Advanced Topics in Cryptography - Lattices (Fall 2023)
Lattices in complexity theory, cryptography, and quantum computation.
Friday 9:50 - 12:15, 4105
Office hour: Friday 13:30 - 14:30
Email: [email protected]
TAs: Mengda Bi, Han Luo
Main reference for lattice and complexity theory:
Micciancio and Goldwasser: Complexity of lattice problems: A cryptographic perspective
Micciancio and Goldwasser: Complexity of lattice problems: A cryptographic perspective
Websites/Lecture notes/Surveys related to lattices:
Damien Stehle's collection of lattice papers [ site ]
Oded Regev 2004 [ site ]
Vinod Vaikuntanathan 2015 [ site ] 2020 [ site ]
Daniele Micciancio 2016 [ site ]
TAU lattice course 2019 [ site ]
H. Lenstra: Lattices in number theory, algorithm, and applications [ link ]
A. Joux and J. Stern: Lattice reduction, a toolbox for cryptanalyst [ link ]
P. Q. Nguyen and J. Stern: The two faces of lattice in cryptology [ link ]
Damien Stehle's collection of lattice papers [ site ]
Oded Regev 2004 [ site ]
Vinod Vaikuntanathan 2015 [ site ] 2020 [ site ]
Daniele Micciancio 2016 [ site ]
TAU lattice course 2019 [ site ]
H. Lenstra: Lattices in number theory, algorithm, and applications [ link ]
A. Joux and J. Stern: Lattice reduction, a toolbox for cryptanalyst [ link ]
P. Q. Nguyen and J. Stern: The two faces of lattice in cryptology [ link ]
Main reference for cryptography:
A Course in Cryptography, Rafael Pass & abhi shelat
https://www.cs.cornell.edu/courses/cs4830/2010fa/lecnotes.pdf
A Course in Cryptography, Rafael Pass & abhi shelat
https://www.cs.cornell.edu/courses/cs4830/2010fa/lecnotes.pdf
A graduate course in applied cryptography, Dan Boneh & Victor Shoup
Foundations of Cryptography I, II, Oded Goldreich
Foundations of Cryptography I, II, Oded Goldreich
Topics:
Part 1: Introduction: Minkowski's two theorems, all what you want to know about lattices
Part 2: Algorithms for SVP and CVP: LLL and others
Part 3: Complexity: NP hardness of CVP, SVP (Ajtai, Micciancio, Khot), NP intersect coNP
Part 4: Worst-case to average-case reduction (LWE, SIS, DCP)
Part 5: The cryptographic applications of lattice problems: fully homomorphic encryptions, lattice trapdoors, identity and attribute-based encryptions.
Part 6: Quantum and lattices
Part 7: Whatever interesting, if we have time
Last two weeks: Project presentations
Part 1: Introduction: Minkowski's two theorems, all what you want to know about lattices
Part 2: Algorithms for SVP and CVP: LLL and others
Part 3: Complexity: NP hardness of CVP, SVP (Ajtai, Micciancio, Khot), NP intersect coNP
Part 4: Worst-case to average-case reduction (LWE, SIS, DCP)
Part 5: The cryptographic applications of lattice problems: fully homomorphic encryptions, lattice trapdoors, identity and attribute-based encryptions.
Part 6: Quantum and lattices
Part 7: Whatever interesting, if we have time
Last two weeks: Project presentations
Tentative Schedule:
09/22 Introduction
10/08 (Sunday, substitute 09/29) Complexity of lattice problems
10/13 Minkowski's theorems, SIS and LWE, q-ary lattices
10/20 Regev's quantum reduction from GapSVP to LWE
10/27 Relationship between SIS and LWE, lattice trapdoors
11/03 PKE and FHE from LWE
11/10 FHE bootstrapping, lattice trapdoors
11/17 Signature, project/open problem discussion
11/24 Identity-based encryption, Bonsai technique
12/01 GGH15 technique and witness encryption
12/08 Lattice and quantum: CLZ22 and AG11
12/15 Quantum and lattice: Liu's quantum curvelet transform algorithm
12/22 Presentation I
12/29 Presentation II
01/05 Presentation III
09/22 Introduction
10/08 (Sunday, substitute 09/29) Complexity of lattice problems
10/13 Minkowski's theorems, SIS and LWE, q-ary lattices
10/20 Regev's quantum reduction from GapSVP to LWE
10/27 Relationship between SIS and LWE, lattice trapdoors
11/03 PKE and FHE from LWE
11/10 FHE bootstrapping, lattice trapdoors
11/17 Signature, project/open problem discussion
11/24 Identity-based encryption, Bonsai technique
12/01 GGH15 technique and witness encryption
12/08 Lattice and quantum: CLZ22 and AG11
12/15 Quantum and lattice: Liu's quantum curvelet transform algorithm
12/22 Presentation I
12/29 Presentation II
01/05 Presentation III
Best course projects (automatic A+):
Memory-sample lower bounds for LWE
by Junzhao Yang and Mingqi Lu
Accepted at CRYPTO 2024
MCSP and lattice problems
by Liyan Chen, Baitian Li, Yichan Wang
Memory-sample lower bounds for LWE
by Junzhao Yang and Mingqi Lu
Accepted at CRYPTO 2024
MCSP and lattice problems
by Liyan Chen, Baitian Li, Yichan Wang