## Public-key cryptosystems from the worst-case shortest vector problem (2008)

### Cached

### Download Links

Citations: | 91 - 18 self |

### BibTeX

@MISC{Peikert08public-keycryptosystems,

author = {Chris Peikert},

title = {Public-key cryptosystems from the worst-case shortest vector problem },

year = {2008}

}

### Years of Citing Articles

### OpenURL

### Abstract

We construct public-key cryptosystems that are secure assuming the worst-case hardness of approximating the length of a shortest nonzero vector in an n-dimensional lattice to within a small poly(n) factor. Prior cryptosystems with worst-case connections were based either on the shortest vector problem for a special class of lattices (Ajtai and Dwork, STOC 1997; Regev, J. ACM 2004), or on the conjectured hardness of lattice problems for quantum algorithms (Regev, STOC 2005). Our main technical innovation is a reduction from certain variants of the shortest vector problem to corresponding versions of the “learning with errors” (LWE) problem; previously, only a quantum reduction of this kind was known. In addition, we construct new cryptosystems based on the search version of LWE, including a very natural chosen ciphertext-secure system that has a much simpler description and tighter underlying worst-case approximation factor than prior constructions.