How to Verify the Ring-LWE Challenges

  1. Download the full challenges archive rlwe-challenges-v1.tar.gz using this Torrent file or this Magnet link, and the secrets archive rlwe-secrets-v1.tar.gz.

  2. Unpack both archives from the same directory, which should create a challenges/ directory with various subdirectories chall-id..., each of which contains a .challenge file and several .instance and .secret files. (If your software unpacks each archive in a separate directory, you will need to merge them so that the secrets reside with their corresponding instances.)

  3. To verify the instances and secrets, you will need to run our verification program (or write you own!). A statically linked binary is available for Mac OS (signature). Alternatively, build from source using the Stack build tool:

    > git clone -b lol- --single-branch
    > cd Lol
    > stack setup
    > stack install rlwe-challenges

    (Note: you may need to install g++, zlib1g-dev, and libgmp-dev.)

  4. Copy the rlwe-challenges executable that you downloaded or built into the parent of the challenges/ directory. Then run:

    > rlwe-challenges verify

    The verifier will check that the appropriate secrets have been revealed (as determined by the NIST beacon XML files), and that the secrets and errors look "proper." See our paper for further details.

    In addition, it will try to regenerate the challenges from the revealed PRG seeds. This may be unsuccessful due to platform differences, and is non-fatal. (The challenges were created on a 2010 MacBook Pro with a Core i5 processor, and regeneration is unsuccessful on, e.g., an i7.)

Separately, you may wish to verify that the NIST beacon XML files we distributed are valid. This can be done by checking their built-in digital signatures with this script via:

> challenges challenges/epoch-nnnn.xml

or by re-downloading them from the beacon website.


The Ring-LWE Challenges are a project of Eric Crockett and Chris Peikert, University of Michigan Computer Science and Engineering.