{"scopus_import":1,"publisher":"Springer","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","date_created":"2018-12-11T11:56:37Z","series_title":"Lecture Notes in Computer Science","oa_version":"Published Version","oa":1,"alternative_title":["LNCS"],"status":"public","title":"Learning with rounding, revisited: New reduction properties and applications","quality_controlled":"1","date_updated":"2021-01-12T06:56:21Z","month":"01","day":"01","type":"conference","file":[{"file_id":"4912","date_created":"2018-12-12T10:11:55Z","file_size":587898,"date_updated":"2020-07-14T12:45:35Z","content_type":"application/pdf","creator":"system","access_level":"open_access","file_name":"IST-2016-684-v1+1_098.pdf","checksum":"16d428408a806b8e49eecc607deab115","relation":"main_file"}],"abstract":[{"lang":"eng","text":"The learning with rounding (LWR) problem, introduced by Banerjee, Peikert and Rosen at EUROCRYPT ’12, is a variant of learning with errors (LWE), where one replaces random errors with deterministic rounding. The LWR problem was shown to be as hard as LWE for a setting of parameters where the modulus and modulus-to-error ratio are super-polynomial. In this work we resolve the main open problem and give a new reduction that works for a larger range of parameters, allowing for a polynomial modulus and modulus-to-error ratio. In particular, a smaller modulus gives us greater efficiency, and a smaller modulus-to-error ratio gives us greater security, which now follows from the worst-case hardness of GapSVP with polynomial (rather than super-polynomial) approximation factors.\r\n\r\nAs a tool in the reduction, we show that there is a “lossy mode” for the LWR problem, in which LWR samples only reveal partial information about the secret. This property gives us several interesting new applications, including a proof that LWR remains secure with weakly random secrets of sufficient min-entropy, and very simple constructions of deterministic encryption, lossy trapdoor functions and reusable extractors.\r\n\r\nOur approach is inspired by a technique of Goldwasser et al. from ICS ’10, which implicitly showed the existence of a “lossy mode” for LWE. By refining this technique, we also improve on the parameters of that work to only requiring a polynomial (instead of super-polynomial) modulus and modulus-to-error ratio.\r\n"}],"department":[{"_id":"KrPi"}],"issue":"1","date_published":"2013-01-01T00:00:00Z","publication_status":"published","year":"2013","volume":8042,"publist_id":"4687","intvolume":" 8042","project":[{"call_identifier":"FP7","grant_number":"259668","name":"Provable Security for Physical Cryptography","_id":"258C570E-B435-11E9-9278-68D0E5697425"}],"ddc":["000","004"],"file_date_updated":"2020-07-14T12:45:35Z","has_accepted_license":"1","author":[{"first_name":"Joel F","last_name":"Alwen","full_name":"Alwen, Joel F","id":"2A8DFA8C-F248-11E8-B48F-1D18A9856A87"},{"id":"329FCCF0-F248-11E8-B48F-1D18A9856A87","full_name":"Krenn, Stephan","last_name":"Krenn","first_name":"Stephan","orcid":"0000-0003-2835-9093"},{"orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z","last_name":"Pietrzak","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","full_name":"Pietrzak, Krzysztof Z"},{"first_name":"Daniel","last_name":"Wichs","full_name":"Wichs, Daniel"}],"doi":"10.1007/978-3-642-40041-4_4","page":"57 - 74","_id":"2259","pubrep_id":"684","language":[{"iso":"eng"}],"conference":{"start_date":"2013-08-18","name":"CRYPTO: International Cryptology Conference","end_date":"2013-08-22","location":"Santa Barbara, CA, United States"},"citation":{"mla":"Alwen, Joel F., et al. Learning with Rounding, Revisited: New Reduction Properties and Applications. Vol. 8042, no. 1, Springer, 2013, pp. 57–74, doi:10.1007/978-3-642-40041-4_4.","ieee":"J. F. Alwen, S. Krenn, K. Z. Pietrzak, and D. Wichs, “Learning with rounding, revisited: New reduction properties and applications,” vol. 8042, no. 1. Springer, pp. 57–74, 2013.","ama":"Alwen JF, Krenn S, Pietrzak KZ, Wichs D. Learning with rounding, revisited: New reduction properties and applications. 2013;8042(1):57-74. doi:10.1007/978-3-642-40041-4_4","ista":"Alwen JF, Krenn S, Pietrzak KZ, Wichs D. 2013. Learning with rounding, revisited: New reduction properties and applications. 8042(1), 57–74.","apa":"Alwen, J. F., Krenn, S., Pietrzak, K. Z., & Wichs, D. (2013). Learning with rounding, revisited: New reduction properties and applications. Presented at the CRYPTO: International Cryptology Conference, Santa Barbara, CA, United States: Springer. https://doi.org/10.1007/978-3-642-40041-4_4","chicago":"Alwen, Joel F, Stephan Krenn, Krzysztof Z Pietrzak, and Daniel Wichs. “Learning with Rounding, Revisited: New Reduction Properties and Applications.” Lecture Notes in Computer Science. Springer, 2013. https://doi.org/10.1007/978-3-642-40041-4_4.","short":"J.F. Alwen, S. Krenn, K.Z. Pietrzak, D. Wichs, 8042 (2013) 57–74."},"ec_funded":1}