Why study Lattice-based Cryptography? There are a few ways to answer this question. 1. It is useful to have cryptosystems that are based on a variety of hard computational problems so the different cryptosystems are not all vulnerable in the same way. 2. The computational aspects of lattice-based cryptosystem are usually simple to understand and fairly easy to implement in practice. 3. Lattice-based cryptosystems have lower encryption/decryption computational complexities compared to popular cryptosystems that are based on the integer factorisation or the discrete logarithm problems. 4. Lattice-based cryptosystems enjoy strong worst-case hardness security proofs based on approximate versions of known NP-hard lattice problems. 5. Lattice-based cryptosystems are believed to be good candidates for post-quantum cryptography, since there are currently no known quantum algorithms for solving lattice problems that perform significantly better than the best-known classical (non-quantum) algorithms, unlike for integer factorisation and (elliptic curve) discrete logarithm problems. 6. Last but not least, interesting structures in lattice problems have led to significant advances in Homomorphic Encryption, a new research area with wide-ranging applications.
翻译:为何要研究基于 Lattice 的加密?? 有几种方法可以解答这个问题 。 1. 使用基于各种硬计算问题的加密系统是有用的,这样不同的加密系统就不会都以同样的方式受到同样的伤害。 2. 以 lattice 为基础的加密系统的计算方面通常容易理解,在实践中也比较容易实施。 3. 以 lattice 为基础的加密系统与基于整数因子化或离散对数问题的流行加密系统相比,其计算复杂性较低。 4. 以 加密为基础的加密系统享有基于已知的NP-硬拉蒂斯问题的大致版本的最坏情况硬性的安全证明。 5. 以 加密系统为基础的计算方面被认为是后Qantum 加密法的好选择对象,因为目前没有已知的定量算法来解决比最知名的古典(非夸特) 算法要好得多的问题。 4. 与最小的因数因数因子化、但最不透明性地层化的离心层结构相比,在最后的磁层层结构中出现了一种不为深刻的问题。