Miyaji Laboratory

Currently, as a post-quantum cryptography, the cryptography based on the difficulty of solving a mathematical problem called lattice problem are being researched. Among lattice problems, the Ring- LWE problem is a problem of solving a multielement linear system with errors over the ring of integers in an algebraic number field. The Ring-LWE problem uses an algebraic number field as its defining field, and its algebraic properties are expected to reduce the size of ciphertexts and keys. However, it is not possible to freely choose an algebraic number field that can construct an efficient encryption based on the Ring-LWE problem. This is because it is generally difficult to find the defining polynomial of the integer ring of the defining field. Also, even if we know the representation of bases of the elements of the integer ring, it is not always possible to perform multiplication efficiently. If the choices of the algebraic number field are limited, the choices of the degree of a field extension over the rational number field are limited.In addition, since a cyclotomic field has been well researched , the unique property of the cyclotomic field may be exploited for attacks. Therefore, it is a significant research to increase the kinds of algebraic number fields that can construct efficient encryption based on the Ring-LWE problem. In this research, we proposed the possibility of using the subfield of cyclotomic fields of degree 2 can be used as an algebraic number field that can construct efficient cryptography based on the Ring-LWE problem. In addition, we performed a comparative experiment using the existing method and the proposed method, and showed the usefulness of this research.