{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,10]],"date-time":"2026-04-10T04:19:28Z","timestamp":1775794768595,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":39,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540374329","type":"print"},{"value":"9783540374336","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11818175_8","type":"book-chapter","created":{"date-parts":[[2006,9,23]],"date-time":"2006-09-23T02:21:52Z","timestamp":1158978112000},"page":"131-141","source":"Crossref","is-referenced-by-count":101,"title":["Lattice-Based Cryptography"],"prefix":"10.1007","author":[{"given":"Oded","family":"Regev","sequence":"first","affiliation":[]}],"member":"297","reference":[{"key":"8_CR1","doi-asserted-by":"publisher","first-page":"515","DOI":"10.1007\/BF01457454","volume":"261","author":"A.K. Lenstra","year":"1982","unstructured":"Lenstra, A.K., Lenstra Jr., H.W., Lov\u00e1sz, L.: Factoring polynomials with rational coefficients. Math. Ann.\u00a0261, 515\u2013534 (1982)","journal-title":"Math. Ann."},{"key":"8_CR2","doi-asserted-by":"publisher","first-page":"538","DOI":"10.1287\/moor.8.4.538","volume":"8","author":"H.W. Lenstra Jr","year":"1983","unstructured":"Lenstra Jr, H.W.: Integer programming with a fixed number of variables. Math. Oper. Res.\u00a08, 538\u2013548 (1983)","journal-title":"Math. Oper. Res."},{"key":"8_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BF02579403","volume":"6","author":"L. Babai","year":"1986","unstructured":"Babai, L.: On Lovasz\u2019 lattice reduction and the nearest lattice point problem. STACS 1985\u00a06, 1\u201313 (1986)","journal-title":"Combinatorica"},{"key":"8_CR4","doi-asserted-by":"crossref","first-page":"229","DOI":"10.1145\/2455.2461","volume":"32","author":"J.C. Lagarias","year":"1985","unstructured":"Lagarias, J.C., Odlyzko, A.M.: Solving low-density subset sum problems. J. Assoc. Comput. Mach.\u00a032, 229\u2013246 (1985)","journal-title":"J. Assoc. Comput. Mach."},{"key":"8_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1007\/3-540-44670-2_3","volume-title":"Cryptography and Lattices","author":"D. Coppersmith","year":"2001","unstructured":"Coppersmith, D.: Finding small solutions to small degree polynomials. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol.\u00a02146, pp. 20\u201331. Springer, Heidelberg (2001)"},{"key":"8_CR6","doi-asserted-by":"publisher","first-page":"540","DOI":"10.1006\/jcss.1999.1686","volume":"60","author":"O. Goldreich","year":"2000","unstructured":"Goldreich, O., Goldwasser, S.: On the limits of nonapproximability of lattice problems. Journal of Computer and System Sciences\u00a060, 540\u2013563 (2000)","journal-title":"Journal of Computer and System Sciences"},{"key":"8_CR7","doi-asserted-by":"publisher","first-page":"749","DOI":"10.1145\/1089023.1089025","volume":"52","author":"D. Aharonov","year":"2004","unstructured":"Aharonov, D., Regev, O.: Lattice problems in NP intersect coNP. Journal of the ACM\u00a052, 749\u2013765 (2005) Preliminary version in FOCS 2004","journal-title":"Journal of the ACM"},{"key":"8_CR8","doi-asserted-by":"crossref","unstructured":"Khot, S.: Hardness of approximating the shortest vector problem in lattices. In: Proc. 45th Annual IEEE Symp. on Foundations of Computer Science (FOCS), pp. 126\u2013135 (2004)","DOI":"10.1109\/FOCS.2004.31"},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: Generating hard instances of lattice problems. In: Proc. 28th ACM Symp. on Theory of Computing, pp. 99\u2013108 (1996), Available from ECCC at: http:\/\/www.uni-trier.de\/eccc\/","DOI":"10.1145\/237814.237838"},{"key":"8_CR10","doi-asserted-by":"publisher","first-page":"1484","DOI":"10.1137\/S0097539795293172","volume":"26","author":"P.W. Shor","year":"1997","unstructured":"Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. on Computing\u00a026, 1484\u20131509 (1997)","journal-title":"SIAM J. on Computing"},{"key":"8_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"112","DOI":"10.1007\/BFb0052231","volume-title":"Advances in Cryptology - CRYPTO \u201997","author":"O. Goldreich","year":"1997","unstructured":"Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol.\u00a01294, pp. 112\u2013131. Springer, Heidelberg (1997)"},{"key":"8_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory","author":"J. Hoffstein","year":"1998","unstructured":"Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: A ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol.\u00a01423, pp. 267\u2013288. Springer, Heidelberg (1998)"},{"key":"8_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/3-540-36563-X_9","volume-title":"Topics in Cryptology - CT-RSA 2003","author":"J. Hoffstein","year":"2003","unstructured":"Hoffstein, J., Howgrave-Graham, N., Pipher, J., Silverman, J.H., Whyte, W.: NTRUSIGN: Digital signatures using the NTRU lattice. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol.\u00a02612, pp. 122\u2013140. Springer, Heidelberg (2003)"},{"key":"8_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1007\/3-540-44670-2_12","volume-title":"Cryptography and Lattices","author":"P.Q. Nguy\u00ean","year":"2001","unstructured":"Nguy\u00ean, P.Q., Stern, J.: The two faces of lattices in cryptology. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol.\u00a02146, pp. 146\u2013180. Springer, Heidelberg (2001)"},{"issue":"3","key":"8_CR15","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1145\/500559.500560","volume":"32","author":"R. Kumar","year":"2001","unstructured":"Kumar, R., Sivakumar, D.: Complexity of SVP \u2013 a reader\u2019s digest. SIGACT News\u00a032(3), 40\u201352 (2001)","journal-title":"SIGACT News"},{"key":"8_CR16","unstructured":"Micciancio, D.: Lattices in cryptography and cryptanalysis, Lecture notes of a course given in UC San Diego (2002)"},{"key":"8_CR17","unstructured":"Regev, O.: Lattices in computer science, Lecture notes of a course given in Tel Aviv University (2004)"},{"key":"8_CR18","series-title":"The Kluwer International Series in Engineering and Computer Science","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4615-0897-7","volume-title":"Complexity of Lattice Problems: A Cryptographic Perspective","author":"D. Micciancio","year":"2002","unstructured":"Micciancio, D., Goldwasser, S.: Complexity of Lattice Problems: A Cryptographic Perspective. The Kluwer International Series in Engineering and Computer Science, vol.\u00a0671. Kluwer Academic Publishers, Boston, Massachusetts (2002)"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Proc. 33rd ACM Symp. on Theory of Computing, pp. 601\u2013610 (2001)","DOI":"10.1145\/380752.380857"},{"key":"8_CR20","doi-asserted-by":"publisher","first-page":"333","DOI":"10.1007\/BF02128669","volume":"10","author":"J.C. Lagarias","year":"1990","unstructured":"Lagarias, J.C., Lenstra Jr., H.W., Schnorr, C.P.: Korkin-Zolotarev bases and successive minima of a lattice and its reciprocal lattice. Combinatorica\u00a010, 333\u2013348 (1990)","journal-title":"Combinatorica"},{"key":"8_CR21","unstructured":"Goldreich, O., Goldwasser, S., Halevi, S.: Collision-free hashing from lattice problems. Technical Report TR96-056, Electronic Colloquium on Computational Complexity (ECCC) (1996)"},{"key":"8_CR22","unstructured":"Cai, J.-Y., Nerurkar, A.: An improved worst-case to average-case connection for lattice problems. In: Proc. 38th IEEE Symp. on Found. of Comp. Science, pp. 468\u2013477 (1997)"},{"key":"8_CR23","doi-asserted-by":"crossref","unstructured":"Micciancio, D.: Improved cryptographic hash functions with worst-case\/average-case connection. In: Proc. 34th ACM Symp. on Theory of Computing (STOC), pp. 609\u2013618 (2002)","DOI":"10.1145\/509907.509995"},{"key":"8_CR24","doi-asserted-by":"crossref","unstructured":"Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: Proc. 45th Annual IEEE Symp. on Foundations of Computer Science (FOCS), pp. 372\u2013381 (2004)","DOI":"10.1109\/FOCS.2004.72"},{"issue":"4","key":"8_CR25","first-page":"333","volume":"10","author":"D. Micciancio","year":"2006","unstructured":"Micciancio, D.: Generalized compact knapsacks, cyclic lattices, and efficient one-way functions from worst-case complexity assumptions. Computational Complexity\u00a010(4), 333\u2013348 (2006) (to appear, preliminary version in ECCC report TR04-095)","journal-title":"Computational Complexity"},{"key":"8_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/11787006_13","volume-title":"Automata, Languages and Programming","author":"V. Lyubashevsky","year":"2006","unstructured":"Lyubashevsky, V., Micciancio, D.: Generalized compact knapsacks are collision resistant. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol.\u00a04052, pp. 144\u2013155. Springer, Heidelberg (2006)"},{"key":"8_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/11681878_8","volume-title":"Theory of Cryptography","author":"C. Peikert","year":"2006","unstructured":"Peikert, C., Rosen, A.: Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol.\u00a03876, pp. 145\u2013166. Springer, Heidelberg (2006)"},{"key":"8_CR28","doi-asserted-by":"crossref","unstructured":"Ajtai, M., Dwork, C.: A public-key cryptosystem with worst-case\/average-case equivalence. In: Proc. 29th Annual IEEE Symp. on Foundations of Computer Science (FOCS), pp. 284\u2013293 (1997)","DOI":"10.1145\/258533.258604"},{"key":"8_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1007\/BFb0052230","volume-title":"Advances in Cryptology - CRYPTO \u201997","author":"O. Goldreich","year":"1997","unstructured":"Goldreich, O., Goldwasser, S., Halevi, S.: Eliminating Decryption Errors in the Ajtai-Dwork Cryptosystem. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol.\u00a01294, pp. 105\u2013111. Springer, Heidelberg (1997)"},{"key":"8_CR30","doi-asserted-by":"publisher","first-page":"899","DOI":"10.1145\/1039488.1039490","volume":"51","author":"O. Regev","year":"2004","unstructured":"Regev, O.: New lattice-based cryptographic constructions. Journal of the ACM\u00a051, 899\u2013942 (2004); Preliminary version in STOC (2003)","journal-title":"Journal of the ACM"},{"key":"8_CR31","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: Representing hard lattices with O(n logn) bits. In: Proc. 37th Annual ACM Symp. on Theory of Computing (STOC) (2005)","DOI":"10.1145\/1060590.1060604"},{"key":"8_CR32","doi-asserted-by":"crossref","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proc. 37th ACM Symp. on Theory of Computing (STOC), pp. 84\u201393 (2005)","DOI":"10.1145\/1060590.1060603"},{"key":"8_CR33","doi-asserted-by":"publisher","first-page":"625","DOI":"10.1007\/BF01445125","volume":"296","author":"W. Banaszczyk","year":"1993","unstructured":"Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Mathematische Annalen\u00a0296, 625\u2013635 (1993)","journal-title":"Mathematische Annalen"},{"key":"8_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"223","DOI":"10.1007\/BFb0055731","volume-title":"Advances in Cryptology - CRYPTO \u201998","author":"P.Q. Nguy\u00ean","year":"1998","unstructured":"Nguy\u00ean, P.Q., Stern, J.: Cryptanalysis of the ajtai-dwork cryptosystem. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol.\u00a01462, pp. 223\u2013242. Springer, Heidelberg (1998)"},{"key":"8_CR35","doi-asserted-by":"crossref","unstructured":"Schnorr, C.P.: Factoring integers and computing discrete logarithms via Diophantine approximation. In: Cai, J.-Y. (ed.) Advances in computational complexity. DIMACS Series in Discrete Mathematics and Theoretical Computer Science, vol.\u00a013, pp. 171\u2013182. AMS (1993) (Preliminary version in Eurocrypt 1991)","DOI":"10.1090\/dimacs\/013\/10"},{"key":"8_CR36","unstructured":"Adleman, L.M.: Factoring and lattice reduction (unpublished manuscript, 1995)"},{"key":"8_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-540-45146-4_17","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"D. Micciancio","year":"2003","unstructured":"Micciancio, D., Vadhan, S.P.: Statistical zero-knowledge proofs with efficient provers: Lattice problems and more. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 282\u2013298. Springer, Heidelberg (2003)"},{"key":"8_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"342","DOI":"10.1007\/978-3-540-24676-3_21","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"C. Dwork","year":"2004","unstructured":"Dwork, C., Naor, M., Reingold, O.: Immunizing encryption schemes from decryption errors. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol.\u00a03027, pp. 342\u2013360. Springer, Heidelberg (2004)"},{"key":"8_CR39","doi-asserted-by":"crossref","unstructured":"Klivans, A., Sherstov, A.: Cryptographic hardness results for learning intersections of halfspaces, Available as ECCC report TR06-057 (2006)","DOI":"10.1109\/FOCS.2006.24"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology - CRYPTO 2006"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11818175_8.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,17]],"date-time":"2020-11-17T15:16:16Z","timestamp":1605626176000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11818175_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540374329","9783540374336"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/11818175_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2006]]}}}