Weak instances of PLWE

Research output: Chapter in Book/Report/Conference proceedingConference contribution

31 Scopus citations


In this paper we present a new attack on the polynomial version of the Ring-LWE assumption, for certain carefully chosen number fields. This variant of RLWE, introduced in [BV11] and called the PLWE assumption, is known to be as hard as the RLWE assumption for 2-power cyclotomic number fields, and for cyclotomic number fields in general with a small cost in terms of error growth. For general number fields, we articulate the relevant properties and prove security reductions for number fields with those properties.We then present an attack on PLWE for number fields satisfying certain properties.

Original languageEnglish (US)
Title of host publicationSelected Areas in Cryptography - SAC 2014 - 21st International Conference, Revised Selected Papers
EditorsAntoine Joux, Amr Youssef
PublisherSpringer Verlag
Number of pages12
ISBN (Electronic)9783319130507
StatePublished - 2014
Event21st International Conference on Selected Areas in Cryptography, SAC 2014 - Montreal, Canada
Duration: Aug 14 2014Aug 15 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other21st International Conference on Selected Areas in Cryptography, SAC 2014

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Weak instances of PLWE'. Together they form a unique fingerprint.

Cite this