Hostname: page-component-78c5997874-m6dg7 Total loading time: 0 Render date: 2024-11-15T18:26:59.522Z Has data issue: false hasContentIssue false

Algorithms for the approximate common divisor problem

Published online by Cambridge University Press:  26 August 2016

Steven D. Galbraith
Affiliation:
Mathematics Department, University of Auckland, New Zealand email S.Galbraith@math.auckland.ac.nz
Shishay W. Gebregiyorgis
Affiliation:
Mathematics Department, University of Auckland, New Zealand email sgeb522@aucklanduni.ac.nz
Sean Murphy
Affiliation:
Royal Holloway, University of London, United Kingdom email S.Murphy@rhul.ac.uk

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

The security of several homomorphic encryption schemes depends on the hardness of variants of the approximate common divisor (ACD) problem. We survey and compare a number of lattice-based algorithms for the ACD problem, with particular attention to some very recently proposed variants of the ACD problem. One of our main goals is to compare the multivariate polynomial approach with other methods. We find that the multivariate polynomial approach is not better than the orthogonal lattice algorithm for practical cryptanalysis.

We also briefly discuss a sample-amplification technique for ACD samples and a pre-processing algorithm similar to the Blum–Kalai–Wasserman algorithm for learning parity with noise. The details of this work are given in the full version of the paper.

MSC classification

Type
Research Article
Copyright
© The Author(s) 2016 

References

Ajtai, M., ‘Generating random lattices according to the invariant distribution’, Preprint, 2006.Google Scholar
Blum, A., Kalai, A. and Wasserman, H., ‘Noise-tolerant learning, the parity problem, and the statistical query model’, J. ACM 50 (2003) no. 4, 506519.Google Scholar
Chen, Y. and Nguyen., P. Q., ‘Faster algorithms for approximate common divisors: breaking fully homomorphic encryption challenges over the integers’, EUROCRYPT’12 , Lecture Notes in Computer Science 7237 (eds Pointcheval, D. and Johansson, T.; Springer, Heidelberg, 2012) 502519.Google Scholar
Cheon, J. H., Coron, J.-S., Kim, J., Lee, M. S., Lepoint, T., Tibouchi, M. and Yun, A., ‘Batch fully homomorphic encryption over the integers’, EUROCRYPT 2013 , Lecture Notes in Computer Science 7881 (eds Johansson, T. and Nguyen, P. Q.; Springer, Heidelberg, 2013) 315335.Google Scholar
Cheon, J. H. and Stehlé, D., ‘Fully homomorphic encryption over the integers revisited’, EUROCRYPT’15 , Lecture Notes in Computer Science 9056 (eds Oswald, E. and Fischlin, M.; Springer, Berlin, 2015) 513536.Google Scholar
Cohn, H. and Heninger, N., ‘Approximate common divisors via lattices’, Proceedings of ANTS X , The Open Book Series 1 (Mathematical Sciences Publishers, Berkeley, CA, 2013) 271293.Google Scholar
Coron, J., Mandal, A., Naccache, D. and Tibouchi, M., ‘Fully homomorphic encryption over the integers with shorter public keys’, CRYPTO 2011 , Lecture Notes in Computer Science 6841 (ed. Rogaway, P.; Springer, Heidelberg, 2011) 487504.CrossRefGoogle Scholar
Coron, J., Naccache, D. and Tibouchi, M., ‘Public key compression and modulus switching for fully homomorphic encryption over the integers’, EUROCRYPT’12 , Lecture Notes in Computer Science 7237 (eds Pointcheval, D. and Johansson, T.; Springer, Heidelberg, 2012) 446464.Google Scholar
van Dijk, M., Gentry, C., Halevi, S. and Vaikuntanathan, V., ‘Fully homomorphic encryption over the integers’, EUROCRYPT 2010 , Lecture Notes in Computer Science 6110 (ed. Gilbert, H.; Springer, Berlin, 2010) 2443.CrossRefGoogle Scholar
Ding, J. and Tao, C., ‘A new algorithm for solving the general approximate common divisors problem and cryptanalysis of the FHE based on the GACD problem’. Cryptology ePrint Archive, Report 2014/042, 2014.Google Scholar
Galbraith, S. D., Gebregiyorgis, S. W. and Murphy, S., ‘Algorithms for the approximate common divisor problem’, eprint 2016/215 (2015).CrossRefGoogle Scholar
Gebregiyorgis, S. W., ‘Algorithms for the elliptic curve discrete logarithm and the approximate common divisor problem’, PhD Thesis, University of Auckland, 2016.Google Scholar
Howgrave-Graham, N., ‘Approximate integer common divisors’, Cryptography and lattices , Lecture Notes in Computer Science 2146 (ed. Silverman, J.; Springer, Berlin, 2001) 5166.Google Scholar
Lee, H. T. and Seo., J. H., ‘Security analysis of multilinear maps over the integers’, CRYPTO 2014 , Lecture Notes in Computer Science 8616 (Springer, Heidelberg, 2014) 224240.CrossRefGoogle Scholar
Lenstra, A., Lenstra, H. W. Jr and Loväsz, L., ‘Factoring polynomials with rational coefficients’, Math. Ann. 261 (1982) no. 4, 515534.Google Scholar
Lepoint, T., ‘Design and implementation of lattice-based cryptography’, PhD Thesis, Université du Luxembourg and École Normale Supérieure (2014).Google Scholar
Lyubashevsky, V., ‘The parity problem in the presence of noise, decoding random linear codes, and the subset sum problem’, APPROX-RANDOM 2005 , Lecture Notes in Computer Science 3624 (Springer, Berlin, 2005) 378389.Google Scholar
Nguyen, P. Q. and Stehlé, D., ‘LLL on the average’, Algorithmic number theory: 7th international symposium, ANTS-VII , Lecture Notes in Computer Science 4076 (eds Hess, F., Pauli, S. and Pohst, M. E.; Springer, Berlin, 2006) 238256.Google Scholar
Nguyen, P. Q. and Stern, J., ‘The two faces of lattices in cryptology’, Cryptography and lattices , Lecture Notes in Computer Science 2146 (ed. Silverman, J.; Springer, Berlin, 2001) 146180.Google Scholar
Pyke, R., ‘Spacings’, J. R. Stat. Soc. Ser. B 27 (1965) 395449.Google Scholar