SABER: Learning with Rounding … For Post-Quantum Crypto, It’s All About Lattice

NIST is now finalising the post-quantum cryptography competition. Overall the methods we can use to replace our existing public key methods are:

• Hash-based/symmetric-based. This includes Merkle signatures, SPHINCS and Picnic, and are used to create digital signatures. They cannot be used for public-key encryption and involve creating a range of private/public key pairs, and which are only used once. We must keep a track of the key pairs that we have used, in order to not use the again.
• Code-based. This includes McEliece and Niederreiter, and have been studied for decades.
• Multivariate. This involves multivariate quadratic methods. An example of this is the oil-and-vinegar method [here].
• Lattice-based. This includes NTRU (Nth degree TRUncated polynomial ring), learning with errors (LWE), Ring LWE, and Learning with Rounding. These have some of the best attributes for creating digital signatures, key exchange and encryption, and with reasonably small encryption keys and ciphertext sizes.
• Isogenies. This includes Supersinglar elliptic curve isogenies. These are interesting but are rather slow at the current time.