This paper proposes an error rate analysis method for Binary Ring Learning with Errors (bin-RLWE) cryptosystems where the secret and error are binary. We derive a computable method for the bit error rate (BER) in encryption and decryption processes using a normal approximation, and estimate an upper bound on the overall decryption failure probability (at least one bit error) via a union bound. The framework was validated through 109 full encrypt-decrypt tests for each of four parameter sets. Based on this analysis, we provide parameter selections for implementations requiring overall failure probability bounds of 2-16 and 2-32. We also evaluate the hardware performance of these parameters on 28 nm ASIC and Xilinx Kintex-7 FPGA platforms, measuring resource usage and latency. Comparisons with conventional RLWE implementations show that bin-RLWE achieves better resource efficiency and faster processing. Unlike Number Theoretic Transform-based RLWE implementations that commonly constrain dimensions in practice, our shifting convolution-based approach removes this implementation constraint, enabling more flexible parameter choices. Finally, we discuss the correctness-security trade-off in bin-RLWE and report estimated security levels against primal attack for the selected parameter sets.
Ziyang et al. (Thu,) studied this question.