Tweaking the asymmetry of asymmetric-key cryptography on lattices: KEMs and signatures of smaller sizes (Q2055683)

Lattice-based cryptosystems are seen as an alternative in post-quantum computing. They do share a disadvantage with multivariate cryptography, namely key and ciphertexts sizes, or lengths in bits. In this paper, the authors introduce an asymetric encryption method based on the problem learning with errors (LWE). This problem was introduced by \textit{O. Regev} [J. ACM 56, No. 6, Article No. 34, 40 p. (2009; Zbl 1325.68101)] and consists in recovering \(\mathfrak{s}\in\mathbb{Z}\) from a linear system \(\mathfrak{b}=A\mathfrak{s}+\mathfrak{e}\) when \((A,\mathfrak{b})\) are known as well as the probability distribution of \(\mathfrak{e}\) and it is related to find short integer solutions (SIS) in lattices over modular rings. Those problems are still hard for quantum computing, thus lattice-based cryptography is considered at present time as an alternative for post-quantum cryptography. The proposed schemes achieve great reductions in the lenghts of keys, ciphertexts and signatures through special modular maps and useful selection of parameters. The authors prove that the cipher schemes are secure against chosen cipertext-attacks and the signing protocols are secure against chosen message-attacks. Besides, several useful criteria are discussed in order to select several parameters to improve efficiency and robustness of the proposed methods. For the entire collection see [Zbl 1481.94004].