See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/335499364

Lattice Based Cryptography : Its Applications, Areas of Interest & Future Scope

Conference Paper · March 2019

DOI: 10.1109/ICCMC.2019.8819706

CITATIONS READS
29 5,313

3 authors, including:

Pawan Kumar Pradhan Sayan Rakshit

KIIT University KIIT University
1 PUBLICATION 29 CITATIONS 1 PUBLICATION 29 CITATIONS

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Pawan Kumar Pradhan on 03 September 2019.

The user has requested enhancement of the downloaded file.

 Proceedings of the Third International Conference on Computing Methodologies and Communication (ICCMC 2019)
IEEE Xplore Part Number: CFP19K25-ART; ISBN: 978-1-5386-7808-4

LATTICE BASED CRYPTOGRAPHY

​Its Applications, Areas of Interest & Future Scope.
​ Pawan Kumar Pradhan Sayan Rakshit Sujoy Datta
School of Computer Engineering School of Computer Engineering School of Computer Engineering
Kalinga Institute of Industrial Technology Kalinga Institute of Industrial Technology Kalinga Institute of Industrial Technology
​Bhubaneswar, India Bhubaneswar, India Bhubaneswar, India
[email protected] [email protected] [email protected]

Abstract​—​With a recent increase in the advancement of the I. INTRODUCTION

technology, computer system and it’s sensitive data are
getting exhibited to unauthorised users, with steadily With the advances in technology and quantum computer
corroding the fundamentals of computer security. This, in generation, threats of cryptanalytic attacks will pose a
fact, demanded fundamental innovations that require serious impact on our computer security, thereby making
several cryptographic paradigms and security protocol. conventional cryptographic schemes obsolete.
Previously it was thought that asymmetric cryptographic
Considering the following trends, there is Moore’s
key like RSA, Diffie-Hellman, are very hard to decrypt by
Law[14], appearing to continue relentlessly, making our
classical computation, but with the implementation of
recent computers capable of coping up with future
quantum computation, it is proved that this kind of
technologies and computation. On another hand, there is
cryptographic algorithm is very easy to decrypt and hackers
can steal important Data[3,6]. After the release of Ajtai’s the emergence of quantum computers which are obvious
research paper “​Generating Hard Instances of Lattice enough to destroy convention computation
Problem”[​ 2], a million reasons arose in the minds of the schemas[5,14].
researchers to develop on methods based on lattice-based In future, classical computing will be replaced by
cryptography to improve their security needs. Firstly, it quantum computing, thereby compromising our security.
provided much stronger security, and the average-case of To prevent data breaching, eavesdropping from
several problems in lattice-based cryptography seems unauthorised users and hacking, we need to introduce
equivalent to the worst-case problem of these problems [2]. advance & secured cryptosystem. This can be achieved by
Moreover, lattices have the potential to persuade the the implementation of the hardness of a lattice in
cryptanalytic attacks created by any quantum computers i.e cryptography. By this time the most likely scheme is
Quantum Computational Secure[3]. In this paper, we will believed to be the one based on the troublesome
discuss lattice-based cryptosystem, it’s security dimensions, mathematics problems of lattices, multi-dimensional and
a general brief on how it works, future scope, applications reproducing points on the grids with limitless
and areas of Interest.
possibilities. It's the most promising candidate for
post-quantum cryptography[4]. Ajtai in 1996 through his
Keywords​—​Cryptography; Lattice-based Cryptosystem;
works proved that lattices have the potential to persuade
Lattice; Post-Quantum Cryptography; Quantum
the cryptanalytic attacks created by the quantum
Computation; Shor's Algorithm.
computers. It was considered to be the first lattice-based
public key cryptosystem[4]. Similarly, another
cryptosystem named Gold-Goldwasser-Halevi

978-1-5386-7808-4/19/$31.00 ©2019 IEEE 988

 Proceedings of the Third International Conference on Computing Methodologies and Communication (ICCMC 2019)
IEEE Xplore Part Number: CFP19K25-ART; ISBN: 978-1-5386-7808-4

cryptosystem (GGH) came into existence which mainly combination ∑xi bi where xi ε Z , and the bi ’s are
offered a realistic alternative to number theory[15]. linearly independent vectors over Ｒ, where
And as a need to enhance current practices in (b1 , b2 , b3 , ......bn ) are basis vectors[7].
cyber-security, adding such variety in cryptography will L={ Σxi bi | xi ∈ Z x1 }
aid our security at the very fundamental level.
According to the concepts of lattices, lattice sharing same
With substantial changes and improvements in bases are hence equivalent. So no two lattices can share
technology, the diversity in technology tends to increase a the same basis.
lot thus requiring several diverse platforms to run such
tech. And so would Lattice-based cryptographic
Algorithms, in order to tackle Quantum Computation e.g.
Cloud vs IoT platforms. There are several other fields
where they provide enhanced and efficient security for
both long-term and short-term devices and systems e.g.
On the medical grounds like smart medical implants
which have to stay put for years and security is a major
concern here. On Military grounds like missiles with
smart embedded systems where it has to hit a particular
target and the info of target is stored on the system only,
so security plays a critical role here.

The paper is organised in the following way: Firstly an

overview of what exactly is lattice and basis, its
In the above diagram i.e Fig 1, lattice generated using
representation and some general formula. Then, concepts
[x1,x2] and [b1,b2] are totally different. Where, Basis
of Lattice theory and development of lattice-based
[x1,x2] is referred to as a bad basis and Basis[b1,b2] is a
cryptosystems, a brief on some commonly used
good basis, as the vectors are orthogonal in [b1,b2].
cryptosystems followed by its applications, areas of
interest and finally its future scope. And lastly
★ A Lattice is Infinite, but lattice-cryptography actually
summarising it with an overwhelming conclusion.
uses the ​Finite Abelian group Z d /L : it works modulo the
lattice L [7].
A. LATTICES
B. LATTICE THEORY
In general, Lattice can be defined as an infinite
arrangement of “Regularly spaced” points on any vector Lattice-based Cryptography is the recent innovation in the
space. fundamentals of cyber-security, laying foundations to
strengthen the weak cryptographic policies & the
Since lattices are infinitely large objects and in unstructured security protocols and is even capable of
cryptography, we need to feed them on computers to work handling Quantum-Computation, which had been a great
on them, whereas a computer has a limited amount of issue over such a time where quantum computers are a
memory. So, we use a concise way to tackle the problem reality and can be a resource of misuse too, despite having
and here comes the concept of basis. A Basis can be it wonderful uses[5]. Its construction is based on the
defined as the collection of small vectors which are presumed hardness of the lattice problems.
capable of reproducing any point on the grid that forms a
lattice. Some general Lattice problems used in cryptographic
Mathematically, a lattice is defined as a discrete subgroup primitives are:-
n
of Ｒ , or the set L(b1 , b2 , b3 , ......bn ) of all linear

978-1-5386-7808-4/19/$31.00 ©2019 IEEE 989

 Proceedings of the Third International Conference on Computing Methodologies and Communication (ICCMC 2019)
IEEE Xplore Part Number: CFP19K25-ART; ISBN: 978-1-5386-7808-4

● Shortest-Vector Problem (SVP):​ F ​ or a given under several severe conditions. As till now we Clearly
basis X of lattice L , another basis X ′ is created, know about the Lattices and its Theory. We are well
such that the LX = LX ′ , where vectors of X ′ are aware of the fact that this cryptosystem totally relies on
shortest for any norm[8]. the hardness of the problem.

● Approximate-Shortest Vector Problem (𝞪-SVP)​: Considering it to be a candidate of post-quantum

For a given lattice L , the problem is solved by cryptography, the tough problem considered should be
finding a non-zero vector 'x' where, sufficiently tough enough to trick quantum computational
x ε L, ∀ yε L, ||x|| ≤ α||y|| [8]. schemas too.[8].
Various cryptosystems that are implemented nowadays
● Shortest In-dependent Vector Problem (SIVP). are utilizing SVP/CVP/BDD as the hardness used in those
problems using the concepts of Lattice Equality as
● Closest-Vector Problem (CVP). one-way trapdoor function.

● Approximate Closest Vector Problem (𝞪-CVP). Some Commonly used Cryptosystems are:-

● Bounded Distance Decoding (BDD). ● GGH.

● Piekert’s Ring - Learning with Errors(Ring
● Shortest Integer Solution problem(SIS)​. LWE) Key Exchange.
● NTRUEncrypt.
Various Algorithmic Solutions for those Lattice Problems ● The Micciancio Cryptosystem.
include Gram-Schmidt Orientation, LLL Algorithm, ● Other CVP Based Cryptosystems.
which is to be the best known polynomial time algorithm,
BKZ & the most widely used Algorithm Babai’s III. APPLICATIONS
n
Round-Off Algorithm[8], who proved that the CVP in R
n
can be approximated to 2 . With the emergence of various computing paradigms, the
need to contain their security definitions has become a
II. LATTICE CRYPTOSYSTEM real threat for the computer scientists by now. As
technological services like Cloud Computing,
Since we all know the drawbacks of Classical high-performance (real-time) virtualized environments,
Cryptosystem which includes RSA. Internet of Things, Quantum computation etc. demand
x
RSA uses large finite Abelian Groups G = (Z/N Z) [5]. In highly secure/encrypted software-defined networks for
order to speed things up we introduced: their communications.

● Elliptic Curve Cryptography which uses smaller In IoT, the classical cryptographic measures seem to fail
groups, whose operation are more expensive[8]. because the IoT space demands an increased number of
● Lattice-Based Cryptography which uses larger keys. In order to tackle this increased generation of the
groups, whose operation are much cheaper[8]. key by classical cryptographic measures demanded some
development of some standard lightweight cryptographic
Lattice-Based Cryptography uses high-dimensional schemas and cyphers with increased agility and
geometric structures to hide information, creating performance. This development calls out for Lattice-based
problems that are considered impossible to solve without public key cryptosystem and hence becomes an area of
the key even by universal fault-tolerant quantum Interest for its implementation/Application.
computers.
Similar, for cloud computing the channel or the
In order to make such cryptography possible, first of all, software-defined network which it demands, need to have
we need to build a prototype of the system and test it high agility and performance, should be energy-efficient

978-1-5386-7808-4/19/$31.00 ©2019 IEEE 990

 Proceedings of the Third International Conference on Computing Methodologies and Communication (ICCMC 2019)
IEEE Xplore Part Number: CFP19K25-ART; ISBN: 978-1-5386-7808-4

and must be of low latency. This couldn’t have been cryptography have been made such as Secure Socket
achieved by primitive cryptosystems, which furthermore Layer(SSL) developed by Netscape, Kerberos an
demands an accelerated system, capable enough to run authentication service developed by MIT.
more than one cryptic algorithm with full agility and
efficiency like that of an Application-Specific Integrated Anonymous Remailers: ​Remailing, is a service that
Circuits(ASCI’s)[5]. receives messages with embedded instructions of where
to send them next while stripping off the header
After those diverse applications of Lattice-based information like the originating address from the
cryptosystems. There are some Applications, which are electronic message and forwarding only the message. So,
used on an everyday basis and is shared by in this process, only the first remailer retains your identity
classical-public key cryptography also. Though both and instead of trusting the operator, uses many
cryptosystems have applications on the same field, lattice anonymous remailers to relay the message before sending
cryptosystem is applied on areas where security is the it to the recipient. Using this method only the first
utmost priority. remailer know the identity of the sender and it becomes
impossible for anyone to retrace back to the sender from
A. AREAS OF INTEREST the end-point. The user wanting anonymity for their
messages uses such kind of service whose encryption is
End-to-End Encryption: ​The one field of communication based on lattices.
that is widely used, but is the least encrypted is the
E-mail. Since the content of our emails is not sensitive
enough we least care for encryption. But, for people out
there who care for their sensitive information, like
information related to military or political purpose where
the whole country has to suffer if the information gets
leaked out, they can’t have an uncertainty of even 0.01%.

Electronic Money: A ​ s we can see this is the era of Digital

Cash or Electronic cash. On simple terms, we can say that
Electronic money includes the transfer of money between
individuals electronically using an encryption algorithm.
The level of Encryption used here is the key factor. Great
encryption will secure the transactions from getting
hacked by anonymous users whereas a small flaw in
encryption will lead to a huge loss. As we know the
alteration of a single bit/digit over the database can
change a million to a billion. ​Example​:- Suppose if an Disk Encryption: ​This method involves encryption of
unauthorised user just gets into the database using the whole disks so the user won't have to worry about leaving
flaw on encryption and just add two more zeros on the any traces of unencrypted data on the disk. The disk is
end of this account balance. That makes a huge protected by an encryption algorithm defined by the user.
difference, this was just a small example to illustrate what And a password-protected system used by the user to gain
he/she can do. access to the disk. Thereby making the overall system
secure and inaccessible to any unauthorized user.
Secure Network Communications​: In order to have a
secure medium to communicate through others, the extent Along with them, there are several other fields to look on
of the encryption standard must have to be increased. To to such as Authentication/Digital Signatures, Time
do so network protocols based on public-key

978-1-5386-7808-4/19/$31.00 ©2019 IEEE 991

 Proceedings of the Third International Conference on Computing Methodologies and Communication (ICCMC 2019)
IEEE Xplore Part Number: CFP19K25-ART; ISBN: 978-1-5386-7808-4

Stamping, Pseudonymous Remailers etc. and several Hence we presume, this technology of lattice-based
other areas which are yet to be discovered. cryptography will make these threats hypothetical.
There is a varied scope of this tech in future. Observing
the emergence of Quantum Computation.

CONCLUSION

As we can see that cryptography plays a vital role in

securing our data transfer, digital communications,
transactions, transfers of sensitive information by
encrypting modern-day applications, systems, digital
signatures, HTTP etc. And it continues to play its crucial
role in securing all aspects of our life.

The scale and sophistication of cyber-attacks escalate

every year as well as the risk of gaining or losing
sensitive information. This concept of lattices and its
hardness is mainly used as an update to the current
IV. FUTURE SCOPE cryptographic schemas. Lattice-based cryptography is a
complex cryptic method which is meant to protect our
Several fields such as IoT, Embedded Devices, Cloud data and secure us from cyber threats generated from the
computing, etc. Employing classical cryptography here quantum computing system consisting of millions of
can create a lot of fuss, as of individual field requests their qubits. Though the implementation of such type of
own specific key generation method with varied computers is still many years away. Moreover, by
performance and agility ratio, which can only be provided increasing the dimension of a lattice, cryptographers can
by the implementation of Lattices. create problems so hard that many believe no algorithm
will ever crack them - not even universal fault-tolerant
One great field where the use of lattices is mandatory is Quantum Computers.
embedded devices. They totally rely on decisions to act
on. They only care for the reliability of the decisions and As of now, we can say that Lattices and Cryptography
does not acknowledge who gets that decision. So, just by are just like a match made in Heaven.
tampering with the decisions the whole system can be
exploited. Hence the need for a cryptographic hashing ACKNOWLEDGMENT
algorithm arises.
Similarly, for Machine Learning, Artificial Intelligence &
We owe our deepest gratitude to ​Mr Sujoy Datta, ​Asst.
Neural Network where the whole system depends upon
Professor, School of Computer Engineering, KIIT
the integrity of the decision. Further, there are also scope
Deemed to be University, Bhubaneswar​, for his helpful
in Computer Networking and Web-Technology where
guidance, support, motivation and encouragement
Encryption is the key requirement for everything to
throughout our work. We are immensely grateful to have
operate.
him by our side sharing his pearls of wisdom during the
entire course of this research.
The exponential growth of technology and its limitless
possibilities makes us wonder where would technology go
from 10 years by now. And the need to encrypt our We would also like to acknowledge our friends who have
personal data/belongings have become a great deal now. always supported us through our bad times and kept us
ever motivated to keep going. And lastly, our parents to

978-1-5386-7808-4/19/$31.00 ©2019 IEEE 992

 Proceedings of the Third International Conference on Computing Methodologies and Communication (ICCMC 2019)
IEEE Xplore Part Number: CFP19K25-ART; ISBN: 978-1-5386-7808-4

ever support us and make us credible enough to reach spectrum​, ​34​(6), 52-59.
successful heights. [12] Micciancio, D. (2001). Improving lattice based cryptosystems using

the Hermite normal form. In ​Cryptography and lattices​(pp. 126-145).

Springer, Berlin, Heidelberg.

REFERENCES

[1] ​Regev, O. (2006, August). Lattice-based cryptography. In ​Annual

International Cryptology Conference​ (pp. 131-141). Springer, Berlin,
Heidelberg.

[2] ​Dadheech, A. (2018, September). Preventing Information Leakage

from Encoded Data in Lattice Based Cryptography. In ​2018
International Conference on Advances in Computing, Communications
and Informatics (ICACCI)​ (pp. 1952-1955). IEEE.

[3] Shor, P. W. (1994, November). Algorithms for quantum

computation: Discrete logarithms and factoring. In ​Proceedings 35th
annual symposium on foundations of computer science (pp. 124-134).
Ieee.

[4] ​Ajtai, M. (1996, July). Generating hard instances of lattice problems.

In ​Proceedings of the twenty-eighth annual ACM symposium on Theory
of computing​ (pp. 99-108). ACM.

[5] ​Nejatollahi, H., Dutt, N., & Cammarota, R. (2017, October). Special
session: trends, challenges and needs for lattice-based cryptography
implementations. In ​2017 International Conference on
Hardware/Software Codesign and System Synthesis (CODES+ ISSS)
(pp. 1-3). IEEE.

[6] ​Shor, P. W. (1999). Polynomial-time algorithms for prime

factorization and discrete logarithms on a quantum computer. ​SIAM
review​, ​41​(2), 303-332.

[7] Nguyen, P. Q., & Stern, J. (2001, March). The two faces of lattices in
cryptology. In ​International Cryptography and Lattices Conference (pp.
146-180). Springer, Berlin, Heidelberg.

[8] Rose, M. (2011). Lattice-based cryptography: a practical

implementation.

[9] Micciancio, D. (2011). Lattice-based cryptography. ​Encyclopedia of

Cryptography and Security​, 713-715.

[10] Nyang, D., & Song, J. (1998). Method for hiding information in

lattice. ​Electronics Letters​, ​34​(23), 2226-2228.

[11] Schaller, R. R. (1997). Moore's law: past, present and future. ​IEEE

978-1-5386-7808-4/19/$31.00 ©2019 IEEE 993

View publication stats