*Bounty: 50*

*Bounty: 50*

I’m not an expert in PQ-Crypto. As I understood Error Correcting Code and Lattice based crypto.

The cryptographic assumptions are very similar. And the key-difference for me is the nature of the noise. In one case the noise is inspired of the "physical noise", and in the other one, it’s more mathematical and consider a more complex distance (euclidean distance instead hamming distance).

Intuitively, this reason makes sense about the fact that in every apllications I know lattice-based crypto is more efficient than Error-correcting based crypto.

- Is my intuition seems correct to you?
- If yes, is there a theorem which certify that every cryptographic protocol based on an error-correcting code assumption could be transformed in a more efficient protocol based on lattice (i.e with the same level of security and based on a weaker lattice assumption)?
- If No, is there more informal claim of known researcher which consider this question. Or it just doesn’t make sens to compare these two families of assumptions?