CryptoDB
Ring/Module Learning with Errors under Linear Leakage - Hardness and Applications
| Authors: |
|
|---|---|
| Download: | |
| Presentation: | Slides |
| Conference: | PKC 2024 |
| Abstract: | This paper studies the hardness of decision Module Learning with Errors (MLWE) under linear leakage, which has been used as a foundation to derive more efficient lattice-based zero-knowledge proofs in a recent paradigm of Lyubashevsky, Nguyen, and Seiler (PKC 21). Unlike in the plain LWE setting, it was unknown whether this problem remains provably hard in the module/ring setting. This work shows a reduction from the search MLWE to decision MLWE with linear leakage. Thus, the main problem remains hard asymptotically as long as the non-leakage version of MLWE is hard. Additionally, we also refine the paradigm of Lyubashevsky, Nguyen, and Seiler (PKC 21) by showing a more fine-grained tradeoff between efficiency and leakage. This can lead to further optimizations of lattice proofs under the paradigm. |
BibTeX
@inproceedings{pkc-2024-33745,
title={Ring/Module Learning with Errors under Linear Leakage - Hardness and Applications},
publisher={Springer-Verlag},
author={Zhedong Wang and Qiqi Lai and Feng-Hao Liu},
year=2024
}