Oded Regev - PowerPoint PPT Presentation

1 / 45
About This Presentation
Title:

Oded Regev

Description:

v1,...,vn vectors in Rn. The lattice L is. L={a1v1 ... anvn| ai integers} ... Create the quantum state ... More precisely, create the state. And the state ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 46
Provided by: math2007U
Category:

less

Transcript and Presenter's Notes

Title: Oded Regev


1
On Lattices, Learning with Errors, Random
Linear Codes, and Cryptography
Oded Regev Tel-Aviv University
2
Outline
3
Lattices
  • Basis
  • v1,,vn vectors in Rn
  • The lattice L is
  • La1v1anvn ai integers
  • The dual lattice of L is
  • Lx 8 y2L, hx,yi 2 Z

v1v2
2v2
2v1
2v2-v1
v1
v2
2v2-2v1
0
4
Shortest Vector Problem (SVP)
  • SVP Given a lattice, find a short vector

v2
v1
0
5
Closest Vector Problem (CVP)
  • CVP Given a lattice and a target vector, find
    the closest lattice point
  • CVPd Given a lattice and a target vector within
    distance d, find the closest lattice point

v2
v1
0
6
Main TheoremHardness of Learning
7
Learning from parity with error
8
Learning from parity with error
9
Learning modulo p
10
Learning modulo p
11
Main Theorem
12
Equivalent formulation
13
Why Quantum?
14
Why Quantum?
x
y
15
ApplicationNew Public Key Encryption Scheme
16
Previous lattice-based PKESAjtaiDwork96,Goldreic
hGoldwasserHalevi97,R03
17
New lattice-based PKESThis work
18
The Cryptoystem
21 02 10 23 1 11 22 20 33
2 01 22 00 33 1 11 22 00 23
0 01 32 10 33 3 31 32 00
23 2
2 0 1 2 1 2 2 3 0 2
0 3 1 2 0 2 0 3 1
3 3 3 0 2
2? 0? 1? 2? 1 1? 2? 2? 3?
2 0? 2? 0? 3? 1 1? 2? 0? 2?
0 0? 3? 1? 3? 3 3? 3? 0?
2? 2
21 02 10 23 0 11 22 20 33
2 01 22 00 33 1 11 22 00 23
3 01 32 10 33 3 31 32 00
23 3
3? 2? 1? 0? 3
19
Proof of the Main TheoremOverview
20
Gaussian Distribution
21
The Reduction
22
Dr
23
Dr/2
24
Obtaining Dr/2 from Dr
25
Classical, uses learning oracle Quantum
Samples from Dr in L
Solution to CVPp/r in L
Samples from Dr/2 in L
Solution to CVP2p/r in L
Samples from Dr/4 in L
Solution to CVP4p/r in L
26
Fourier Transform
Primal world (L)
Dual world (L)
27
Fourier Transform
28
Proof of the Main TheoremPart I Obtaining Dr/2
from CVPp/r
29
From CVPp/r to Dr/2
30
From CVP to Dr/2
31
From CVP to Dr/2
32
Proof of the Main TheoremPart II Solving
CVPp/r given samples from Dr
33
Its enough to approximate fp/r
34
Whats ahead in this part
35
Warm-up approximating f1/r
36
(No Transcript)
37
Fourier Transform
38
Approximating f2/r
39
Approximating f2/r
40
(No Transcript)
41
(No Transcript)
42
Approximating f2/r
43
Approximating f2/r
hs,t1i ¼dhx,w1ic mod 2 hs,t2i ¼dhx,w2ic mod
2 hs,t3i ¼dhx,w3ic mod 2 . . .
44
Approximating f2/r
45
Open questions
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Oded Regev" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!