Skip to main content

On the RLWE/PLWE equivalence for cyclotomic number fields

Applicable Algebra in Engineering, Communication and Computing volume 33pages 53–71 (2022)Cite this article

Abstract

We study the equivalence between the ring learning with errors and polynomial learning with errors problems for cyclotomic number fields, namely: we prove that both problems are equivalent via a polynomial noise increase as long as the number of distinct primes dividing the conductor is kept constant. We refine our bound in the case where the conductor is divisible by at most three primes and we give an asymptotic subexponential formula for the condition number of the attached Vandermonde matrix valid for arbitrary degree.

This is a preview of subscription content, access via your institution.

Access options

Buy single article

Instant access to the full article PDF.

USD 39.95

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Notes

  1. At https://www.safecrypto.eu/pqclounge/ a summary of candidates and the history of all submissions, attacks and withdrawals is available to filter and check.

  2. This is the definition of RLWE/PLWE in search version. As all this material is nowadays well known to the specialist we are sparing as many details as possible. We are taking this version as starting point, as it is more suitable for our argument. We refer the reader to [10] for the decisional version of the problem.

  3. For \(p(x)=\displaystyle \sum _{i=0}^np_ix^i\in {\mathbb {R}}[x]\), the 1-norm is defined as \(||p||_1=\displaystyle \sum _{i=0}^n|p_i|\)

References

  1. Bang, A.S.: Om ligningen \(\Phi _m(X)=0\). Afdeling B, Nyt tidsskrift for Matematik 6, 6–12 (1895)

    Google Scholar 

  2. Bateman, P.T.: Note on the coefficients of cyclotomic polynomials. Bull. Am. Math. Soc. 55(12), 1180–1181 (1949)

    MathSciNet  Article  Google Scholar 

  3. Bateman, P.T.: On the size of the coefficients of the cyclotomic polynomial. Seminaire de Théorie des Nombres de Bordeaux 11(28), 1–18 (1982)

    MATH  Google Scholar 

  4. Bernstein, D.J., Chuengsatiansup, C., Lange, T., van Vredendaal, C.: NTRU Prime (2016). http://eprint.iacr.org/2016/461. Accessed 27 Apr 2020

  5. Bloom, D.M.: On the coefficients of the cyclotomic polynomial. Am. Math. Mon. 75(4), 372–377 (1968)

    Article  Google Scholar 

  6. Boas, P.E.: Another NP-Complete Problem and the Complexity of Computing Short Vectors in a Lattice. Technical Report 81-04, Mathematische Instituut, University of Amsterdam (1981)

  7. Ducas, L., Durmus, A.: Ring-LWE in polynomial rings. In: PKC (2012)

  8. Erdös, P.: On the coefficients of the cyclotomic polynomial. Portugaliae Mathematica 8(2), 63–71 (1949)

    MathSciNet  MATH  Google Scholar 

  9. Gautschi, W., Inglese, G.: Lower bounds for the condition number of Vandermonde matrices. Numerische Mathematik 52, 241–250 (1988)

    MathSciNet  Article  Google Scholar 

  10. Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert H. (eds) Advances in Cryptology EUROCRYPT 2010. Lecture Notes in Computer Science, 6110. Springer, Berlin

  11. Maier, H.: Cyclotomic polynomials with large coefficients. Acta arithmetica 64(3), 227–235 (1993)

    MathSciNet  Article  Google Scholar 

  12. Pan, V.Y.: How bad are Vandermonde matrices? SIAM J. Matrix Anal. Appl. 37(2), 679–694 (2016)

    MathSciNet  Article  Google Scholar 

  13. Peikert, C., Regev, O., Stephens-Davidowitz, N.: Pseudorandomness of Ring-LWE for any ring and modulus. In: STOC (2017)

  14. Regev, O.: On lattices, learning with errors, random linear codes and cryptography. J. ACM 56(6), 34 (2009)

    MathSciNet  Article  Google Scholar 

  15. Rosca, M., Stehlé, D., Wallet, A.: On the ring-LWE and polynomial-LWE problems. In: Nielsen J., Rijmen V. (eds) Advances in Cryptology EUROCRYPT 2018. Lecture Notes in Computer Science, vol. 10820. Springer, Berlin

  16. Stehle, D.N., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. Adv. Cryptol. ASIACRYPT 2009, 617–635 (2009)

    MathSciNet  MATH  Google Scholar 

  17. Stewart, I.: Algebraic Number Theory and Fermat’s Last Theorem. AK Peters Ltd, Natick (2002)

    MATH  Google Scholar 

  18. Vaughan, R.C.: Bounds for the coefficients of cyclotomic polynomials. Michigan Math. J. 21(4), 289–295 (1975)

    MathSciNet  Article  Google Scholar 

  19. Washington, L.C.: Introduction to Cyclotomic Fields. Springer GTM, Berlin (1997)

    Book  Google Scholar 

Download references

Acknowledgements

Partially supported by MTM2016-79400-P.

Author information

Authors and Affiliations

  1. Department of Mathematics, School of Science, Universidad de Alcalá de Henares, Ctra. Madrid-Barcelona Km. 33,600, Alcalá de Henares, Spain

    Iván Blanco-Chacón

Authors
  1. Iván Blanco-Chacón
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Iván Blanco-Chacón.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Blanco-Chacón, I. On the RLWE/PLWE equivalence for cyclotomic number fields. AAECC 33, 53–71 (2022). https://doi.org/10.1007/s00200-020-00433-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00200-020-00433-z

Keywords

  • Ring learning with errors
  • Polynomial learning with errors
  • Cyclotomic polynomials
  • Condition number