This paper suggests to use rounded Gaussians in place of dis- crete Gaussians in rejection-sampling-based lattice signature schemes like BLISS. We show that this distribution can efficiently be sampled from while additionally making it easy to sample in constant time, systematically avoiding recent timing-based side-channel attacks on lattice-based signatures. We show the effectiveness of the new sampler by applying it to BLISS, prove analogues of the security proofs for BLISS, and present an implementation that runs in constant time. Our implementation needs no precomputed tables and is twice as fast as the variable-time CDT sampler posted by the BLISS authors with precomputed tables
Lattice-based cryptography, one of the leading candidates for post-quantum security, relies heavily ...
ABSTRACT. Modern lattice-based public-key cryptosystems require sampling from discrete Gaussian (nor...
© 1968-2012 IEEE. Sampling from a discrete Gaussian distribution is an indispensable part of lattice...
This paper suggests to use rounded Gaussians in place of dis- crete Gaussians in rejection-sampling-...
This paper suggests to use rounded Gaussians in place of discrete Gaussians in rejection-sampling-ba...
This paper suggests to use rounded Gaussians in place of discrete Gaussians in rejection-sampling-ba...
Sampling from discrete Gaussian distribution has applications in lattice-based post-quantum cryptogr...
Although rather recent, lattice-based cryptography has stood out on numerous points, be it by the va...
This paper proposes a discrete Gaussian sampling hardware design that can flexibly support different...
The Gaussian sampler is an integral part in lattice-based cryptography as it has a direct connection...
We report on our implementation of a new Gaussian sampling algorithm for lattice trapdoors. Lattice ...
International audienceOur main result is a construction of a lattice-based digital signature scheme ...
In this paper, we present the lattice-based signature scheme Dilithium, which is a component of the ...
Security parameters and attack countermeasures for Lattice-based cryptosystems have not yet matured ...
Recently cryptographic systems such as Lattice-Based public key demands normal distributions samplin...
Lattice-based cryptography, one of the leading candidates for post-quantum security, relies heavily ...
ABSTRACT. Modern lattice-based public-key cryptosystems require sampling from discrete Gaussian (nor...
© 1968-2012 IEEE. Sampling from a discrete Gaussian distribution is an indispensable part of lattice...
This paper suggests to use rounded Gaussians in place of dis- crete Gaussians in rejection-sampling-...
This paper suggests to use rounded Gaussians in place of discrete Gaussians in rejection-sampling-ba...
This paper suggests to use rounded Gaussians in place of discrete Gaussians in rejection-sampling-ba...
Sampling from discrete Gaussian distribution has applications in lattice-based post-quantum cryptogr...
Although rather recent, lattice-based cryptography has stood out on numerous points, be it by the va...
This paper proposes a discrete Gaussian sampling hardware design that can flexibly support different...
The Gaussian sampler is an integral part in lattice-based cryptography as it has a direct connection...
We report on our implementation of a new Gaussian sampling algorithm for lattice trapdoors. Lattice ...
International audienceOur main result is a construction of a lattice-based digital signature scheme ...
In this paper, we present the lattice-based signature scheme Dilithium, which is a component of the ...
Security parameters and attack countermeasures for Lattice-based cryptosystems have not yet matured ...
Recently cryptographic systems such as Lattice-Based public key demands normal distributions samplin...
Lattice-based cryptography, one of the leading candidates for post-quantum security, relies heavily ...
ABSTRACT. Modern lattice-based public-key cryptosystems require sampling from discrete Gaussian (nor...
© 1968-2012 IEEE. Sampling from a discrete Gaussian distribution is an indispensable part of lattice...