Miyaji Laboratory

In today's information society, RSA cryptography and elliptic curve cryptography play a fundamental role in cryptography. However, it has been proven that these cryptosystems can be easily deciphered by large-scale quantum computers, which have been steadily developed. Therefore, lattice-based cryp tography, which are considered to be difficult to crack even with a large-scale quantum computer, have attracted much attention. In fact, no algorithm has been discovered that can mathematically solve lattice based cryptography, and two algorithms, CRYSTALS-KYBER and CRYSTALS-Dilithium, which were decided to be standardized by NIST-PQC, use the lattice problem called Module-LWE (Lerning with Errors) problem. However, the security of the problem has not yet been proven, and various methods have been used to analyze and verify the security of the problem. The Module-LWE problem general izes the sample a and secret s of the Ring-LWE problem to a vector of rank d. In the analysis of the Module-LWE problem defined on a power-of-two cyclotomic field or its subfields, the security verification is carried out by the Progressive-BKZ basis reduction algorithm which attacks by changing the block size, which is different from the BKZ basis reduction algorithm. Kannan's embedding method is extended to the Module-LWE problem over power-of-two cyclotomic field. In this study, we conducted experiments for the following two purposes. An extension of Kannan's embedding method is applied to Module-LWE problems on various algebraic fields. Next, we attack the Module-LWE problem defined on various alge braic fields with Kannan's embedding method by changing the rank of the Module-LWE problem, and verify the security of the Module-LWE problem depending on the rank and algebric fields.