Module Learning with Errors (M-LWE) based key reconciliation mechanisms (KRM) can be viewed as quantizing an M-LWE sample according to a lattice codebook. This paper describes a generic M-LWE-based KRM framework, valid for any dimensional lattices and any modulus $q$ without a dither. Our main result is an explicit upper bound on the decryption failure rate (DFR) of M-LWE-based KRM. This bound allows us to construct optimal lattice quantizers to reduce the DFR and communication cost simultaneously. Moreover, we present a KRM scheme using the same security parameters $(q,k,\eta_1,\eta_2)$ as in Kyber. Compared with Kyber, the communication cost is reduced by up to $36.47\%$ and the DFR is reduced by a factor of up to $2^{99}$. The security arguments remain the same as Kyber.

翻译：基于模学习误差(M-LWE)的密钥协调机制(KRM)可视为根据格点码本对M-LWE样本进行量化。本文描述了一种通用的基于M-LWE的KRM框架，适用于任意维度格点及任意模数$q$且无需抖动。我们的主要成果是给出了基于M-LWE的KRM解密失败率(DFR)的显式上界。该上界使我们能够构造最优格点量化器，从而同时降低DFR与通信开销。此外，我们提出了一个采用与Kyber相同安全参数$(q,k,\eta_1,\eta_2)$的KRM方案。与Kyber相比，通信开销降低高达$36.47\%$，DFR降低幅度可达$2^{99}$倍。安全性论证与Kyber保持一致。