Lattice-based cryptography is a key enabler for post-quantum cryptography. For example, the US standards agency NIST selected five algorithms for post-quantum cryptography standardisation, three of which are lattice-based. A hard lattice problem involves solving a linear algebra problem with the constraint that the solution has a small Euclidean norm. In cryptographic applications, LWE and SIS, along with their generalisations to modules over cyclotomic fields, are foundational hard problems and feature reductions from standard lattice problems, such as finding short linearly independent vectors in arbitrary, module, or ideal lattices.
While lattice-based cryptography has been successful, a consensus is forming that we have reached a limit of what we can do from such well-established problems. Thus, researchers are introducing novel variants of these presumed-hard problems to develop quantum-safe privacy-enhancing technologies (PETs). Many PETs lack efficient lattice-based or other efficient post-quantum constructions. Examples include advanced encryption schemes with fine-grained access control, blind signatures, anonymous credentials, oblivious PRFs, and threshold constructions. Adopting novel hardness assumptions reflects a long-standing tension in cryptography: more structure enables advanced functionalities but may offer flexibility to solve presumed-hard problems, invalidating their hardness. As these assumptions proliferate, the risk grows that they remain understudied and may lack the robustness to serve as foundations for a privacy-respecting post-quantum digital society.
This workshop brings together cryptanalysts and designers to study these novel assumptions, aiming to validate or invalidate them.
Information on participation to follow.
