Lattice‐based cryptosystems in standardisation processes: A survey

Abstract The current widely used public‐key cryptosystems are vulnerable to quantum attacks. To prepare for cybersecurity in the quantum era, some projects have been launched to call for post‐quantum alternatives. Due to solid security and desirable performance, lattice‐based cryptosystems are viewed as promising candidates in the upcoming standardisation of post‐quantum cryptography. This study surveys the lattice‐based cryptosystems in the post‐quantum standardisation processes including the NIST Post‐Quantum Cryptography Standardisation and the Chinese Cryptographic Algorithm Design Competition, from both design and security aspects. We present generic design paradigms of lattice‐based schemes and describe several representative proposals and recent progress. We also recap some main cryptanalytic results and methods for estimating the concrete security of lattice‐based schemes.