[1] LYUBASHEVSKY V,PEIKERT C,REGEV O.On ideal lattices and learning with errors over rings[J].Journal of the ACM,2013,60(6):1-43. [2] PWEIKEIT C.A decade of lattice cryptography[J].Theoretical Computer Science,2016,10(4):283-424. [3] ZHANG Yanhua,HU Yupu.A new verifiably encrypted signature scheme from lattices[J].Journal of Computer Research and Development,2017,54(2):305-312.(in Chinese)张彦华,胡予濮.新的基于格的可验证加密签名方案[J].计算机研究与发展,2017,54(2):305-312. [4] DUAN Ran,GU Chunxiang,ZHU Yuefei,et al.An identity-based fully homomorphic encryption over NTRU lattice[J].Acta Electronica Sinica,2018,46(10):2410-2417.(in Chinese)段然,顾纯祥,祝跃飞,等.一种NTRU格上基于身份全同态加密体制设计[J].电子学报,2018,46(10):2410-2417. [5] PEIKERT C.An efficient and parallel gaussian sampler for lattices[C]//Proceedings of CRYPTO'10.Santa Barbara,USA:[s.n.],2010:80-97. [6] LI Zichen,LIANG Lan,SUN Yafei.Digital certificate scheme based on lattice signature algorithm[J].Journal of Cryptologic Research,2018,5(1):13-20.(in Chinese)李子臣,梁斓,孙亚飞.一种基于格签名算法的数字证书方案[J].密码学报,2018,5(1):13-20. [7] YAN Xixi,LIU Yuan,LI Zichen,et al.Privacy-preserving attribute-based encryption scheme on ideal lattices[J].Journal on Communications,2018,39(3):128-135.(in Chinese)闫玺玺,刘媛,李子臣,等.理想格上支持隐私保护的属性基加密方案[J].通信学报,2018,39(3):128-135. [8] MICCIANCIO D,REGEV O.Worst-case to average-case reductions based on gaussian measures[J].SIAM Journal on Computing,2007,37(1):267-302. [9] GENIES N,MICCIANCIO D.Faster Gaussian sampling for trapdoor lattices with arbitrary modulus[C]//Proceedings of EUROCRYPT'18.Tel Aviv,Israel:[s.n.],2018:174-203. [10] MICCIANCIO D,WALER M.Gaussian sampling over the integers:efficient,generic,constant-time[C]//Proceedings of CRYPTO'17.Santa Barbara,USA:[s.n.],2017:455-485. [11] DUCAS L,DURMUS A,LEPOINT T,et al.Lattice signatures and bimodal Gaussians[C]//Proceedings of CRYPTO'13.Santa Barbara,USA:[s.n.],2013:40-56. [12] FOLLATH J.Gaussian sampling in lattice based cryptography[J].Tatra Mountains Mathematical Publications,2014,60(1):1-23. [13] DWARAKANATH N C,GALBRAITH S D.Sampling from discrete gaussians for lattice-based cryptography on a constrained device[J].Communication and Computing,2014,25(3):159-180. [14] BRUINDERINK L G,HULSING A,LANGE T,et al.Flush,Gauss,and reload-a cache attack on the BLISS lattice-based signature scheme[C]//Proceedings of CHES'16.Santa Barbara,USA:[s.n.],2016:323-345. [15] ESOITAU T,FOUQUE P,GERARD B,et al.Side-channel attacks on bliss lattice-based signatures:exploiting branch tracing against strong swan and electromagnetic emanations[C]//Proceedings of ACM SIGSAC'17.Dallas,USA:ACM Press,2017:1857-1874. [16] HOWE J,KHALID A,RAFFERTY C,et al.On practical discrete Gaussian samplers for lattice-based cryptography[J].IEEE Transactions on Computers,2018,67(3):322-334. [17] KARMAKAR A,ROY S S,REPARAZ O,et al.Constant-time discrete Gaussian sampling[J].IEEE Transactions on Computers,2018,67(11):1561-1571. [18] KARMAKAR A,ROY S S,REPARAZ O,et al.Pushing the speed limit of constant-time discrete Gaussian sampling:a case study on falcon[EB/OL].[2019-05-10].https://eprint.iacr.org/2019/267. [19] PREST T.Sharper bounds in lattice-based cryptography using the rényi divergence[C]//Proceedings of ASIACRYPT'17.Hong Kong,China:[s.n.],2017:347-374. [20] FOG A.VCL,C++ vector class library[EB/OL].[2019-05-10].https://www.agner.org/optimize/vectorclass.pdf. |