A framework for cryptographic problems from linear algebra

Abstract

AbstractWe introduce a general framework encompassing the main hard problems emerging in lattice-based cryptography, which naturally includes the recently proposed Mersenne prime cryptosystem, but also problems coming from code-based cryptography. The framework allows to easily instantiate new hard problems and to automatically construct plausibly post-quantum secure primitives from them. As a first basic application, we introduce two new hard problems and the corresponding encryption schemes. Concretely, we study generalisations of hard problems such as SIS, LWE and NTRU to free modules over quotients of ℤ[X] by ideals of the form (f,g), wherefis a monic polynomial andg∈ ℤ[X] is a ciphertext modulus coprime tof. For trivial modules (i.e. of rank one), the casef=Xn+ 1 andg=q∈ ℤ>1corresponds to ring-LWE, ring-SIS and NTRU, while the choicesf=Xn– 1 andg=X– 2 essentially cover the recently proposed Mersenne prime cryptosystems. At the other extreme, when considering modules of large rank and letting deg(f) = 1, one recovers the framework of LWE and SIS.