Arora & Ge introduced a noise-free polynomial system to compute the secret of a Learning With Errors (LWE) instance via linearization. Albrecht et al. later utilized the Arora-Ge polynomial model to study the complexity of Gr\"obner basis computations on LWE polynomial systems under the assumption of semi-regularity. In this paper we revisit the Arora-Ge polynomial and prove that it satisfies a genericity condition recently introduced by Caminata & Gorla, called being in generic coordinates. For polynomial systems in generic coordinates one can always estimate the complexity of DRL Gr\"obner basis computations in terms of the Castelnuovo-Mumford regularity and henceforth also via the Macaulay bound. Moreover, we generalize the Gr\"obner basis algorithm of Semaev & Tenti to arbitrary polynomial systems with a finite degree of regularity. In particular, existence of this algorithm yields another approach to estimate the complexity of DRL Gr\"obner basis computations in terms of the degree of regularity. In practice, the degree of regularity of LWE polynomial systems is not known, though one can always estimate the lowest achievable degree of regularity. Consequently, from a designer's worst case perspective this approach yields sub-exponential complexity estimates for general, binary secret and binary error LWE. In recent works by Dachman-Soled et al. the hardness of LWE in the presence of side information was analyzed. Utilizing their framework we discuss how hints can be incorporated into LWE polynomial systems and how they affect the complexity of Gr\"obner basis computations.

翻译：Arora与Ge引入了一种无噪声多项式系统，通过线性化方法计算带误差学习（LWE）实例的秘密值。Albrecht等人随后利用Arora-Ge多项式模型，在半正则性假设下研究了LWE多项式系统上Gröbner基计算的复杂度。本文重新审视了Arora-Ge多项式，证明其满足Caminata与Gorla近期提出的一般性条件，即处于一般坐标中。对于一般坐标中的多项式系统，可始终基于Castelnuovo-Mumford正则性（进而通过Macaulay界）估计DRL Gröbner基计算的复杂度。此外，我们将Semaev与Tenti的Gröbner基算法推广至具有有限正则度的任意多项式系统。特别地，该算法的存在性提供了另一种基于正则度估计DRL Gröbner基计算复杂度的途径。实践中，尽管LWE多项式系统的正则度未知，但总能估计其可达的最低正则度。因此从设计者最坏情况视角出发，该方法对一般型、二元秘密型及二元误差型LWE均给出亚指数复杂度估计。在Dachman-Soled等人近期工作中，分析了存在侧信息时LWE问题的困难性。借助其框架，我们探讨了如何将提示信息融入LWE多项式系统，以及这些信息对Gröbner基计算复杂度的影响。