Abstract:
The Rényi divergence is a measure of closeness of two probability distributions. In this talk, I’ll show that it can often be used as an alternative to the statistical distance in security proofs for lattice-based cryptography. Using the Rényi divergence is particularly suited for security proofs of primitives in which the attacker is required to solve a search problem (e.g., forging a signature). Then I'll show that it may also be used in the case of distinguishing problems (e.g., semantic security of encryption schemes), when they enjoy a *public sampleability* property. The techniques lead to security proofs for schemes with smaller parameters, and sometimes to simpler security proofs than the existing ones.