Revision as of 06:35, 11 June 2016 edit Dannyniu (talk \| contribs) 356 edits →Further Developments: (cryptography) -> signature scheme. ← Previous edit		Revision as of 11:01, 16 June 2016 edit undo 14.140.46.154 (talk) →Public Key Generation Next edit →
Line 47: # Compute t(x) = a(x)·s<sub>0</sub>(x) + s<sub>1</sub>(x) # Distribute t(x) as the entity's public key The polynomials s<sub>0</sub>(x) and s<sub>1</sub>(x) serve as the private key and t(x) is the corresponding ~~private~~public key. The security of this signature scheme is based on the following problem. Given a polynomial t(x) find small polynomials f<sub>1</sub>(x) and f<sub>2</sub>(x) such that: a(x)·f<sub>1</sub>(x) + f<sub>2</sub>(x) = t(x) If this problem is difficult to solve, then the signature scheme will be difficult to forge. [See the Wikipedia article on [[Ring Learning with Errors]] or [[Ideal lattice cryptography\|Ideal Lattice Cryptography]] for more details on the theoretical difficulty of this problem]

Ring learning with errors signature: Difference between revisions