TY - GEN
T1 - SPRING
T2 - 21st International Workshop on Fast Software Encryption, FSE 2014
AU - Banerjee, Abhishek
AU - Brenner, Hai
AU - Leurent, Gaëtan
AU - Peikert, Chris
AU - Rosen, Alon
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2015.
PY - 2015/1/1
Y1 - 2015/1/1
N2 - Recently, Banerjee, Peikert and Rosen (EUROCRYPT 2012) proposed new theoretical pseudorandom function candidates based on “rounded products” in certain polynomial rings, which have rigorously provable security based on worst-case lattice problems. The functions also enjoy algebraic properties that make them highly parallelizable and attractive for modern applications, such as evaluation under homomorphic encryption schemes. However, the parameters required by BPR’s security proofs are too large for practical use, and many other practical aspects of the design were left unexplored in that work. In this work we give two concrete and practically efficient instantiations of the BPR design, which we call SPRING, for “subset-product with rounding over a ring.” One instantiation uses a generator matrix of a binary BCH error-correcting code to “determinstically extract” nearly random bits from a (biased) rounded subset-product. The second instantiation eliminates bias by working over suitable moduli and decomposing the computation into “Chinese remainder” components. We analyze the concrete security of these instantiations, and provide initial software implementations whose throughputs are within small factors (as small as 4.5) of those of AES.
AB - Recently, Banerjee, Peikert and Rosen (EUROCRYPT 2012) proposed new theoretical pseudorandom function candidates based on “rounded products” in certain polynomial rings, which have rigorously provable security based on worst-case lattice problems. The functions also enjoy algebraic properties that make them highly parallelizable and attractive for modern applications, such as evaluation under homomorphic encryption schemes. However, the parameters required by BPR’s security proofs are too large for practical use, and many other practical aspects of the design were left unexplored in that work. In this work we give two concrete and practically efficient instantiations of the BPR design, which we call SPRING, for “subset-product with rounding over a ring.” One instantiation uses a generator matrix of a binary BCH error-correcting code to “determinstically extract” nearly random bits from a (biased) rounded subset-product. The second instantiation eliminates bias by working over suitable moduli and decomposing the computation into “Chinese remainder” components. We analyze the concrete security of these instantiations, and provide initial software implementations whose throughputs are within small factors (as small as 4.5) of those of AES.
KW - Lattices
KW - Learning with rounding
KW - Noisy learning problems
KW - Pseudorandom functions
UR - http://www.scopus.com/inward/record.url?scp=84942514495&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-46706-0_3
DO - 10.1007/978-3-662-46706-0_3
M3 - Conference contribution
AN - SCOPUS:84942514495
SN - 9783662467053
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 38
EP - 57
BT - Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers
A2 - Cid, Carlos
A2 - Rechberger, Christian
PB - Springer Verlag
Y2 - 3 March 2014 through 5 March 2014
ER -