Sampling from discrete Gaussians for lattice-based cryptography on a constrained device

被引:79
作者
Dwarakanath, Nagarjun C. [1 ]
Galbraith, Steven D. [2 ]
机构
[1] Indian Inst Technol, Gauhati, India
[2] Univ Auckland, Dept Math, Auckland, New Zealand
来源
APPLICABLE ALGEBRA IN ENGINEERING COMMUNICATION AND COMPUTING | 2014年 / 25卷 / 03期
关键词
Lattice-based cryptography; Sampling discrete gaussian distributions;
D O I
10.1007/s00200-014-0218-3
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
Modern lattice-based public-key cryptosystems require sampling from discrete Gaussian (normal) distributions. The paper surveys algorithms to implement such sampling efficiently, with particular focus on the case of constrained devices with small on-board storage and without access to large numbers of external random bits. We review lattice encryption schemes and signature schemes and their requirements for sampling from discrete Gaussians. Finally, we make some remarks on challenges and potential solutions for practical lattice-based cryptography.
引用
收藏
页码:159 / 180
页数:22
相关论文
共 25 条
[1]  
[Anonymous], ARXIV13036257
[2]  
[Anonymous], SOLVING LWE PROBLEM
[3]  
[Anonymous], 2010, Handbook of Mathematical Functions
[4]  
[Anonymous], P SAC IN PRESS
[5]  
[Anonymous], P SAC IN PRESS
[6]  
Arora S, 2011, LECT NOTES COMPUT SC, V6755, P403, DOI 10.1007/978-3-642-22006-7_34
[7]   Multipartite table methods [J].
de Dinechin, F ;
Tisserand, A .
IEEE TRANSACTIONS ON COMPUTERS, 2005, 54 (03) :319-330
[8]  
Detrey K, 2005, IEEE INT CONF ASAP, P328
[9]  
Devroye L., 1986, NONUNIFORM RANDOM VA
[10]  
Ducas L, 2013, LECT NOTES COMPUT SC, V8042, P40, DOI 10.1007/978-3-642-40041-4_3
123