[Resource Topic] 2017/1127: On the Leakage Resilience of Ring-LWE Based Public Key Encryption

Welcome to the resource topic for 2017/1127

Title:
On the Leakage Resilience of Ring-LWE Based Public Key Encryption

Authors: Dana Dachman-Soled, Huijing Gong, Mukul Kulkarni, Aria Shahverdi

Abstract:

We consider the leakage resilience of the Ring-LWE analogue of the Dual-Regev encryption scheme (R-Dual-Regev for short), originally presented by Lyubashevsky et al.~(Eurocrypt '13). Specifically, we would like to determine whether the R-Dual-Regev encryption scheme remains IND-CPA secure, even in the case where an attacker leaks information about the secret key. We consider the setting where R is the ring of integers of the m-th cyclotomic number field, for m which is a power-of-two, and the Ring-LWE modulus is set to q \equiv 1 \mod m. This is the common setting used in practice and is desirable in terms of the efficiency and simplicity of the scheme. Unfortunately, in this setting R_q is very far from being a field so standard techniques for proving leakage resilience in the general lattice setting, which rely on the leftover hash lemma, do not apply. Therefore, new techniques must be developed. In this work, we put forth a high-level approach for proving the leakage resilience of the R-Dual-Regev scheme, by generalizing the original proof of Lyubashevsky et al.~(Eurocrypt '13). We then give three instantiations of our approach, proving that the R-Dual-Regev remains IND-CPA secure in the presence of three natural, non-adaptive leakage classes.

ePrint: https://eprint.iacr.org/2017/1127

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .