Attacks on the Search RLWE Problem with Small Errors
Attacks on the Search RLWE Problem with Small Errors
The Ring Learning-with-Errors (RLWE) problem shows great promise for postquantum cryptography and homomorphic encryption. We describe a new attack on the nondual search RLWE problem with small error widths, using ring homomorphisms to finite fields and the chi-square statistical test. In particular, we identify a "subfield vulnerability" and give a …