Periodic Report Summary - HIPERLATCRYP (High Performance Lattice Cryptography)
The goal of this project was the development of practical, powerful, and provably secure public-key cryptosystems, in the broadest sense, based on the conjectured hardness of certain computational problems on high-dimensional Euclidean lattices.
Unlike most other classes of computationally hard problems used in public-key cryptography-of which the Factoring and the Discrete Logarithm problems are assuredly the most famous-Euclidean lattice problems are believed able to withstand cryptanalytic attacks based on (yet to be realized) quantum computers. This is but one of the reasons why lattice-based cryptosystems are actively being researched to replace and supplement the current supply of options for telecommunication, electronic commerce, and a myriad of other applications.
Aside from its theoretical advantages, lattice-based cryptography is practically compelling, being fast and simple to implement, as it requires no other operations than matrix additions and multiplications in modular arithmetic with a small modulus. This combination of algorithmic simplicity and asymptotic performance makes lattices ideal for use in computationally constrained embedded devices such as SmartCards or RFID tags, provided that they can deliver a sufficiently good trade-off between performance and functionality. The discovery of more powerful and performing but still secure public-key cryptographic schemes based on lattices will have many immediate applications.
Toward this end, the HiPerLatCryp project-high-performance lattice-based cryptography-sought to develop, at a theoretical but eminently applicable level, a range of innovative cryptographic algorithms that falls under the umbrella of 'expressive' public-key cryptosystems. Expressive cryptography broadly refers to encryption and authentication systems that expressly and expressively support convenient naming schemes for handling large populations of cryptographic actors. Concretely, an identity-based encryption or signature scheme enables a cryptogram's recipient or originator to be designated directly to by name, rather via an opaque and arbitrary public key. Likewise, attribute-based cryptosystems allow the designation of same by a list of attributes, and the specification of selection conditions from logic expressions of those attributes.
As a direct result of the efforts deployed in international collaboration between several teams from the United States, the project has achieved or made significant progress toward the realization of very crucial functionalities for attribute-based encryption. In a paper published in 2012, an international team has shown how to construct the first threshold functionality for identity-based encryption, provably secure from a mild hardness assumption widely conjectured to be quantum-proof. This result constitutes an essential step toward the realization of full-fledged attribute-based encryption from lattices, perhaps one of the most elusive open questions in this area of research.
In a different line of work, the project has led to the development, in collaboration with a research group from a French university, of a special type of multiuser anonymous digital signatures, or ring signatures. Ring signatures have direct usages in applications such as electronic voting, and also take part as building blocks of more complex cryptographic protocols, and the proposed schemes manage to combine improved efficiency with the long-term safety of lattices for these applications.
Unlike most other classes of computationally hard problems used in public-key cryptography-of which the Factoring and the Discrete Logarithm problems are assuredly the most famous-Euclidean lattice problems are believed able to withstand cryptanalytic attacks based on (yet to be realized) quantum computers. This is but one of the reasons why lattice-based cryptosystems are actively being researched to replace and supplement the current supply of options for telecommunication, electronic commerce, and a myriad of other applications.
Aside from its theoretical advantages, lattice-based cryptography is practically compelling, being fast and simple to implement, as it requires no other operations than matrix additions and multiplications in modular arithmetic with a small modulus. This combination of algorithmic simplicity and asymptotic performance makes lattices ideal for use in computationally constrained embedded devices such as SmartCards or RFID tags, provided that they can deliver a sufficiently good trade-off between performance and functionality. The discovery of more powerful and performing but still secure public-key cryptographic schemes based on lattices will have many immediate applications.
Toward this end, the HiPerLatCryp project-high-performance lattice-based cryptography-sought to develop, at a theoretical but eminently applicable level, a range of innovative cryptographic algorithms that falls under the umbrella of 'expressive' public-key cryptosystems. Expressive cryptography broadly refers to encryption and authentication systems that expressly and expressively support convenient naming schemes for handling large populations of cryptographic actors. Concretely, an identity-based encryption or signature scheme enables a cryptogram's recipient or originator to be designated directly to by name, rather via an opaque and arbitrary public key. Likewise, attribute-based cryptosystems allow the designation of same by a list of attributes, and the specification of selection conditions from logic expressions of those attributes.
As a direct result of the efforts deployed in international collaboration between several teams from the United States, the project has achieved or made significant progress toward the realization of very crucial functionalities for attribute-based encryption. In a paper published in 2012, an international team has shown how to construct the first threshold functionality for identity-based encryption, provably secure from a mild hardness assumption widely conjectured to be quantum-proof. This result constitutes an essential step toward the realization of full-fledged attribute-based encryption from lattices, perhaps one of the most elusive open questions in this area of research.
In a different line of work, the project has led to the development, in collaboration with a research group from a French university, of a special type of multiuser anonymous digital signatures, or ring signatures. Ring signatures have direct usages in applications such as electronic voting, and also take part as building blocks of more complex cryptographic protocols, and the proposed schemes manage to combine improved efficiency with the long-term safety of lattices for these applications.