diff --git a/chap-OT-LWE.tex b/chap-OT-LWE.tex
index fb0840b..b1a36e2 100644
--- a/chap-OT-LWE.tex
+++ b/chap-OT-LWE.tex
@@ -535,7 +535,7 @@ Adapting the  technique of \cite{CNS07} to the lattice setting requires the foll
 (i) A signature scheme allowing to sign ciphertexts while remaining compatible with ZK proofs; (ii) A ZK protocol allowing to prove knowledge of a signature on some hidden ciphertext which belongs to a public set and was transformed into a given   ciphertext; (iii)  A protocol for  proving the correct decryption of a ciphertext; (iv) A method of statistically re-randomizing an $\LWE$-encrypted ciphertext in a way that enables oblivious decryption. The first three ingredients can be obtained from \cref{ch:gs-lwe}. Since component (i) only needs to be secure against random-message attacks as
 long as the adversary obtains at most $N$ signatures, we  use the   simplified $\SIS$-based signature scheme
 of Section \ref{RMA-sec}. 	
-The statistical re-randomization of Regev ciphertexts is handled via the noise flooding technique \cite{AJL+12}, which consists in drowning the initial noise with a super-polynomially larger
+The statistical re-randomization of Regev ciphertexts is handled via the noise flooding technique \cite{AJL+12}, which consists in drowning the initial noise with a sub-exponentially larger
 noise. While recent results \cite{DS16,BDPMW16} provide potentially more efficient alternatives,
 we chose the flooding  technique for simplicity because it does not require the use of  FHE (and also because
 the  known multi-bit version \cite{HAO15} of the GSW FHE~\cite{GSW13}   incurs an \textit{ad hoc} circular security assumption).