Revision as of 20:39, 13 November 2024 edit Bottle for Bread (talk \| contribs) 196 edits →Ring learning with errors homomorphic encryption (RLWE-HOM) ← Previous edit		Revision as of 20:43, 13 November 2024 edit undo Bottle for Bread (talk \| contribs) 196 edits Removing homomorphic encryption from the lead Next edit →
Line 1: {{short description\|Computational problem possibly useful for post-quantum cryptography}} In [[post-quantum cryptography]], '''ring learning with errors''' ('''RLWE''') is a [[computational problem]] which serves as the foundation of new cryptographic [[algorithm]]s, such as [[NewHope]], designed to protect against [[cryptanalysis]] by [[quantum computers]] and also to provide the basis for [[homomorphic encryption]]. [[Public-key cryptography]] relies on construction of mathematical problems that are believed to be hard to solve if no further information is available, but are easy to solve if some information used in the problem construction is known. Some problems of this sort that are currently used in cryptography are at risk of attack if sufficiently large quantum computers can ever be built, so resistant problems are sought~~. Homomorphic encryption is a form of encryption that allows computation on ciphertext, such as arithmetic on numeric values stored in an encrypted database~~. RLWE is more properly called ''learning with errors over rings'' and is simply the larger [[learning with errors]] (LWE) problem specialized to [[polynomial ring]]s over finite fields.<ref name=":0" /> Because of the presumed difficulty of solving the RLWE problem even on a quantum computer, RLWE based cryptography may form the fundamental base for [[public-key cryptography]] in the future just as the [[integer factorization]] and [[discrete logarithm]] problem have served as the base for public key cryptography since the early 1980s.<ref name=":2">{{Cite book\|publisher = Springer International Publishing\|isbn = 978-3-319-11658-7\|pages = 197–219\|series = Lecture Notes in Computer Science\|first = Chris\|last = Peikert\|editor-first = Michele\|editor-last = Mosca\|doi = 10.1007/978-3-319-11659-4_12\|title = Post-Quantum Cryptography\|volume = 8772\|year = 2014\|chapter = Lattice Cryptography for the Internet\|citeseerx = 10.1.1.800.4743\| s2cid=8123895 }}</ref> An important feature of basing cryptography on the ring learning with errors problem is the fact that the solution to the RLWE problem can be used to solve a version of the [[shortest vector problem]] (SVP) in a lattice (a polynomial-time reduction from this SVP problem to the RLWE problem has been presented<ref name=":0" />).

Ring learning with errors: Difference between revisions