An Enumeration-Like Vector Sampling Method for Solving Approximate SVP

  • Luan LuanEmail author
  • Chunxiang Gu
  • Yonghui Zheng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11806)


Lattice reduction with random sampling is a kind of randomized heuristic algorithm for solving approximate Shortest Vector Problem (SVP). In this paper, we propose a lattice vector sampling method for solving approximate SVP. Firstly, we apply enumeration techniques into vector sampling using natural number’s representation (NNR), enlightened by discrete pruning. Secondly, to find optimal parameters for the enumeration-like sampling method, we study the statistical properties of a structured candidate vector set, and give a parameter calculation strategy for minimizing the sampling time. This new sampling method is a universal framework that can be embedded into most of the sampling-reduction algorithms. The experimental result shows that sampling reduction algorithm with the new sampling method embedded runs faster than the original Restricted Reduction (RR) algorithm within 90 dimensions.


Public-key cryptosystem Shortest vector problem Lattice reduction Enumeration 


  1. 1.
  2. 2.
  3. 3.
    Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Proceedings of the Thirty-Third Annual ACM Symposium on Theory of Computing, pp. 601–610. ACM (2001)Google Scholar
  4. 4.
    Aono, Y., Nguyen, P.Q.: Random sampling revisited: lattice enumeration with discrete pruning. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 65–102. Springer, Cham (2017). Scholar
  5. 5.
    Becker, A., Ducas, L., Gama, N., Laarhoven, T.: New directions in nearest neighbor searching with applications to lattice sieving. In: Proceedings of the Twenty-Seventh Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 10–24. Society for Industrial and Applied Mathematics (2016)Google Scholar
  6. 6.
    Boneh, D., et al.: Twenty years of attacks on the RSA cryptosystem. Not.-Am. Math. Soc. 46, 203–213 (1999)MathSciNetzbMATHGoogle Scholar
  7. 7.
    Buchmann, J., Ludwig, C.: Practical lattice basis sampling reduction. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 222–237. Springer, Heidelberg (2006). Scholar
  8. 8.
    Coppersmith, D.: Finding small solutions to small degree polynomials. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 20–31. Springer, Heidelberg (2001). Scholar
  9. 9.
    van Emde Boas, P.: Another NP-complete problem and the complexity of computing short vectors in a lattice. Tecnical report, Department of Mathmatics, University of Amsterdam (1981)Google Scholar
  10. 10.
    Fukase, M., Kashiwabara, K.: An accelerated algorithm for solving SVP based on statistical analysis. J. Inf. Process. 23(1), 67–80 (2015)Google Scholar
  11. 11.
    Gama, N., Nguyen, P.Q., Regev, O.: Lattice enumeration using extreme pruning. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 257–278. Springer, Heidelberg (2010). Scholar
  12. 12.
    Kannan, R.: Improved algorithms for integer programming and related lattice problems. In: Proceedings of the Fifteenth Annual ACM Symposium on Theory of Computing, pp. 193–206. ACM (1983)Google Scholar
  13. 13.
    Khot, S.: Hardness of approximating the shortest vector problem in lattices. J. ACM (JACM) 52(5), 789–808 (2005)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Laarhoven, T.: Sieving for shortest vectors in lattices using angular locality-sensitive hashing. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 3–22. Springer, Heidelberg (2015). Scholar
  15. 15.
    Micciancio, D.: Lattice-based cryptography. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, pp. 713–715. Springer, Boston (2011). Scholar
  16. 16.
    Nguyen, P.Q., Vidick, T.: Sieve algorithms for the shortest vector problem are practical. J. Math. Cryptol. 2(2), 181–207 (2008)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM (JACM) 56(6), 34 (2009)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Schnorr, C.P.: Lattice reduction by random sampling and birthday methods. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 145–156. Springer, Heidelberg (2003). Scholar
  19. 19.
    Teruya, T., Kashiwabara, K., Hanaoka, G.: Fast lattice basis reduction suitable for massive parallelization and its application to the shortest vector problem. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10769, pp. 437–460. Springer, Cham (2018). Scholar
  20. 20.
    Van Hoeij, M.: Factoring polynomials and the Knapsack problem. J. Number Theory 95(2), 167–189 (2002)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Yasuda, M., Yokoyama, K., Shimoyama, T., Kogure, J., Koshiba, T.: Analysis of decreasing squared-sum of gram-schmidt lengths for short lattice vectors. J. Math. Cryptol. 11(1), 1–24 (2017)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Henan Key Laboratory of Network Cryptography TechnologyZhengzhouChina

Personalised recommendations