Talk:Lattice-based cryptography

Merge Lattice problems into this article
I propose merger of the Lattice problems article into this one. IMHO, the Lattice problems article, in its current state, does not warrant a separate page. Also, eventually, many of the problems mentioned will have a separate page of their own, and hence, the article will end up being a short condensed summary of each problem, the number of which is not too many. Hrushikesh Tilak (talk) 21:25, 31 July 2009 (UTC)


 * Agreed. Merging is a good idea. --Robin (talk) 17:35, 20 August 2009 (UTC)
 * Agreed. They really should be merged. Search engines point to this page on some searches and to Lattice Based Cryptography page on others (related searches). I second your thoughts on this. —Preceding unsigned comment added by Akashssp (talk • contribs) 16:40, 9 January 2010 (UTC)
 * Disagreed. This article is about a hard problem in computer science. Many such problems may have applications in cryptography, however that is not their primary function. They are surely separate articles. —Preceding unsigned comment added by 128.82.39.139 (talk) 14:40, 13 September 2010 (UTC)
 * Disagreed. Ditto the above comments. Theoretical computer science has a separate existence outside of the world of cryptography.  — 15 March 2011  (talk)


 * Disagreed. Ditto the above comments. Why do we have separate articles for RSA, factoring and discrete logarithms? Because one must distinguish a computational problem from its (cryptographic) applications. I think the lattice problems article should include the information related to mathematical problem, methods to tackle them and a short section for the "distinction" between its classical and quantum complexity; the cryptography page should contain the information related lattice protocols, comparison with other ones and a discussion about their robustness.


 * By the way, I am not an expert on this particular topic but I it is related to my work; I study quantum computation and information. Garrapito (talk) 10:35, 18 December 2011 (UTC)

Ridiculous
This article is total jargon and useless for the general reader who wants to know more about lattice cryptography. It is so bad, in fact, that it uses the same terms to define terms, e.g.: "Lattice-based cryptography is the generic term for asymmetric cryptographic primitives based on lattices". HA! WTF does that mean? The writer has already introduced esoteric terms (primitives) thus rendering a basic understanding of the subject difficult if not impossible. Wikipedia's major goal is to disseminate information. This article does not do that. It is also apparent to me that the ditto-heads above can't see the forest for the trees. Dangnad (talk) 02:18, 3 April 2016 (UTC):
 * This article is total jargon and useless for the general reader who wants to know more about lattice cryptography.
 * The article could be better, but I don't think "the general reader" is reading articles on lattices or lattice-based cryptography (though I think cryptography is much more likely to be read by less technical readers).
 * It is so bad, in fact, that it uses the same terms to define terms, e.g.: "Lattice-based cryptography is the generic term for asymmetric cryptographic primitives based on lattices".
 * Lattice-based cryptography is a generic term. What's it a generic term for? It's a generic term for asymmetric cryptographic primitives based on lattices. If you don't know those terms, follow the wikilinks. What do *you* think the first sentence should be?
 * The writer has already introduced esoteric terms (primitives) thus rendering a basic understanding of the subject difficult if not impossible.
 * Again, follow the wikilink. This is the first sentence of an article on a highly technical topic.
 * Wikipedia's major goal is to disseminate information. This article does not do that.
 * Yes it does; try restating that.
 * It is also apparent to me that the ditto-heads above can't see the forest for the trees.
 * Being rude isn't going to help anything.
 * It would probably be better to make some suggestions for improvements, or make those improvements yourself. It would be awesome if you (or someone else) could write a Simple English article for this topic. Cyphase (talk) 03:19, 3 April 2016 (UTC)

Why asymmetric?
I don't see any reason why lattice-based crypto needs to be asymmetric. I'm not an expert on lattice-based crypto but I have least seen one symmetric cryptosystem and one commitment scheme based on lattices. — Preceding unsigned comment added by 2001:BB8:2002:3400:5869:6820:F55D:FD67 (talk) 08:29, 23 August 2016 (UTC)

Fixed.03:51, 3 May 2017 (UTC) — Preceding unsigned comment added by NoahSD (talk • contribs)

Made many changes
I rewrote the introduction, history, and mathematical background sections. I think they were all pretty poorly written before, unfortunately. They contained many false, confusing, and/or extraneous statements.

I'm new to making major edits in Wikipedia, so I might have done something really dumb. I apologize if I did. If not, I'll continue editing the rest of the article.

NoahSD (talk) 03:56, 3 May 2017 (UTC)

I have NO idea why lattice cryptography should be quantum secure
Can't the quantum computer split itself across universes to try every lattice password at once, and then recombine itself into the one universe where it unlocked the lattice cryptography? — Preceding unsigned comment added by 74.178.55.176 (talk) 10:46, 17 August 2018 (UTC)