Evaluation of the complexity of solving LWE problems and establishment of setting method of secure parameters for lattice-based homomorphic encryption

• Project/Area Number: 16H02830
• Research Category: Grant-in-Aid for Scientific Research (B)
• Allocation Type: Single-year Grants
• Section: 一般
• Research Field: Information security
• Research Institution: Kyushu University
• Principal Investigator: Yasuda Masaya 九州大学, マス・フォア・インダストリ研究所, 准教授 (30536313)
• Co-Investigator(Kenkyū-buntansha): 脇 隼人 九州大学, マス・フォア・インダストリ研究所, 准教授 (00567597) ; 青野 良範 国立研究開発法人情報通信研究機構, サイバーセキュリティ研究所セキュリティ基盤研究室, 研究員 (50611125)
• Project Period (FY): 2016-04-01 – 2020-03-31
• Project Status: Completed (Fiscal Year 2019)
• Budget Amount: ¥14,040,000 (Direct Cost: ¥10,800,000、Indirect Cost: ¥3,240,000); Fiscal Year 2019: ¥2,340,000 (Direct Cost: ¥1,800,000、Indirect Cost: ¥540,000); Fiscal Year 2018: ¥2,340,000 (Direct Cost: ¥1,800,000、Indirect Cost: ¥540,000); Fiscal Year 2017: ¥4,420,000 (Direct Cost: ¥3,400,000、Indirect Cost: ¥1,020,000); Fiscal Year 2016: ¥4,940,000 (Direct Cost: ¥3,800,000、Indirect Cost: ¥1,140,000)
• Keywords: 格子暗号 / 最短ベクトル問題 / LWE / 準同型暗号 / 格子基底簡約 / 格子問題 / 耐量子計算機暗号 / BKZ / LWR / 整数計画法 / 耐量子暗号 / LWE問題 / 格子基底簡約アルゴリズム / 解読計算量 / 格子基底縮約 / 解読計算量評価

Outline of Final Research Achievements

Lattice-based cryptography is a next-generation cryptography that is resistant to quantum computers and is also applicable to construction of high-functional cryptography such as homomorphic encryption. In particular, LWE-based schemes have excellent processing performance. The security of lattice-based cryptography is based on the computational hardness of lattice problems such as the shortest vector problem, but these problems are NP-hard and only known as asymptotic complexity. In this research, we had developed new algorithms to efficiently solve lattice problems such as the shortest vector and the LWE problems, and also evaluated their performance by experiments. Furthermore, we had implemented LWE-based homomorphic encryption schemes and demonstrated the performance in concrete applications such as secure matrix multiplications and secure statistical processing.

Academic Significance and Societal Importance of the Research Achievements

本研究では，耐量子性と高機能性の両方を合わせ格子暗号の安全性評価を行うと共に，安全なパラメータにおける格子準同型暗号の実装性能を示した．今回得られた格子暗号に対する解読技術や暗号解析法は数多くの著名な国際会議や海外雑誌で出版され暗号分野で非常に高い評価を得ると共に，格子暗号の安全パラメータの抽出が可能となった．また，抽出した安全パラメータを用いて，格子準同型暗号の秘匿行列乗算や秘匿統計処理の具体的な応用先における性能評価を行った．本研究の性能評価により，プライバシー保護利活用技術として格子準同型暗号が実社会で利用可能か判断できるため，今後の格子暗号の標準化等の社会活動への貢献が期待できる．

Research Products

• [Journal Article] Impact of the modulus switching technique on some attacks against learning problems (2020)
  • Author(s): Le Huy Quoc, Mishra Pradeep Kumar, Nakamura Satoshi, Kinjo Koha, Duong Dung Hoang, Yasuda Masaya
  • Journal Title: IET Information Security Volume: Vol.14 Issue: 3 Pages: 286-303
  • DOI: 10.1049/iet-ifs.2019.0220
  • Peer Reviewed / Open Access
• [Journal Article] A new polynomial-time variant of LLL with deep insertions for decreasing the squared-sum of Gram-Schmidt lengths (2019)
  • Author(s): Yasuda Masaya, Yamaguchi Junpei
  • Journal Title: Designs, Codes and Cryptography Volume: Vol.87 Issue: 11 Pages: 2489-2505
  • DOI: 10.1007/s10623-019-00634-9
  • Peer Reviewed / Open Access
• [Journal Article] Development of a Dual Version of DeepBKZ and Its Application to?Solving the LWE Challenge (2018)
  • Author(s): Yasuda Masaya、Yamaguchi Junpei、Ooka Michiko、Nakamura Satoshi
  • Journal Title: Springer Lecture Notes in Computer Science Volume: 10831 Pages: 162-182
  • DOI: 10.1007/978-3-319-89339-6_10
  • ISBN: 9783319893389, 9783319893396
  • Peer Reviewed
• [Journal Article] Security analysis of cryptosystems using short generators over ideal lattices (2018)
  • Author(s): Okumura Shinya、Sugiyama Shingo、Yasuda Masaya、Takagi Tsuyoshi
  • Journal Title: Japan Journal of Industrial and Applied Mathematics Volume: 35 Issue: 2 Pages: 739-771
  • DOI: 10.1007/s13160-018-0306-z
  • NAID: 210000187058
  • Peer Reviewed / Open Access
• [Journal Article] Solving LWR via BDD Strategy: Modulus Switching Approach (2018)
  • Author(s): Le Huy Quoc、Mishra Pradeep Kumar、Duong Dung Hoang、Yasuda Masaya
  • Journal Title: Springer Lecture Notes in Computer Science Volume: 11124 Pages: 357-376
  • DOI: 10.1007/978-3-030-00434-7_18
  • ISBN: 9783030004330, 9783030004347
  • Peer Reviewed
• [Journal Article] Faster PCA and Linear Regression through Hypercubes in HElib (2018)
  • Author(s): Rathee Deevashwer、Mishra Pradeep Kumar、Yasuda Masaya
  • Journal Title: Proceedings of the 2018 Workshop on Privacy in the Electronic Society Volume: 2018 Pages: 42-53
  • DOI: 10.1145/3267323.3268952
  • Peer Reviewed / Int'l Joint Research
• [Journal Article] Quantum Lattice Enumeration and Tweaking Discrete Pruning (2018)
  • Author(s): Aono Yoshinori、Nguyen Phong Q.、Shen Yixin
  • Journal Title: Sprigner Lecture Notes in Computer Science Volume: 11272 Pages: 405-434
  • DOI: 10.1007/978-3-030-03326-2_14
  • ISBN: 9783030033255, 9783030033262
  • Peer Reviewed
• [Journal Article] Lower Bounds on Lattice Enumeration with?Extreme Pruning (2018)
  • Author(s): Aono Yoshinori、Nguyen Phong Q.、Seito Takenobu、Shikata Junji
  • Journal Title: Springer Lecture Notes in Computer Science Volume: 10992 Pages: 608-637
  • DOI: 10.1007/978-3-319-96881-0_21
  • ISBN: 9783319968803, 9783319968810
  • Peer Reviewed / Int'l Joint Research
• [Journal Article] Explicit Formula for Gram-Schmidt Vectors in LLL with Deep Insertions and Its Applications (2018)
  • Author(s): Yamaguchi Junpei, Yasuda Masaya
  • Journal Title: Number-Theoretic Methods in Cryptology. NuTMiC 2017. Lecture Notes in Computer Science, Springer Volume: 10737 Pages: 142-160
  • DOI: 10.1007/978-3-319-76620-1_9
  • ISBN: 9783319766195, 9783319766201
  • Peer Reviewed
• [Journal Article] Enhancement for Secure Multiple Matrix Multiplications over Ring-LWE Homomorphic Encryption (2017)
  • Author(s): Pradeep Kumar Mishra, Dung Hoang Duong and Masaya Yasuda
  • Journal Title: Lecture Notes in Computer Science Volume: volume 10701 Pages: 320-330
  • DOI: 10.1007/978-3-319-72359-4_18
  • ISBN: 9783319723587, 9783319723594
  • Peer Reviewed / Int'l Joint Research
• [Journal Article] Choosing Parameters for the Subfield Lattice Attack Against Overstretched NTRU (2017)
  • Author(s): Dung Hoang Duong, Masaya Yasuda and Tsuyoshi Takagi
  • Journal Title: Lecture Notes in Computer Science Volume: 10599 Pages: 79-91
  • DOI: 10.1007/978-3-319-69659-1_5
  • ISBN: 9783319696584, 9783319696591
  • Peer Reviewed / Int'l Joint Research
• [Journal Article] Application of mixed integer quadratic program to shortest vector problems (2017)
  • Author(s): Kimura Keiji、Waki Hayato、Yasuda Masaya
  • Journal Title: JSIAM Letters Volume: 9 Issue: 0 Pages: 65-68
  • DOI: 10.14495/jsiaml.9.65
  • NAID: 130006077572
  • ISSN: 1883-0609, 1883-0617
  • Peer Reviewed
• [Journal Article] Simple Analysis of Key Recovery Attack Against LWE (2017)
  • Author(s): Yasuda Masaya
  • Journal Title: Mathematical Modelling for Next-Generation Cryptography, Springer Volume: 29 Pages: 221-238
  • DOI: 10.1007/978-981-10-5065-7_12
  • ISBN: 9789811050640, 9789811050657
  • Peer Reviewed
• [Journal Article] Secure Hamming distance computation for biometrics using ideal-lattice and ring-LWE homomorphic encryption (2017)
  • Author(s): Yasuda Masaya
  • Journal Title: Information Security Journal: A Global Perspective Volume: 26 Issue: 2 Pages: 85-103
  • DOI: 10.1080/19393555.2017.1293199
  • Peer Reviewed
• [Journal Article] Random Sampling Revisited: Lattice Enumeration with Discrete Pruning (2017)
  • Author(s): Aono Yoshinori, Nguyen Phong Q.
  • Journal Title: Advances in Cryptology, EUROCRYPT 2017, Lecture Notes in Computer Science, Springer Volume: 10211 Pages: 65-102
  • DOI: 10.1007/978-3-319-56614-6_3
  • ISBN: 9783319566139, 9783319566146
  • Peer Reviewed / Int'l Joint Research
• [Journal Article] Analysis of decreasing squared-sum of Gram-Schmidt lengths for short lattice vectors (2017)
  • Author(s): M. Yasuda, K. Yokoyama, T. Shimoyama, J. Kogure, and T. Koshiba
  • Journal Title: Journal of Mathematical Cryptology Volume: 11(1) Issue: 1 Pages: 1-24
  • DOI: 10.1515/jmc-2016-0008
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Journal Article] Efficient secure matrix multiplication over LWE-based homomorphic encryption (2016)
  • Author(s): 3.Dung Hoang Duong, Pradeep Kumar Mishra, and Masaya Yasuda
  • Journal Title: Tatra Mountains Mathematical Publications Volume: 67 Issue: 1 Pages: 69-83
  • DOI: 10.1515/tmmp-2016-0031
  • Peer Reviewed / Int'l Joint Research / Acknowledgement Compliant
• [Presentation] トレース写像を用いた特殊なRing-LWEサンプルに対する攻撃 (2020)
  • Author(s): 中邑聡史、金城皓羽、池松泰彦、安田雅哉
  • Organizer: 2020年暗号と情報セキュリティシンポジウム
• [Presentation] Self-dual DeepBKZ for finding short lattice vectors (2019)
  • Author(s): Masaya Yasuda
  • Organizer: MathCrypt 2018
  • Int'l Joint Research
• [Presentation] Improvement of BKZ by deep insertions for finding short lattice vectors (2019)
  • Author(s): Masaya Yasuda
  • Organizer: The CJK-SIAM's joint mini-symposium on Mathematical Cryptography in International Congress on Industrial and Applied Mathematics (ICIAM 2019)
  • Int'l Joint Research / Invited
• [Presentation] 射影格子上のDeepBKZ基底簡約とLWE問題の求解への応用 (2019)
  • Author(s): 中邑聡史、立岩斉明、金城皓羽、池松泰彦、安田雅哉
  • Organizer: 情報セキュリティ研究会（ISEC）
• [Presentation] Applications of lattice-based homomorphic encryption (2019)
  • Author(s): Masaya Yasuda
  • Organizer: The 6 th workshop on cyberspace FHE applications & its standardization
  • Int'l Joint Research / Invited
• [Presentation] Solving Shortest Vector Problem using Parallel Computing by Ubiquity Generator Framework (poster) (2019)
  • Author(s): Nariaki Tateiwa, Yuji Shinano, Satoshi Nakamura, Akihiro Yoshida, Shizuo Kaji, Masaya Yasuda, Katsuki Fujisawa
  • Organizer: International Conference for High Performance Computing, Networking, Storage, and Analysis (SC19)
  • Int'l Joint Research
• [Presentation] Extreme Pruningを用いた格子点探索アルゴリズムにおける計算量の下限について (from Crypto 2018) (2019)
  • Author(s): 青野良範, Phong Q. Nguyen, 清藤武暢, 四方順司
  • Organizer: 情報セキュリティ研究会（ISEC）
  • Int'l Joint Research
• [Presentation] 格子ベクトル数え上げアルゴリズムにおける計算量の下限について (2019)
  • Author(s): 青野良範
  • Organizer: FIT 2019 （トップコンファレンスセッション）
  • Int'l Joint Research
• [Presentation] Quantum Lattice Enumeration and Tweaking Discrete Pruning (from ASIACRYPT 2018) (2019)
  • Author(s): Y. Aono. P.Q.Nguyen, Y. Shen
  • Organizer: WCIS 2019
  • Int'l Joint Research
• [Presentation] 格子暗号の紹介とプライバシー保護利活用技術への応用について (2019)
  • Author(s): 安田雅哉
  • Organizer: 数学連携ワークショップSociety5.0と数学3～数学と情報セキュリティ研究とのかかわり～
  • Invited
• [Presentation] DeepBKZ基底簡約アルゴリズムの改良と解析 (2019)
  • Author(s): 中邑聡史，安田雅哉
  • Organizer: 2019年暗号と情報セキュリティシンポジウムSCIS2019
• [Presentation] Modulus Switchingによる探索LWE/LWR問題の解析とその影響評価 (2019)
  • Author(s): Le Quoc Huy，中邑聡史，金城皓羽，安田雅哉
  • Organizer: 2019年暗号と情報セキュリティシンポジウムSCIS2019
• [Presentation] Self-dual DeepBKZ for finding short lattice vectors (2018)
  • Author(s): Masaya Yasuda
  • Organizer: MathCrypt 2018
  • Int'l Joint Research
• [Presentation] Deep insertions を用いた格子基底簡約の紹介 (2018)
  • Author(s): 安田雅哉
  • Organizer: RIMS共同研究（公開型）Computer Algebra--Theory and its Applications 2018
• [Presentation] DeepLLLの改良とBKZへの組み込みの提案 (2018)
  • Author(s): 中邑聡史，安田雅哉
  • Organizer: 日本応用数理学会2018年度年会
• [Presentation] Secure multiple matrix multiplications via homomorphic encryption (2018)
  • Author(s): Pradeep Kumar Mishra, Dung Hoang Duong, Masaya Yasuda
  • Organizer: 2018年暗号と情報セキュリティシンポジウム, SCIS2018
• [Presentation] DeepLLL簡約基底の解析とDeepBKZの高速計算方の提案 (2018)
  • Author(s): 山口純平，安田雅哉
  • Organizer: 2018年暗号と情報セキュリティシンポジウム, SCIS2018
• [Presentation] 双対版DeepBKZ基底簡約の開発とLWEチャレンジ解読への応用 (2018)
  • Author(s): 安田雅哉，山口純平，大岡美智子，中邑聡史
  • Organizer: 2018年暗号と情報セキュリティシンポジウム, SCIS2018
• [Presentation] Ring-LWEを用いたセキュアな行列乗算のためのパッキング方法 (2018)
  • Author(s): 王立華，Pradeep Kumar Mishra，青野良範，Le Trieu Phong, 安田雅哉
  • Organizer: 2018年暗号と情報セキュリティシンポジウム, SCIS2018
• [Presentation] DeepLLLにおけるグラムシュミットベクトル更新の高速化 (2017)
  • Author(s): 山口純平, 安田雅哉
  • Organizer: 2017年暗号と情報セキュリティシンポジウム(SCIS2017)
  • Place of Presentation: ロワジールホテル沖縄
  • Year and Date: 2017-01-24
• [Presentation] New Variants of DeepLLL for Decreasing Squared-Sum of Gram-Schmidt Lengths (2017)
  • Author(s): 安田雅哉, 山口純平
  • Organizer: 2017年暗号と情報セキュリティシンポジウム(SCIS2017)
  • Place of Presentation: ロワジールホテル沖縄
  • Year and Date: 2017-01-24
• [Presentation] SIS問題の計算量評価 (2017)
  • Author(s): 青野良範，清藤武暢，四方順司
  • Organizer: 2017年暗号と情報セキュリティシンポジウム(SCIS2017)
  • Place of Presentation: ロワジールホテル沖縄
  • Year and Date: 2017-01-24
• [Presentation] Experimental analysis of LWE problem (2017)
  • Author(s): Yuntao Wang, Yoshinori Aono, Tsuyoshi Takagi
  • Organizer: 2017年暗号と情報セキュリティシンポジウム(SCIS2017)
  • Place of Presentation: ロワジールホテル沖縄
  • Year and Date: 2017-01-24
• [Presentation] DeepLLLを用いたSVP解読報告 (2017)
  • Author(s): 山口純平, 安田雅哉
  • Organizer: 情報セキュリティ研究会（ISEC）, 信学技法, vol. 117, no. 125, ISEC2017-23
• [Presentation] Random Sampling Revisited: Lattice Enumeration with Discrete Pruning（from Eurocrypt 2017） (2017)
  • Author(s): Yoshinori Aono, Phong Q. Nguyen
  • Organizer: 情報セキュリティ研究会(ISEC)
  • Invited
• [Presentation] Practical analysis of key recovery attack against search-LWE problem (2016)
  • Author(s): M. Kudo, J. Yamaguchi, Y. Guo and M. Yasuda
  • Organizer: International Workshop on Security (IWSEC2016)
  • Place of Presentation: Akihabara-Ochanomizu District, Tokyo, Japan
  • Year and Date: 2016-09-12
  • Int'l Joint Research
• [Presentation] 整数計画法による格子最短ベクトル探索問題の解読報告 (2016)
  • Author(s): 安田 雅哉, 脇 隼人
  • Organizer: 日本応用数理学会2016年度年会
  • Place of Presentation: 北九州国際会議場（福岡県北九州市小倉）
  • Year and Date: 2016-09-12
• [Presentation] Efficient secure matrix multiplications using RLWE-based homomorphic encryption (2016)
  • Author(s): 23.Dung Hoang Duong, Pradeep Kumar Mishra, and Masaya Yasuda
  • Organizer: Central European Conference on Cryptology (CECC2016)
  • Place of Presentation: Piestany, Slovakia
  • Year and Date: 2016-06-22
  • Int'l Joint Research
• [Presentation] Analysis of Decreasing Squared-Sum of Gram-Schmidt Lengths for Finding Short Lattice Vectors (2016)
  • Author(s): 安田雅哉, 横山和弘
  • Organizer: 信学技法, IEICE Technical Report, ISEC 2016-7
  • Place of Presentation: 機械振興会館
• [Book] 格子暗号解読のための数学的基礎 (2019)
  • Author(s): 青野 良範、安田 雅哉
  • Total Pages: 216
  • Publisher: 近代科学社
  • ISBN: 4764905981