Trace-based cryptoanalysis of cyclotomic PLWE for the non-split case
share
We provide an attack against the decision version of PLWE over the cyclotomic ring 𝔽_q[x]/(Φ_p^k(x)) with k>1 in the case where q≡ 1p but Φ_p^k(x) is not totally split over 𝔽_q. Our attack uses that the roots of Φ_p^k(x) over suitable extensions of 𝔽_q have zero-trace and has overwhelming success probability in function of the number of samples taken as input. An implementation in Maple and some examples of our attack are also provided.
READ FULL TEXT