Lattice-Based Cryptography
CryptographyDefinition
A family of post-quantum cryptographic constructions whose security relies on the computational hardness of lattice problems such as Learning With Errors (LWE) and Short Integer Solution (SIS), for which no efficient quantum algorithm is known.
Technical Details
Lattice problems are believed to be hard for both classical and quantum computers, making lattice-based cryptography the dominant approach in NIST's post-quantum standards. Key schemes include Kyber (key encapsulation), Dilithium (signatures), and FALCON (signatures). The Learning With Errors problem involves solving a system of noisy linear equations over integer lattices — computationally intractable without the secret key.
Practical Usage
Security engineers selecting post-quantum algorithms should understand that CRYSTALS-Kyber and CRYSTALS-Dilithium are lattice-based NIST standards suitable for most applications. SPHINCS+ provides a hash-based alternative for situations requiring a security hedge against potential future weaknesses in lattice assumptions.
Examples
- NIST's primary post-quantum standards (ML-KEM/Kyber, ML-DSA/Dilithium, FALCON) are all based on lattice hardness assumptions.
- A cryptography researcher tests the quantum hardness of specific lattice parameters using NIST's PQC evaluation criteria.
- Post-quantum TLS experiments use lattice-based key exchange to protect against quantum decryption of intercepted traffic.