Label + Notation
This commit is contained in:
parent
efc1b73fed
commit
11caaaa25a
|
|
@ -96,8 +96,11 @@ The Learning With Errors problem $\mathsf{LWE}_{n,q,\chi}$ asks to distinguish~$
|
|||
If $q$ is a prime power, $B \geq \sqrt{n}\omega(\log n)$, $\gamma= \widetilde{\mathcal{O}}(nq/B)$, then there exists an efficient sampleable $B$-bounded distribution~$\chi$ ({i.e.}, $\chi$ outputs samples with norm at most $B$ with overwhelming probability) such that $\mathsf{LWE}_{n,q,\chi}$ is as least as hard as $\mathsf{SIVP}_{\gamma}$ (see, e.g., \cite{Reg05,Pei09,BLP+13}).
|
||||
% (see~\cite{Pei09,BLPRS13} for classical analogues).
|
||||
|
||||
|
||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||
% subsection: lattice trapdoors %
|
||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||
\subsection{Lattice Trapdoors}
|
||||
\label{sse:lattice-trapdoors}
|
||||
|
||||
In this section, we state the different algorithms that use ``\textit{lattice trapdoors}''.
|
||||
A trapdoor for lattice $\Lambda$ is a \textit{short} basis of this lattice.
|
||||
|
|
@ -108,6 +111,8 @@ Thus, a vector sampled in $D_{\Lambda^\perp_{q}(\mathbf{A}), \sigma}$, which is
|
|||
|
||||
Gentry {\em et al.}~\cite{GPV08} showed that Gaussian distributions with lattice support can be sampled efficiently given a sufficiently short basis of the lattice.
|
||||
|
||||
\scbf{Notation.} Given a matrix $\mathbf{A}$, let $\widetilde{\mathbf{A}}$ be the Gram-Schmidt orthogonalization of $\mathbf{A}$.
|
||||
|
||||
\begin{lemma}[{\cite[Le.~2.3]{BLP+13}}]
|
||||
\label{le:GPV}
|
||||
There exists a $\ppt$ (probabilistic polynomial-time) algorithm $\GPVSample$ that takes as inputs a
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user