Keyword(s):Learning with Errors, Linear Programming, Integer Linear Programming, Galbraith’s Binary LWE.

Related
Ontology
Subjects/Areas/Topics:Applied Cryptography
;
Cryptographic Techniques and Key Management
;
Data Engineering
;
Data Integrity
;
Databases and Data Security
;
Information and Systems Security

Abstract: Unlike many widely used cryptosytems, Learning with Errors (LWE) - based cryptosystems are known to be invulnerable to quantum computers. Galbraith’s Binary LWE (GB-LWE) was proposed to reduce the large key size of the original LWE scheme by over two orders of magnitude. In GB-LWE, recovering the plaintext from the ciphertext involves solving for the binary vector x in the equation xA = b (A, a 640×256 binary matrix and b, a 256 element integer vector are knowns). Previously, lattice-based attacks on binary matrices larger than 400 × 256 were found to be infeasible. Linear programming was proposed and shown to handle significantly larger matrices but its success rate for 640 × 256 matrices was found to be negligible. Our strategy involves identification of regimes L, M and H within the output (based on LP relaxation) where the mis-prediction rates are low, medium or high respectively. Bits in the output vector are guessed and removed to create and solve a reduced instance. We report extensive experimental results on prediction accuracy and success probability as a function of number of bits removed in L, M and H. We identify trade-offs between lower execution time and greater probability of success. Our success probability is much higher than previous efforts and its execution time of 1 day with 150 cores is a partial response to the challenge posed in (Galbraith, 2013) to solve a random 640 × 256 instance using “current computing facilities in less than a year”.(More)

Unlike many widely used cryptosytems, Learning with Errors (LWE) - based cryptosystems are known to be invulnerable to quantum computers. Galbraith’s Binary LWE (GB-LWE) was proposed to reduce the large key size of the original LWE scheme by over two orders of magnitude. In GB-LWE, recovering the plaintext from the ciphertext involves solving for the binary vector x in the equation xA = b (A, a 640×256 binary matrix and b, a 256 element integer vector are knowns). Previously, lattice-based attacks on binary matrices larger than 400 × 256 were found to be infeasible. Linear programming was proposed and shown to handle significantly larger matrices but its success rate for 640 × 256 matrices was found to be negligible. Our strategy involves identification of regimes L, M and H within the output (based on LP relaxation) where the mis-prediction rates are low, medium or high respectively. Bits in the output vector are guessed and removed to create and solve a reduced instance. We report extensive experimental results on prediction accuracy and success probability as a function of number of bits removed in L, M and H. We identify trade-offs between lower execution time and greater probability of success. Our success probability is much higher than previous efforts and its execution time of 1 day with 150 cores is a partial response to the challenge posed in (Galbraith, 2013) to solve a random 640 × 256 instance using “current computing facilities in less than a year”.

Guests can use SciTePress Digital Library without having a SciTePress account. However, guests have limited access to downloading full text versions of papers and no access to special options.

Guests can use SciTePress Digital Library without having a SciTePress account. However, guests have limited access to downloading full text versions of papers and no access to special options.

Sanyashi, T.; Nahata, S.; Dhanesha, R. and Menezes, B. (2018). Learning Plaintext in Galbraith’s LWE Cryptosystem.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT, ISBN 978-989-758-319-3, pages 559-565. DOI: 10.5220/0006909407250731

@conference{secrypt18, author={Tikaram Sanyashi. and Sreyans Nahata. and Rushang Dhanesha. and Bernard Menezes.}, title={Learning Plaintext in Galbraith’s LWE Cryptosystem}, booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT,}, year={2018}, pages={559-565}, publisher={SciTePress}, organization={INSTICC}, doi={10.5220/0006909407250731}, isbn={978-989-758-319-3}, }

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT, TI - Learning Plaintext in Galbraith’s LWE Cryptosystem SN - 978-989-758-319-3 AU - Sanyashi, T. AU - Nahata, S. AU - Dhanesha, R. AU - Menezes, B. PY - 2018 SP - 559 EP - 565 DO - 10.5220/0006909407250731