分野別セミナー

Micciancio and Peikert gave new method for generating and using “strong trapdoors” in cryptographic lattices, which are simpler, tighter, faster, smaller (STFS trapdoors for lattices). Their trapdoors are called MP12 trapdoors. In this talk, we revisit the notion of STFS trapdoors for lattices. Our first contribution is an improvement of Gaussian sampling of MP12 trapdoors. Improved Gaussian sampling greatly reduces the computation for those moduli q which are not powers of 2. Besides, when the trapdoor is chosen from typical distribution, improved Gaussian sampling almost always has slightly smaller standard deviation (representing trapdoor quality) than suggested by MP12 trapdoors. Main techniques are non-spherical basic Gaussian sampling and special analysis. Our second contribution is a new method of MP12 Gaussian sampling, so that it finally outputs a non-spherical Gaussian variable. Under a trivial assumption, its size is smaller than spherical Gaussian variable, especially for “computationally pseudorandom MP12 trapdoors”.