Skip to main content
Conference ProceedingsOPEN ACCESS

Lazy modulus switching for the BKW algorithm on LWE

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2014) 8383 LNCS 429-445
DOI: 10.1007/978-3-642-54631-0_25
N/ACitations
Citations of this article
44Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Some recent constructions based on LWE do not sample the secret uniformly at random but rather from some distribution which produces small entries. The most prominent of these is the binary-LWE problem where the secret vector is sampled from {0,1}* or {-1,0,1}*. We present a variant of the BKW algorithm for binary-LWE and other small secret variants and show that this variant reduces the complexity for solving binary-LWE. We also give estimates for the cost of solving binary-LWE instances in this setting and demonstrate the advantage of this BKW variant over standard BKW and lattice reduction techniques applied to the SIS problem. Our variant can be seen as a combination of the BKW algorithm with a lazy variant of modulus switching which might be of independent interest. © 2014 Springer-Verlag Berlin Heidelberg.

Cite

CITATION STYLE

APA

Albrecht, M. R., Faugère, J. C., Fitzpatrick, R., & Perret, L. (2014). Lazy modulus switching for the BKW algorithm on LWE. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8383 LNCS, pp. 429–445). Springer Verlag. https://doi.org/10.1007/978-3-642-54631-0_25

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free