Cryptanalysis of PLWE based on zero-trace quadratic roots

TL;DR

This paper extends existing attacks on the Polynomial Learning With Errors (PLWE) problem to specific ring structures with quadratic roots, exploiting zero-trace properties to achieve high success rates, supported by Maple implementations.

Contribution

It introduces a novel attack on PLWE for rings with quadratic factors, leveraging zero-trace roots, and demonstrates its effectiveness through implementation and examples.

Findings

The attack has high success probability with sufficient samples.

The method applies to rings with specific quadratic polynomial factors.

Implementation results confirm the attack's practicality.

Abstract

We extend two of the attacks on the PLWE problem presented in (Y. Elias, K. E. Lauter, E. Ozman, and K. E. Stange, Ring-LWE Cryptography for the Number Theorist, in Directions in Number Theory, E. E. Eischen, L. Long, R. Pries, and K. E. Stange, eds., vol. 3 of Association for Women in Mathematics Series, Cham, 2016, Springer International Publishing, pp. 271-290) to a ring $R_q=\mathbb{F}_q[x]/(f(x))$ where the irreducible monic polynomial $f(x)\in\mathbb{Z}[x]$ has an irreducible quadratic factor over $\mathbb{F}_q[x]$ of the form $x^2+\rho$ with $\rho$ of suitable multiplicative order in $\mathbb{F}_q$. Our attack exploits the fact that the trace of the root is zero, and has overwhelming success probability as a function of the number of samples taken as input. An implementation in Maple and some examples of our attack are also provided.