The microblog: 2020.07.30 05:16:32

2020.07.30 05:16:32 (1288674811120463872) from Daniel J. Bernstein:

In apparently coordinated announcements, NIST and NSA are strongly pushing for lattice-based crypto, specifically structured lattices, specifically cyclotomic lattices, including sizes where published attacks already seem to violate the minimum #NISTPQC security requirements.

2020.07.30 05:24:01 (1288676696531509249) from Daniel J. Bernstein:

The claimed asymptotic lattice security levels were 42% higher just 10 years ago. They were superexponentially higher just 20 years ago. Structured lattices, especially cyclotomic lattices, raise further concerns. Gentry's original STOC 2009 FHE system is broken for cyclotomics.

2020.07.30 05:46:02 (1288682235533516801) from Daniel J. Bernstein:

NIST's report says that if something even worse happens _publicly_ to cyclotomics _before standardization_ then it will reconsider its "confidence". Meanwhile it displays no understanding of the bigger picture of lattices indisputably losing security again and again and again.