Revision as of 18:54, 2 February 2016 edit Quondum (talk \| contribs) Extended confirmed users 38,914 edits →Background: fmt ← Previous edit		Revision as of 19:02, 2 February 2016 edit undo Quondum (talk \| contribs) Extended confirmed users 38,914 edits →Background: fmt; Z → F (consistency) Next edit →
Line 12: Polynomials can be added and multiplied in the usual fashion. In the RLWE context the coefficients of the polynomials and all operations involving those coefficients will be done in a finite field, typically the field <math display="inline">\mathbf{Z}/q\mathbf{Z} = \mathbf{F}_q</math> for a prime integer <math display="inline">q</math>. The set of polynomials over a finite field with the operations of addition and multiplication forms an infinite [[polynomial ring]] (<math display="inline">\mathbf{F}_q[x]</math>).<ref>{{Cite journal\|title = Polynomial ring\|url = https://en.wikipedia.org/w/index.php?title=Polynomial_ring&oldid=661646453\|date = 2015}}</ref> The RLWE context works with a finite sub-ring of this infinite ring. The sub-ring is typically the finite [[Quotient ring\|quotient (factor) ring]] formed by reducing all of the polynomials in <math display="inline">\mathbf{F}_q[x]</math> modulo an [[irreducible polynomial]] <math display="inline">\Phi(x)</math>. This finite quotient ring can be written as <math>\mathbf{F}_q[x]/\Phi(x)</math> though many authors write <math>\mathbf{Z}_q[x]/\Phi(x)</math> .<ref name=":0" /> If the degree polynomial <math>\Phi(x)</math> is <math display="inline">n</math>, the sub-ring becomes the ring of polynomials of degree less than <math>n</math> modulo <math>\Phi(x)</math> with coefficients from <math>~~F_q~~\mathbf{F}_q</math>. The values <math display="inline">n</math>, <math display="inline">q</math>, together with the polynomial <math>\Phi(x)</math> partially define the mathematical context for the RLWE problem. Another concept necessary for the RLWE problem is the idea of "small" polynomials with respect to some norm. The typical norm used in the RLWE problem is known as the [[infinity norm]].<ref>{{Cite journal\|title = Norm (mathematics)\|url = https://en.wikipedia.org/w/index.php?title=Norm_(mathematics)&oldid=667112150\|date = 2015}}</ref> The infinity norm of a polynomial is simply the largest coefficient of the polynomial when these coefficients are viewed as integers. Hence, <math>\|\|a(x)\|\|_\infty = b</math> states that the [[infinity norm]] of the polynomial <math>a(x)</math> is <math>b</math>. Thus <math>b</math> is the largest coefficient of <math>a(x)</math>. The final concept necessary to understand the RLWE problem is the generation of random polynomials in <math>\mathbf{ZF}_q[x]/\Phi(x)</math> and the generation of "small" polynomials . A random polynomial is easily generated by simply randomly sampling the <math>n</math> coefficients of the polynomial from <math>\mathbf{F}_q</math>, where <math>\mathbf{F}_q</math> is typically represented as the set <math>\{-(q-1)/2, ..., -1, 0, 1, ..., (q-1)/2\}</math>. Randomly generating a "small" polynomial done by generating the coefficients of the polynomial from <math>\mathbf{F}_q</math> in a way that either guarantees or makes very likely small coefficients. There are two common ways to do this:

Ring learning with errors: Difference between revisions