Trace-based cryptanalysis of cyclotomic Rq,0× Rq-PLWE for the non-split case
Abstract
We describe a decisional attack against a version of the PLWE problem in which the samples are taken from a certain proper subring of large dimension of the cyclotomic ring Fq[x]/(pk(x)) with k>1 in the case where q 1p but pk(x) is not totally split over Fq. Our attack uses the fact that the roots of pk(x) over suitable extensions of Fq have zero-trace and has overwhelming success probability as a function of the number of input samples. An implementation in Maple and some examples of our attack are also provided.
0
Turn this paper into a lesson
ArcXiv compiles a structured reading guide from this paper's metadata: plain-English importance, contributions, prerequisite concepts, which sections to read first, flashcards, and a quiz. Grounded in the abstract, never invented.