Improved Security Proofs in Lattice-Based Cryptography: Using the Rényi Divergence Rather Than the Statistical Distance

The Renyi divergence is a measure of closeness of two probability distributions. We show that it can often be used as an alternative to the statistical distance in security proofs for lattice-based cryptography. Using the Renyi divergence is particularly suited for security proofs of primitives in which the attacker is required to solve a search problem e.g., forging a signature. We show that it may also be used in the case of distinguishing problems e.g., semantic security of encryption schemes, when they enjoy a public sampleability property. The techniques lead to security proofs for schemes with smaller parameters, and sometimes to simpler security proofs than the existing ones.

[1]  Nico Döttling,et al.  Lossy Codes and a New Variant of the Learning-With-Errors Problem , 2013, EUROCRYPT.

[2]  Atsushi Takayasu,et al.  Tighter Security for Efficient Lattice Cryptography via the Rényi Divergence of Optimized Orders , 2015, ProvSec.

[3]  Chris Peikert,et al.  A Decade of Lattice Cryptography , 2016, Found. Trends Theor. Comput. Sci..

[4]  Silas Richelson,et al.  On the Hardness of Learning with Rounding over Small Modulus , 2016, TCC.

[5]  Tim Güneysu,et al.  Enhanced Lattice-Based Signatures on Reconfigurable Hardware , 2014, CHES.

[6]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.

[7]  Erdem Alkim,et al.  Post-quantum Key Exchange - A New Hope , 2016, USENIX Security Symposium.

[8]  Miklós Ajtai,et al.  Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.

[9]  Damien Stehlé,et al.  Classical hardness of learning with errors , 2013, STOC '13.

[10]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2009, JACM.

[11]  Daniele Micciancio,et al.  Pseudorandom Knapsacks and the Sample Complexity of LWE Search-to-Decision Reductions , 2011, CRYPTO.

[12]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[13]  Tanja Lange,et al.  Post-quantum cryptography , 2008, Nature.

[14]  Vadim Lyubashevsky,et al.  Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[15]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[16]  Abhishek Banerjee,et al.  Pseudorandom Functions and Lattices , 2012, EUROCRYPT.

[17]  Ron Steinfeld,et al.  GGHLite: More Efficient Multilinear Maps from Ideal Lattices , 2014, IACR Cryptol. ePrint Arch..

[18]  Peter Harremoës,et al.  Rényi Divergence and Kullback-Leibler Divergence , 2012, IEEE Transactions on Information Theory.

[19]  A. Rényi On Measures of Entropy and Information , 1961 .

[20]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[21]  Daniele Micciancio,et al.  Worst-case to average-case reductions based on Gaussian measures , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[22]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.

[23]  Marco Chiani,et al.  New exponential bounds and approximations for the computation of error probability in fading channels , 2003, IEEE Trans. Wirel. Commun..

[24]  Chris Peikert,et al.  Hardness of SIS and LWE with Small Parameters , 2013, CRYPTO.

[25]  Kousha Etessami,et al.  Recursive Markov chains, stochastic grammars, and monotone systems of nonlinear equations , 2005, JACM.

[26]  Ron Steinfeld,et al.  Hardness of k-LWE and Applications in Traitor Tracing , 2014, Algorithmica.

[27]  Léo Ducas,et al.  Lattice Signatures and Bimodal Gaussians , 2013, IACR Cryptol. ePrint Arch..

[28]  Stephan Krenn,et al.  Learning with Rounding, Revisited: New Reduction, Properties and Applications , 2013, IACR Cryptol. ePrint Arch..

[29]  Oded Regev,et al.  Lattice-Based Cryptography , 2006, CRYPTO.

[30]  Léo Ducas,et al.  Accelerating Bliss: the geometry of ternary polynomials , 2014, IACR Cryptol. ePrint Arch..