The modulus switching technique has been used in some cryptographic applications as well as in cryptanalysis. For cryptanalysis against the learning with errors (LWE) problem and the learning with rounding (LWR) problem, it seems that one does not know whether the technique is really useful or not. This work supplies a complete view of the impact of this technique on the decoding attack, the dual attack and the primal attack against both LWE and LWR. For each attack, the authors give the optimal formula for the switching modulus. The formulas get involved the number of LWE/LWR samples, which differs from the known formula in the literature. They also attain the corresponding sufficient conditions saying when one should utilise the technique. Surprisingly, restricted to the LWE/LWR problem that the secret vector is much shorter than the error vector, they also show that performing the modulus switching before using the so-called rescaling technique in the dual attack and the primal attack make these attacks worse than only exploiting the rescaling technique as reported by Bai and Galbraith at the Australasian conference on information security and privacy (ACISP) 2014 conference. As an application, they theoretically assess the influence of the modulus switching on the LWE/LWR-based second round NIST PQC submissions.

中文翻译：

---

模数切换技术对某些学习障碍的影响

模数转换技术已用于某些密码学应用程序以及密码分析中。对于针对带错误学习（LWE）问题和带舍入学习（LWR）问题的密码分析，似乎不知道该技术是否真的有用。这项工作完整地介绍了此技术对LWE和LWR的解码攻击，双重攻击和原始攻击的影响。对于每次攻击，作者都给出了开关模量的最佳公式。这些公式涉及LWE / LWR样本的数量，这与文献中的已知公式有所不同。他们还获得了相应的充分条件，表明何时应该使用该技术。出奇，限于秘密向量比误差向量短得多的LWE / LWR问题，他们还表明，在双重攻击和原始攻击中使用所谓的重新缩放技术之前执行模数转换会使这些攻击比仅利用漏洞更糟Bai和Galbraith在2014年澳大利亚信息安全与隐私（ACISP）会议上报告的重新缩放技术。作为应用，他们从理论上评估了模数转换对基于LWE / LWR的第二轮NIST PQC提交的影响。他们还表明，在双重攻击和原始攻击中使用所谓的重新缩放技术之前执行模数转换，使这些攻击比仅利用Bai和Galbraith在澳大利亚信息安全和隐私会议上报告的重新缩放技术更糟糕（ ACISP）2014年会议。作为应用，他们从理论上评估了模数转换对基于LWE / LWR的第二轮NIST PQC提交的影响。他们还表明，在双重攻击和原始攻击中使用所谓的重新缩放技术之前执行模数转换，使这些攻击比仅利用Bai和Galbraith在澳大利亚信息安全和隐私会议上报告的重新缩放技术更糟糕（ ACISP）2014年会议。作为应用，他们从理论上评估了模数转换对基于LWE / LWR的第二轮NIST PQC提交的影响。