This paper suggests to use rounded Gaussians in place of dis- crete Gaussians in rejection-sampling-based lattice signature schemes like BLISS. We show that this distribution can efficiently be sampled from while additionally making it easy to sample in constant time, systematically avoiding recent timing-based side-channel attacks on lattice-based signatures.
|Place of Publication||s.l.|
|Number of pages||38|
|Publication status||Published - 2017|
|Name||Cryptology ePrint Archive|