Shorter hash-and-sign lattice-based signatures

T Espitau, M Tibouchi, A Wallet, Y Yu - Annual International Cryptology …, 2022 - Springer
Lattice-based digital signature schemes following the hash-and-sign design paradigm of
Gentry, Peikert and Vaikuntanathan (GPV) tend to offer an attractive level of efficiency …

Mitaka: A Simpler, Parallelizable, Maskable Variant of Falcon

T Espitau, PA Fouque, F Gérard, M Rossi… - … Conference on the …, 2022 - Springer
This work describes the Mitaka signature scheme: a new hash-and-sign signature scheme
over NTRU lattices which can be seen as a variant of NIST finalist Falcon. It achieves …

Fast practical lattice reduction through iterated compression

K Ryan, N Heninger - Annual International Cryptology Conference, 2023 - Springer
We introduce a new lattice basis reduction algorithm with approximation guarantees
analogous to the LLL algorithm and practical performance that far exceeds the current state …

Lattice‐based cryptosystems in standardisation processes: A survey

A Wang, D Xiao, Y Yu - IET Information Security, 2023 - Wiley Online Library
The current widely used public‐key cryptosystems are vulnerable to quantum attacks. To
prepare for cybersecurity in the quantum era, some projects have been launched to call for …

BAT: Small and fast KEM over NTRU lattices

PA Fouque, P Kirchner, T Pornin, Y Yu - IACR Transactions on …, 2022 - tches.iacr.org
We present BAT–an IND-CCA secure key encapsulation mechanism (KEM) that is based on
NTRU but follows an encryption/decryption paradigm distinct from classical NTRU KEMs. It …

Non-randomness of S-unit lattices

DJ Bernstein, T Lange - Cryptology ePrint Archive, 2021 - eprint.iacr.org
Spherical models of lattices are standard tools in the study of lattice-based cryptography,
except for variations in terminology and minor details. Spherical models are used to predict …

Towards faster polynomial-time lattice reduction

P Kirchner, T Espitau, PA Fouque - … 2021, Virtual Event, August 16–20 …, 2021 - Springer
The lll algorithm is a polynomial-time algorithm for reducing d-dimensional lattice with
exponential approximation factor. Currently, the most efficient variant of lll, by Neumaier and …

Finding dense submodules with algebraic lattice reduction

A Karenin, E Kirshanova - International Conference on Cryptology in …, 2024 - Springer
We prove an algebraic analogue of Pataki-Tural lemma (Pataki-Tural, arXiv: 0804.4014,
2008)–the main tool in analysing the so-called overstretched regime of NTRU. Our result …

Recursive lattice reduction—A framework for finding short lattice vectors

D Aggarwal, T Espitau, S Peters… - 2025 Symposium on …, 2025 - SIAM
We propose a new framework called recursive lattice reduction for finding short non-zero
vectors in a lattice or for finding dense sublattices of a lattice. At a high level, the framework …

Inferring Bivariate Polynomials for Homomorphic Encryption Application

D Maimuţ, G Teşeleanu - Cryptography, 2023 - mdpi.com
Inspired by the advancements in (fully) homomorphic encryption in recent decades and its
practical applications, we conducted a preliminary study on the underlying mathematical …