[Resource Topic] 2018/081: How to validate the secret of a Ring Learning with Errors (RLWE) key

Welcome to the resource topic for 2018/081

How to validate the secret of a Ring Learning with Errors (RLWE) key

Authors: Jintai Ding, Saraswathy RV, Saed Alsayigh, Crystal Clough


We use the signal function from RLWE key exchange to derive an efficient zero knowledge authentication protocol to validate an RLWE key p=as+e with secret s and error e in the Random Oracle Model (ROM). With this protocol, a verifier can validate that a key p presented to him by a prover P is of the form p=as+e with s,e small and that the prover knows s. We accompany the description of the protocol with proof to show that it has negligible soundness and completeness error. The soundness of our protocol relies directly on the hardness of the RLWE problem. The protocol is applicable for both LWE and RLWE but we focus on the RLWE based protocol for efficiency and practicality. We also present a variant of the main protocol with a commitment scheme to avoid using the ROM.

ePrint: https://eprint.iacr.org/2018/081

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .