# lattice-crypto's questions - English 1answer

187 lattice-crypto questions.

### 2 In Lattice Cryptography, why is it hard to find short vectors if given long vectors?

In lattice cryptography it seems like giving out long vectors for a lattice that can be drawn from much shorter vectors (generating an identical lattice) is somehow useful for public-private key ...

### 8 Lattice-based cryptography

How viable is lattice-based cryptography in a "practical" setting? It has been said that lattice-based cryptography would be a "post-quantum" cryptography scheme, but is it feasibly implementable?

### 4 Hash and sign via trapdoors for lattices

1 answers, 48 views lattice-crypto trapdoor

### 2 LLL - Lattice Reduced Basis Algorithm question?

I have two related questions: Version 1: Let $B=\{b_1,b_2,\dots,b_n\}$ be an orthogonal basis for $R^n$. What is the associated reduced basis obtained by applying LLL algorithm to $B$? I know how ...

### 3 Cryptanalysis on affine like matrix based strange cryptographic scheme [closed]

This is a garage made encryption scheme provided as cryptanalysis practice during 34C3 CTF. The challenge is done under the following assumptions All Mersenne twister instances are MT19937 64bit ...

### Multi-party Key Exchange protocol from lattice

0 answers, 39 views key-exchange lattice-crypto
There are many two-party or three-party key exchange protocols from lattice. But, it seems that there is no famous multi-party key exchange protocol. Does anyone know the relevant knowledge? Or ...

### 2 Lattice generation from basis?

This might be a very short very obvious answer, because I've yet to come across a question similar to mine in my searches. Given a lattice L, with a good base B1 and a bad base B2, what stops an ...

### Discrete Gaussian Sampling in Authenticated key exchange from ideal lattices

0 answers, 53 views key-exchange lattice-crypto rlwe

### 2 Size of $q$ in reductions from lattice problems to R-SIS

The Short integer solution problem is parameterized by four values: $n$, the dimension of the vectors that must be added $m$, the number of samples (dimension of the solution) $\beta$, upper-bound ...

### 3 How does error distribution affect security in lattices?

It's easy to see that the crucial part of any lattice scheme is the added error. And different schemes seem to use different error distributions, some use Gaussian some use centered Binomial. Though, ...