IACR News item: 28 November 2015
Eric Crockett, Chris Peikert
ePrint Reportgeneral-purpose software library for lattice cryptography, written in
the functional and strongly typed language Haskell. In comparison
with several prior implementations of lattice-based cryptographic
schemes, \\lol has several novel and distinguishing features,
which include:
* \\emph{Generality and modularity:} \\lol defines simple but
general interfaces for the lattice cryptography ``toolbox,\'\'
allowing for a wide variety of cryptographic schemes to be expressed
very naturally and concisely. For example, we implement an advanced
fully homomorphic encryption (FHE) scheme in as few as 2--5 lines of
code per feature, via code that very closely matches the scheme\'s
mathematical definition.
* \\emph{Parallelism:} \\lol automatically exploits multi-core
parallelism, achieving nearly linear speedups per core. It also
allows for the use of other parallel ``backends\'\' (e.g., based on
GPUs or other specialized hardware), with no changes to application
code.
* \\emph{Theory affinity:} \\lol is designed from the ground-up
around the specialized ring representations, fast algorithms, and
worst-case hardness proofs that have been developed for the Ring-LWE
problem and its cryptographic applications. In particular, \\lol
implements fast algorithms for sampling from
\\emph{theory-recommended} error distributions over \\emph{arbitrary}
cyclotomic rings, and provides tools for maintaining tight control
of error growth in cryptographic schemes.
* \\emph{Advanced features:} \\lol exposes the rich \\emph{hierarchy}
of cyclotomic rings to cryptographic applications. We use this to
give the first-ever implementation of a set of FHE operations
collectively known as ``ring switching,\'\' and also describe a more
efficient variant that we call ``ring tunneling.\'\'
Finally, we document a variety of perspectives, objects, and
algorithms related to practical and theoretically sound usage of
Ring-LWE in cyclotomic rings, which we believe will serve as a useful
reference for future implementations.
Additional news items may be found on the IACR news page.