deletions | additions       diff --git a/untitled.tex b/untitled.tex  index 350115a..2483d89 100644  --- a/untitled.tex  +++ b/untitled.tex 
...
The above would take approximately 5,000 queries (assuming that standard ring size of $N=1024$).  \section{Attack variants}  One issue is that the \cite{Ding_2012} variant of the protocol has Alice adding an error vector to the computed $V$ vector before doing the reconciliation; this would add in errors to our tests. This can be handled either by running multiple probes (and testing how it worked), or by increasing the $j, k$ values (to attempt to magnify the signal over the noise).  In addition, the test (as written) assumes that Eve gets only a single bit per probe (whether her guess of the shared secret was accurate or not). If it is Alice that first sends the encrypted message, then it is possible that Eve might probe several bits per attempt (as Eve would be able to compute the shared secrets for each setting of the bits under test, and see which version matches the encrypted data she sees from Alice).  \section{Conclusions and Recommendations}  The above shows how ring-LWE based key exchange can practically be broken if the same key share is reused. Ring-LWE is still believed to be safe when a fresh key share is used every time; however one needs to be careful that is the case.