Lattice-based Cryptography
What it is
Cryptography built on the apparent hardness of problems on point lattices — chiefly Learning With Errors (LWE) and Short Integer Solution (SIS), and their efficient ring variants. These assumptions support encryption, signatures, and advanced primitives, with security that can be reduced to worst-case lattice problems.
Why it matters — security & society
Lattice problems are believed to resist quantum attacks, which is why they underpin the first NIST-standardized post-quantum schemes (ML-KEM/Kyber and ML-DSA/Dilithium). As “harvest-now, decrypt-later” collection makes today’s encrypted traffic a future liability, migrating to lattice-based cryptography protects the long-term confidentiality of communications, health, and financial data. The same machinery also enables fully homomorphic encryption, making lattices a backbone of privacy-preserving computation.
Books & surveys
- A Decade of Lattice Cryptography — Chris Peikert. The go-to survey: SIS/LWE, hardness, and applications.
- Basic Lattice Cryptography: Kyber and Dilithium — Vadim Lyubashevsky. A concise, concrete path into the standardized schemes. (article)
- On lattices, learning with errors, … — Oded Regev. The foundational LWE paper.
- A Gentle Introduction to Lattice-Based Cryptography - Alfred Menezes.
Lecture notes & courses
- Lattices in Cryptography — Chris Peikert. Graduate course notes.