Advertisement

An Enumeration-Like Vector Sampling Method for Solving Approximate SVP

  • Luan LuanEmail author
  • Chunxiang Gu
  • Yonghui Zheng
Conference paper
  • 621 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11806)

Abstract

Lattice reduction with random sampling is a kind of randomized heuristic algorithm for solving approximate Shortest Vector Problem (SVP). In this paper, we propose a lattice vector sampling method for solving approximate SVP. Firstly, we apply enumeration techniques into vector sampling using natural number’s representation (NNR), enlightened by discrete pruning. Secondly, to find optimal parameters for the enumeration-like sampling method, we study the statistical properties of a structured candidate vector set, and give a parameter calculation strategy for minimizing the sampling time. This new sampling method is a universal framework that can be embedded into most of the sampling-reduction algorithms. The experimental result shows that sampling reduction algorithm with the new sampling method embedded runs faster than the original Restricted Reduction (RR) algorithm within 90 dimensions.

Keywords

Public-key cryptosystem Shortest vector problem Lattice reduction Enumeration 

References

  1. 1.
  2. 2.
  3. 3.
    Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Proceedings of the Thirty-Third Annual ACM Symposium on Theory of Computing, pp. 601–610. ACM (2001)Google Scholar
  4. 4.
    Aono, Y., Nguyen, P.Q.: Random sampling revisited: lattice enumeration with discrete pruning. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 65–102. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56614-6_3CrossRefGoogle Scholar
  5. 5.
    Becker, A., Ducas, L., Gama, N., Laarhoven, T.: New directions in nearest neighbor searching with applications to lattice sieving. In: Proceedings of the Twenty-Seventh Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 10–24. Society for Industrial and Applied Mathematics (2016)Google Scholar
  6. 6.
    Boneh, D., et al.: Twenty years of attacks on the RSA cryptosystem. Not.-Am. Math. Soc. 46, 203–213 (1999)MathSciNetzbMATHGoogle Scholar
  7. 7.
    Buchmann, J., Ludwig, C.: Practical lattice basis sampling reduction. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 222–237. Springer, Heidelberg (2006).  https://doi.org/10.1007/11792086_17CrossRefGoogle Scholar
  8. 8.
    Coppersmith, D.: Finding small solutions to small degree polynomials. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 20–31. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44670-2_3CrossRefGoogle Scholar
  9. 9.
    van Emde Boas, P.: Another NP-complete problem and the complexity of computing short vectors in a lattice. Tecnical report, Department of Mathmatics, University of Amsterdam (1981)Google Scholar
  10. 10.
    Fukase, M., Kashiwabara, K.: An accelerated algorithm for solving SVP based on statistical analysis. J. Inf. Process. 23(1), 67–80 (2015)Google Scholar
  11. 11.
    Gama, N., Nguyen, P.Q., Regev, O.: Lattice enumeration using extreme pruning. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 257–278. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_13CrossRefGoogle Scholar
  12. 12.
    Kannan, R.: Improved algorithms for integer programming and related lattice problems. In: Proceedings of the Fifteenth Annual ACM Symposium on Theory of Computing, pp. 193–206. ACM (1983)Google Scholar
  13. 13.
    Khot, S.: Hardness of approximating the shortest vector problem in lattices. J. ACM (JACM) 52(5), 789–808 (2005)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Laarhoven, T.: Sieving for shortest vectors in lattices using angular locality-sensitive hashing. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 3–22. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-47989-6_1CrossRefzbMATHGoogle Scholar
  15. 15.
    Micciancio, D.: Lattice-based cryptography. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, pp. 713–715. Springer, Boston (2011).  https://doi.org/10.1007/978-1-4419-5906-5_417CrossRefGoogle Scholar
  16. 16.
    Nguyen, P.Q., Vidick, T.: Sieve algorithms for the shortest vector problem are practical. J. Math. Cryptol. 2(2), 181–207 (2008)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM (JACM) 56(6), 34 (2009)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Schnorr, C.P.: Lattice reduction by random sampling and birthday methods. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 145–156. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36494-3_14CrossRefGoogle Scholar
  19. 19.
    Teruya, T., Kashiwabara, K., Hanaoka, G.: Fast lattice basis reduction suitable for massive parallelization and its application to the shortest vector problem. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10769, pp. 437–460. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-76578-5_15CrossRefGoogle Scholar
  20. 20.
    Van Hoeij, M.: Factoring polynomials and the Knapsack problem. J. Number Theory 95(2), 167–189 (2002)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Yasuda, M., Yokoyama, K., Shimoyama, T., Kogure, J., Koshiba, T.: Analysis of decreasing squared-sum of gram-schmidt lengths for short lattice vectors. J. Math. Cryptol. 11(1), 1–24 (2017)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Henan Key Laboratory of Network Cryptography TechnologyZhengzhouChina

Personalised recommendations