Description
The LWE problem is ubiquitous in lattice cryptography. In order to try and design more efficient cryptosystems, an increasing number of LWE variants are being considered. In this talk, we consider a variant of LWE over the integers i.e. without modular reduction. We explain why the problem is easy to solve with a large number of samples, and show how this leads to a side-channel attack on the BLISS signature scheme.