning with errors with short distributions. Cryptology ePrint Archive, Paper 2022/472 (2022). https://eprint.iacr.org/2022/472

  14. Brakerski, Z.: Fully homomorphic encryption without modulus switching from classical GapSVP. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 868–886. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_50

    Chapter  Google Scholar 

  15. Brakerski, Z., Döttling, N.: Lossiness and entropic hardness for ring-LWE. In: Pass, R., Pietrzak, K. (eds.) TCC 2020, Part I. LNCS, vol. 12550, pp. 1–27. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64375-1_1

    Chapter  Google Scholar 

  16. Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: Goldwasser, S. (ed.) ITCS 2012, pp. 309–325. ACM (2012)

    Google Scholar 

  17. Cheon, J.H., Takagi, T. (eds.): ASIACRYPT 2016, Part II. LNCS, vol. 10032. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6

    Book  Google Scholar 

  18. Dachman-Soled, D., Ducas, L., Gong, H., Rossi, M.: LWE with side information: attacks and concrete security estimation. In: Micciancio and Ristenpart [40], pp. 329–358 (2020). https://doi.org/10.1007/978-3-030-56880-1_12

  19. del Pino, R., Katsumata, S.: A new framework for more efficient round-optimal lattice-based (partially) blind signature via trapdoor sampling. In: Dodis and Shrimpton [21], pp. 306–336 (2022). https://doi.org/10.1007/978-3-031-15979-4_11

  20. del Pino, R., Lyubashevsky, V., Seiler, G.: Lattice-based group signatures and zero-knowledge proofs of automorphism stability. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 574–591. ACM Press (2018)

    Google Scholar 

  21. Dodis, Y., Shrimpton, T. (eds.): CRYPTO 2022, Part II. LNCS, vol. 13508. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-15979-4

    Book  Google Scholar 

  22. Döttling, N., Kolonelos, D., Lai, R.W.F., Lin, C., Malavolta, G., Rahimi, A.: Efficient laconic cryptography from learning with errors. Cryptology ePrint Archive, Paper 2023/404 (2023). https://eprint.iacr.org/2023/404

  23. Esgin, M.F., Nguyen, N.K., Seiler, G.: Practical exact proofs from lattices: new techniques to exploit fully-splitting rings. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020, Part II. LNCS, vol. 12492, pp. 259–288. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64834-3_9

    Chapter  Google Scholar 

  24. Esgin, M.F., Steinfeld, R., Liu, J.K., Liu, D.: Lattice-based zero-knowledge proofs: new techniques for shorter and faster constructions and applications. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 115–146. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_5

    Chapter  Google Scholar 

  25. Esgin, M.F., Zhao, R.K., Steinfeld, R., Liu, J.K., Liu, D.: MatRiCT: efficient, scalable and post-quantum blockchain confidential transactions protocol. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 567–584. ACM Press (2019)

    Google Scholar 

  26. Gilbert, H. (ed.): EUROCRYPT 2010. LNCS, vol. 6110. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5

  27. Katsumata, S., Yamada, S.: Partitioning via non-linear polynomial functions: more compact IBEs from ideal lattices and bilinear maps. In: Cheon and Takagi [17], pp. 682–712 (2016). https://doi.org/10.1007/978-3-662-53890-6_23

  28. Kim, D., Lee, D., Seo, J., Song, Y.: Toward practical lattice-based proof of knowledge from hint-mlwe. Cryptology ePrint Archive, Paper 2023/623 (2023). https://eprint.iacr.org/2023/623

  29. Langlois, A., Stehle, D.: Worst-case to average-case reductions for module lattices. Des. Codes Cryptogr. (2015)

    Google Scholar 

  30. Libert, B., Ling, S., Mouhartem, F., Nguyen, K., Wang, H.: Signature schemes with efficient protocols and dynamic group signatures from lattice assumptions. In: Cheon and Takagi [17], pp. 373–403 (2016). https://doi.org/10.1007/978-3-662-53890-6_13

  31. Liu, F.-H., Wang, Z.: Rounding in the rings. In: Micciancio and Ristenpart [40], pp. 296–326 (2020). https://doi.org/10.1007/978-3-030-56880-1_11

  32. Lyubashevsky, V.: Lattice signatures without trapdoors. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 738–755. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_43

    Chapter  Google Scholar 

  33. Lyubashevsky, V., Nguyen, N.K., Plançon, M.: Lattice-based zero-knowledge proofs and applications: shorter, simpler, and more general. In: Dodis and Shrimpton [21], pp. 71–101 (2022). https://doi.org/10.1007/978-3-031-15979-4_3

  34. Lyubashevsky, V., Nguyen, N.K., Plancon, M., Seiler, G.: Shorter lattice-based group signatures via “Almost Free’’ encryption and other optimizations. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021, Part IV. LNCS, vol. 13093, pp. 218–248. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92068-5_8

    Chapter  Google Scholar 

  35. Lyubashevsky, V., Nguyen, N.K., Seiler, G.: Practical lattice-based zero-knowledge proofs for integer relations. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) ACM CCS 2020, pp. 1051–1070. ACM Press (2020)

    Google Scholar 

  36. Lyubashevsky, V., Nguyen, N.K., Seiler, G.: Shorter lattice-based zero-knowledge proofs via one-time commitments. In: Garay, J.A. (ed.) PKC 2021, Part I. LNCS, vol. 12710, pp. 215–241. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75245-3_9

    Chapter  Google Scholar 

  37. Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert [26], pp. 1–23 (2010). https://doi.org/10.1007/978-3-642-13190-5_1

  38. Lyubashevsky, V., Peikert, C., Regev, O.: A toolkit for ring-LWE cryptography. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 35–54. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_3

    Chapter  Google Scholar 

  39. Lyubashevsky, V., Seiler, G.: Short, invertible elements in partially splitting cyclotomic rings and applications to lattice-based zero-knowledge proofs. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part I. LNCS, vol. 10820, pp. 204–224. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78381-9_8

    Chapter  Google Scholar 

  40. Micciancio, D., Ristenpart, T. (eds.): CRYPTO 2020, Part II. LNCS, vol. 12171. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-030-56880-1

    Book  Google Scholar 

  41. O’Neill, A., Peikert, C., Waters, B.: Bi-deniable public-key encryption. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 525–542. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_30

    Chapter  Google Scholar 

  42. Peikert, C.: A decade of lattice cryptography. Cryptology ePrint Archive, Report 2015/939 (2015). https://eprint.iacr.org/2015/939

  43. Peikert, C., Shiehian, S.: Noninteractive zero knowledge for NP from (plain) learning with errors. In: Boldyreva and Micciancio [10], pp. 89–114 (2019). https://doi.org/10.1007/978-3-030-26948-7_4

  44. Stehlé, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617–635. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_36

    Chapter  Google Scholar 

  45. Yamada, S.: Adaptively secure identity-based encryption from lattices with asymptotically shorter public parameters. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 32–62. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_2

    Chapter  Google Scholar 

  46. Yamada, S.: Asymptotically compact adaptively secure lattice IBEs and verifiable random functions via generalized partitioning techniques. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part III. LNCS, vol. 10403, pp. 161–193. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63697-9_6

    Chapter  Google Scholar 

Download references

Acknowledgement

We would like to thank the reviewers of PKC 2024 for their insightful advices. Zhedong Wang is supported by National Natural Science Foundation of China (Grant No. 62202305), Young Elite Scientists Sponsorship Program by China Association for Science and Technology (YESS20220150), Shanghai Pujiang Program under Grant 22PJ1407700, and Shanghai Science and Technology Innovation Action Plan (No. 23511100300). Qiqi Lai is supported by the National Natural Science Foundation of China (Grant No. 62172266). Feng-Hao Liu is supported by the NSF Career Award CNS-2402031.

Author information

Authors and Affiliations

  1. School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai, China

    Zhedong Wang

  2. State Key Laboratory of Cryptology, P. O. Box 5159, Beijing, 100878, China

    Zhedong Wang & Qiqi Lai

  3. School of Computer Science, Shaanxi Normal University, Xi’an, China

    Qiqi Lai

  4. Washington State University, Pullman, WA, USA

    Feng-Hao Liu

Authors
  1. Zhedong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qiqi Lai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Feng-Hao Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qiqi Lai .

Editor information

Editors and Affiliations

  1. The University of Sydney, Sydney, NSW, Australia

    Qiang Tang

  2. The Australian National University, Acton, ACT, Australia

    Vanessa Teague

Rights and permissions

Reprints and permissions

Copyright information

© 2024 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wang, Z., Lai, Q., Liu, FH. (2024). Ring/Module Learning with Errors Under Linear Leakage – Hardness and Applications. In: Tang, Q., Teague, V. (eds) Public-Key Cryptography – PKC 2024. PKC 2024. Lecture Notes in Computer Science, vol 14602. Springer, Cham. https://doi.org/10.1007/978-3-031-57722-2_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-57722-2_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-57721-5

  • Online ISBN: 978-3-031-57722-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation