基于列表譯碼方法在查詢訪問模型下含錯學(xué)習(xí)問題的分析
doi: 10.11999/JEIT190624
-
1.
山東大學(xué)密碼技術(shù)與信息安全教育部重點(diǎn)實驗室 青島 266237
-
2.
山東大學(xué)數(shù)學(xué)學(xué)院 濟(jì)南 250100
-
3.
山東大學(xué)網(wǎng)絡(luò)空間安全學(xué)院 青島 266237
Analysis of Learning With Errors in Query Access Model: A List Decoding Approach
-
1.
Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education Shandong University, Qingdao 266237, China
-
2.
School of Mathematics, Shandong University, Jinan 250100, China
-
3.
School of Cyber Science and Technology, Shandong University, Qingdao 266237, China
-
摘要: Regev在2005年提出了含錯學(xué)習(xí)問題(LWE),這個問題與隨機(jī)線性碼的譯碼問題密切相關(guān),并且在密碼學(xué)特別是后量子密碼學(xué)中應(yīng)用廣泛。原始的含錯學(xué)習(xí)問題是在隨機(jī)訪問模型下提出的,有證據(jù)證明該問題的困難性。許多研究者注意到的一個事實是當(dāng)攻擊者可以選擇樣本時,該問題是容易的。但是目前據(jù)作者所知并沒有一個完整的求解算法。該文分析了查詢訪問模型下的帶有錯誤學(xué)習(xí)問題,給出了完整的求解算法。分析采用的工具是將該問題聯(lián)系到隱藏數(shù)問題,然后應(yīng)用傅里葉學(xué)習(xí)算法進(jìn)行列表譯碼。
-
關(guān)鍵詞:
- 含錯學(xué)習(xí)問題 /
- 查詢訪問模型 /
- 隱藏數(shù)問題 /
- 傅里葉學(xué)習(xí) /
- 列表譯碼
Abstract: Regev introduced the Learning With Errors (LWE) problem in 2005, which has close connections to random linear code decoding and has found wide applications to cryptography, especially to post-quantum cryptography. The LWE problem is originally introduced in random access model, and there are evidences that indicate the hardness of this problem. It is well known that the LWE problem is vulnerable if the attacker is allowed to choose samples. However, to the best of the author’s knowledge, a complete algorithm has not been published. In this paper, the LWE problem in query samples access model is analyzed. The technique is to relate the problem to the hidden number problem, and then Fourier learning method is applied to the list decoding. -
KEARNS M J and VAZIRANI U V. An Introduction to Computational Learning Theory[M]. Cambridge, London England: The MIT Press, 1994. BLUM A, KALAI A, and WASSERMAN H. Noise-tolerant learning, the parity problem, and the statistical query model[J]. Journal of the ACM, 2003, 50(4): 506–519. doi: 10.1145/792538.792543 PIETRZAK K. Cryptography from learning parity with noise[C]. The 38th International Conference on Current Trends in Theory and Practice of Computer Science, ?pindler?v Mlyn, Czech Republic, 2012: 99–114. REGEV O. On lattices, learning with errors, random linear codes, and cryptography[C]. The 37th Annual ACM Symposium on Theory of Computing, Baltimore, USA, 2005: 84–93. BONEH D and VENKATESAN R. Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes[C]. The 16th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, USA, 1996: 129–142. GALBRAITH S D and SHANI B. The multivariate hidden number problem[C]. The 8th International Conference on Information Theoretic Security, Lugano, Switzerland, 2015: 250–268. GOLDREICH O and LEVIN L A. A hard-core predicate for all one-way functions[C]. The 21st Annual ACM Symposium on Theory of Computing, Seattle, USA, 1989: 25–32. KUSHILEVITZ E and MANSOUR Y. Learning decision trees using the Fourier spectrum[C]. The 23rd Annual ACM Symposium on Theory of Computing, New Orleans, USA, 1991: 455–464. AKAVIA A, GOLDWASSER S, and SAFRA S. Proving hard-core predicates using list decoding[C]. The 44th Annual IEEE Symposium on Foundations of Computer Science, Cambridge, USA, 2003: 146–157. GALBRAITH S D, LAITY J, and SHANI B. Finding significant Fourier coefficients: Clarifications, simplifications, applications and limitations[J]. Chicago Journal of Theoretical Computer Science, 2018, 6: 1–38. AKAVIA A. Solving hidden number problem with one bit oracle and advice[C]. The 29th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, USA, 2009: 337–354. MICCIANCIO D and MOL P. Pseudorandom knapsacks and the sample complexity of LWE search-to-decision reductions[C]. The 31st Annual Conference on Advances in Cryptology, Santa Barbara, USA, 2011: 465–484. -