{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T10:55:32Z","timestamp":1769511332014,"version":"3.49.0"},"reference-count":30,"publisher":"Walter de Gruyter GmbH","issue":"1","license":[{"start":{"date-parts":[[2020,11,17]],"date-time":"2020-11-17T00:00:00Z","timestamp":1605571200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,11,17]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>We initiate the study of partial key exposure in Ring-LWE (RLWE)-based cryptosystems. Specifically, we (1) Introduce the search and decision Leaky R-LWE assumptions (Leaky R-SLWE, Leaky R-DLWE), to formalize the hardness of search\/decision RLWE under leakage of some fraction of coordinates of the NTT transform of the RLWE secret. (2) Present and implement an efficient key exposure attack that, given certain 1\/4-fraction of the coordinates of the NTT transform of the RLWE secret, along with samples from the RLWE distribution, recovers the full RLWE secret for standard parameter settings. (3) Present a search-to-decision reduction for Leaky R-LWE for certain types of key exposure. (4) Propose applications to the security analysis of RLWE-based cryptosystems under partial key exposure.<\/jats:p>","DOI":"10.1515\/jmc-2020-0075","type":"journal-article","created":{"date-parts":[[2020,11,30]],"date-time":"2020-11-30T15:54:51Z","timestamp":1606751691000},"page":"72-86","source":"Crossref","is-referenced-by-count":3,"title":["(In)Security of Ring-LWE Under Partial Key Exposure"],"prefix":"10.1515","volume":"15","author":[{"given":"Dana","family":"Dachman-Soled","sequence":"first","affiliation":[{"name":"Department of Electrical and Computer Engineering and UMIACS, University of Maryland , 8125 Paint Branch Dr., College Park, MD 20742 , Maryland United States of America"}]},{"given":"Huijing","family":"Gong","sequence":"additional","affiliation":[{"name":"Department of Computer Science and UMIACS, University of Maryland , 8125 Paint Branch Dr., College Park, MD 20742 , Maryland United States of America"}]},{"given":"Mukul","family":"Kulkarni","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering and UMIACS, University of Maryland , 8125 Paint Branch Dr., College Park, MD 20742 , Maryland United States of America"}]},{"given":"Aria","family":"Shahverdi","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering and UMIACS, University of Maryland , 8125 Paint Branch Dr., College Park, MD 20742 , Maryland United States of America"}]}],"member":"374","published-online":{"date-parts":[[2020,11,17]]},"reference":[{"key":"2025120600293856074_j_jmc-2020-0075_ref_001","unstructured":"Source Code 2019, https:\/\/github.com\/mathcrypt\/RLWE"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_002","doi-asserted-by":"crossref","unstructured":"Adi Akavia, Shafi Goldwasser and Vinod Vaikuntanathan, Simultaneous Hardcore Bits and Cryptography against Memory Attacks, in: TCC 2009 (Omer Reingold, ed.), LNCS 5444, pp. 474\u2013495, Springer, Heidelberg, March 2009.","DOI":"10.1007\/978-3-642-00457-5_28"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_003","unstructured":"Martin Albrecht, Carlos Cid, Jean-Charles Faugere, Robert Fitzpatrick and Ludovic Perret, Algebraic algorithms for LWE problems, (2014)."},{"key":"2025120600293856074_j_jmc-2020-0075_ref_004","doi-asserted-by":"crossref","unstructured":"Martin R. Albrecht, Amit Deo and Kenneth G. Paterson, Cold Boot Attacks on Ring and Module LWE Keys Under the NTT, IACR TCHES 2018 (2018), 173\u2013213, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/7273","DOI":"10.46586\/tches.v2018.i3.173-213"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_005","unstructured":"Erdem Alkim, Roberto Avanzi, Joppe Bos, L\u00e9o Ducas, Antonio de la Piedra, Thomas P\u00f6ppelmann, Peter Schwabe and Douglas Stebila, Newhope: Algorithm specification and supporting documentation. Submission to the NIST Post-Quantum Cryptography Standardization Project, 2017"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_006","unstructured":"Erdem Alkim, L\u00e9o Ducas, Thomas P\u00f6ppelmann and Peter Schwabe, NewHope without reconciliation Cryptology ePrint Archive, Report 2016\/1157, 2016, http:\/\/eprint.iacr.org\/2016\/1157"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_007","unstructured":"Erdem Alkim, L\u00e9o Ducas, Thomas P\u00f6ppelmann and Peter Schwabe, Post-quantum Key Exchange - A New Hope, in: USENIX Security 2016 (Thorsten Holz and Stefan Savage, eds.), pp. 327\u2013343, USENIX Association, August 2016."},{"key":"2025120600293856074_j_jmc-2020-0075_ref_008","doi-asserted-by":"crossref","unstructured":"Jacob Alperin-Sheriff and Chris Peikert, Practical Bootstrapping in Quasilinear Time, in: CRYPTO 2013, Part I (Ran Canetti and Juan A. Garay, eds.), LNCS 8042, pp. 1\u201320, Springer, Heidelberg, August 2013.","DOI":"10.1007\/978-3-642-40041-4_1"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_009","unstructured":"Madalina Bolboceanu, Zvika Brakerski, Renen Perlman and Devika Sharma, Order-LWE and the Hardness of Ring-LWE with Entropic Secrets Cryptology ePrint Archive, Report 2018\/494, 2018, https:\/\/eprint.iacr.org\/2018\/494"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_010","doi-asserted-by":"crossref","unstructured":"Elette Boyle, Gil Segev and Daniel Wichs, Fully Leakage-Resilient Signatures, Journal of Cryptology 26 (2013), 513\u2013558.","DOI":"10.1007\/s00145-012-9136-3"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_011","doi-asserted-by":"crossref","unstructured":"Zvika Brakerski, Yael Tauman Kalai, Jonathan Katz and Vinod Vaikuntanathan, Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage, in: 51st FOCS pp. 501\u2013510, IEEE Computer Society Press, October 2010.","DOI":"10.1109\/FOCS.2010.55"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_012","unstructured":"Eric Crockett and Chris Peikert, Challenges for Ring-LWE., IACR Cryptology ePrint Archive 2016 (2016), 782."},{"key":"2025120600293856074_j_jmc-2020-0075_ref_013","unstructured":"Dana Dachman-Soled, Huijing Gong, Mukul Kulkarni and Aria Shahverdi, On the Leakage Resilience of Ideal-Lattice Based Public Key Encryption Cryptology ePrint Archive, Report 2017\/1127, 2017, https:\/\/eprint.iacr.org\/2017\/1127"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_014","unstructured":"Dana Dachman-Soled, Huijing Gong,Mukul Kulkarni and Aria Shahverdi, Partial Key Exposure in Ring-LWE-Based Cryptosys-tems: Attacks and Resilience Cryptology ePrint Archive, Report 2018\/1068, 2018, https:\/\/eprint.iacr.org\/2018\/1068"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_015","unstructured":"The FPLLL development team, fplll, a lattice reduction library Available at https:\/\/github.com\/fplll\/fplll 2016."},{"key":"2025120600293856074_j_jmc-2020-0075_ref_016","doi-asserted-by":"crossref","unstructured":"Yevgeniy Dodis, Shafi Goldwasser, Yael Tauman Kalai, Chris Peikert and Vinod Vaikuntanathan, Public-Key Encryption Schemes with Auxiliary Inputs, in: TCC 2010 (Daniele Micciancio, ed.), LNCS 5978, pp. 361\u2013381, Springer, Heidelberg, February 2010.","DOI":"10.1007\/978-3-642-11799-2_22"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_017","doi-asserted-by":"crossref","unstructured":"Yevgeniy Dodis, Kristiyan Haralambiev, Adriana L\u00f3pez-Alt and Daniel Wichs, Cryptography against Continuous Memory Attacks, in: 51st FOCS pp. 511\u2013520, IEEE Computer Society Press, October 2010.","DOI":"10.1109\/FOCS.2010.56"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_018","doi-asserted-by":"crossref","unstructured":"Yevgeniy Dodis, Yael Tauman Kalai and Shachar Lovett, On cryptography with auxiliary input, in: 41st ACM STOC (Michael Mitzenmacher, ed.), pp. 621\u2013630, ACM Press, May \/ June 2009.","DOI":"10.1145\/1536414.1536498"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_019","doi-asserted-by":"crossref","unstructured":"Stefan Dziembowski and Krzysztof Pietrzak, Leakage-Resilient Cryptography, in: 49th FOCS pp. 293\u2013302, IEEE Computer Society Press, October 2008.","DOI":"10.1109\/FOCS.2008.56"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_020","unstructured":"Shafi Goldwasser, Yael Tauman Kalai, Chris Peikert and Vinod Vaikuntanathan, Robustness of the Learning with Errors Assumption, in: ICS 2010 (Andrew Chi-Chih Yao, ed.), pp. 230\u2013240, Tsinghua University Press, January 2010."},{"key":"2025120600293856074_j_jmc-2020-0075_ref_021","doi-asserted-by":"crossref","unstructured":"Jonathan Katz and Vinod Vaikuntanathan, Signature Schemes with Bounded Leakage Resilience, in: ASIACRYPT 2009 (Mit-suru Matsui, ed.), LNCS 5912, pp. 703\u2013720, Springer, Heidelberg, December 2009.","DOI":"10.1007\/978-3-642-10366-7_41"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_022","doi-asserted-by":"crossref","unstructured":"Allison B. Lewko, Mark Lewko and Brent Waters, How to leak on key updates, in: 43rd ACM STOC (Lance Fortnow and Salil P. Vadhan, eds.), pp. 725\u2013734, ACM Press, June 2011.","DOI":"10.1145\/1993636.1993732"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_023","doi-asserted-by":"crossref","unstructured":"Vadim Lyubashevsky, Search to decision reduction for the learning with errors over rings problem, in: 2011 IEEE Information Theory Workshop, ITW 2011, Paraty, Brazil, October 16-20, 2011 pp. 410\u2013414, 2011.","DOI":"10.1109\/ITW.2011.6089491"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_024","doi-asserted-by":"crossref","unstructured":"Vadim Lyubashevsky, Chris Peikert and Oded Regev, On Ideal Lattices and Learning with Errors over Rings, in: EURO-CRYPT 2010 (Henri Gilbert, ed.), LNCS 6110, pp. 1\u201323, Springer, Heidelberg, May \/ June 2010.","DOI":"10.1007\/978-3-642-13190-5_1"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_025","doi-asserted-by":"crossref","unstructured":"Vadim Lyubashevsky, Chris Peikert and Oded Regev, On Ideal Lattices and Learning with Errors over Rings, J. ACM 60 (2013), 43:1\u201343:35.","DOI":"10.1145\/2535925"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_026","unstructured":"Vadim Lyubashevsky, Chris Peikert and Oded Regev, A Toolkit for Ring-LWE Cryptography Cryptology ePrint Archive, Report 2013\/293, 2013, http:\/\/eprint.iacr.org\/2013\/293"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_027","doi-asserted-by":"crossref","unstructured":"Tal Malkin, Isamu Teranishi, Yevgeniy Vahlis and Moti Yung, Signatures Resilient to Continual Leakage on Memory and Computation, in: TCC 2011 (Yuval Ishai, ed.), LNCS 6597, pp. 89\u2013106, Springer, Heidelberg, March 2011.","DOI":"10.1007\/978-3-642-19571-6_7"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_028","doi-asserted-by":"crossref","unstructured":"Chris Peikert, How(Not) to Instantiate Ring-LWE, in: SCN 16 (Vassilis Zikas and Roberto De Prisco, eds.), LNCS 9841, pp. 411\u2013430, Springer, Heidelberg, August \/ September 2016.","DOI":"10.1007\/978-3-319-44618-9_22"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_029","doi-asserted-by":"crossref","unstructured":"Krzysztof Pietrzak, A Leakage-Resilient Mode of Operation, in: EUROCRYPT 2009 (Antoine Joux, ed.), LNCS 5479, pp. 462\u2013482, Springer, Heidelberg, April 2009.","DOI":"10.1007\/978-3-642-01001-9_27"},{"key":"2025120600293856074_j_jmc-2020-0075_ref_030","unstructured":"Katherine E. Stange, Algebraic aspects of solving Ring-LWE, including ring-based improvements in the Blum-Kalai-Wasserman algorithm Cryptology ePrint Archive, Report 2019\/183, 2019, https:\/\/eprint.iacr.org\/2019\/183"}],"container-title":["Journal of Mathematical Cryptology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.degruyter.com\/view\/journals\/jmc\/15\/1\/article-p72.xml","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2020-0075\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2020-0075\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T00:29:44Z","timestamp":1764980984000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2020-0075\/html"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,11,17]]},"references-count":30,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2020,11,17]]},"published-print":{"date-parts":[[2020,11,17]]}},"alternative-id":["10.1515\/jmc-2020-0075"],"URL":"https:\/\/doi.org\/10.1515\/jmc-2020-0075","relation":{},"ISSN":["1862-2984"],"issn-type":[{"value":"1862-2984","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,11,17]]}}}