Abstract
The \(\lambda _i\)-gap \(\lambda _i/\lambda _1\) among the successive minima of a lattice especially its \(\lambda _2\)-gap often provides useful information for analyzing the security of lattice-based cryptographic schemes. In this paper, we mainly study the efficiency of shortest vector problem (SVP) algorithms for lattices with \(\lambda _i\)-gap. First, we prove new upper bounds for the packing density of this type of lattices. Based on these results, we discuss the efficiency of the ListSieve-Birthday algorithm proposed by Pujol and Stehlé for SVP, and obtain the conclusion that the complexity will decrease obviously as the \(\lambda _i\)-gap increases. Particularly, ListSieve-Birthday becomes faster than the current best deterministic (Voronoi cell-based) algorithm for SVP, as long as \(\lambda _2\)-gap is larger than 1.78. When \(\lambda _2\)-gap is up to 28, the time complexity is \(2^{0.9992n+o(n)}\), and the coefficient factor of \(n\) is approximately to 0.802 if \(\lambda _2\)-gap is large enough. Moreover, we provide an SVP approximation algorithm modified by the ListSieve-Birthday algorithm. This algorithm terminates sieve process earlier and relaxes the birthday search, and hence decreases the time complexity significantly.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ajtai, M., Dwork, C.: A public-key cryptosystem with worst-case/average-case equivalence. In: STOC 1997, pp. 284–293. El Paso, Texas, USA (1997)
Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: STOC 2001, Heraklion, Crete, Greece, pp. 266–275. ACM, New York (2001)
Brakerski, Z., Langlois, A., Peikert, C., et al.: Classical hardness of learning with errors. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) STOC, pp. 575–584. ACM (2013)
Coster, M.J., Joux, A., Macchia, B.A., Odlyzko, A.M., Schnorr, C.P., Stern, J.: An improved low-density subset sum algorithm. Computational Complexity 2, 97–186 (1992)
Coppersmith, D., Shamir, A.: Lattice attacks on NTRU. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 52–61. Springer, Heidelberg (1997)
Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008)
Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 112–131. Springer, Heidelberg (1997)
Goldreich, O., Goldwasser, S., Halevi, S.: Eliminating Decryption Errors in the Ajtai-Dwork Cryptosystem. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 105–111. Springer, Heidelberg (1997)
Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17. Springer, Heidelberg (2013)
Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. FOCS, pp. 40–49 (2013)
Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC 2008, pp. 197–206, Victoria, British Columbia, Canada (2008)
Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998)
Kannan, R.: Improved algorithms for integer programming and related lattice problems. In: STOC 1983, pp. 193–206. Boston, Massachusts, USA (1983)
Kabatiansky, G., Levenshtein, V.: Bounds for packings on a sphere and in space. Problemy Peredachi Informatsii 14(1), 3–25 (1978)
Kawachi, A., Tanaka, K., Xagawa, K.: Multi-bit cryptosystems based on lattice problems. Proceedings of Public Key CryptographyCPKC 2007, pp. 315C329. Springer (2007)
Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261, 513–534 (1982)
Lyubashevsky, V., Micciancio, D.: On bounded distance decoding, unique shortest vectors, and the minimum distance problem. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 577–594. Springer, Heidelberg (2009)
Lagarias, J.C., Odlyzko, A.M.: Solving low-density subset sum problems. Jounal of the Association for Computing Machinery 32(1), 229–246 (1985)
Liu, M.J., Wang, X.Y., Xu, G.W., Zheng, X.X.: Shortest lattice vectors in the presence of gaps. IACR Cryptology ePrint Archive 2011, 139 (2011)
Micciancio, D., Regev, O.: Lattice-based cryptography. Post-Quantum Cryptography, Springer, pp. 147C191 (2009)
D. Micciancio, P.Voulgaris, A deterministic single exponential time algorithm for most lattice problems based on Voronoi cell computations. In: STOC 2010, pp. 351–358. Cambridge, Massachusts, USA (2010)
Micciancio, D., Voulgaris, P.: Faster exponential time algorithms for the shortest vector problem. In: SODA 2010, pp. 1468–1480. Austin, Texas, USA (2010)
Nguyên, P.Q.: Cryptanalysis of the Goldreich-Goldwasser-Halevi cryptosystem from Crypto1997. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 288. Springer, Heidelberg (1999)
Nguyen, P.Q., Vidick, T.: Sieve algorithms for the shortest vector problem are practical. J. of Mathematical Cryptology 2(2), 181–207 (2008)
Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem. In: STOC 2009, pp. 333–342, Bethesda, MD, USA (2009)
Pohst, M.: On the computation of lattice vectors of minimal length, successive minima and reduced bases with applications. ACM SIGSAM Bulletin 15(1), 37–44 (1981)
Pujol, X., Stehlé, D.: Solving the shortest lattice vector problem in time \(2^{2.465n}\). Cryptology ePrint Archive, Report 2009/605(2009) http://eprint.iacr.org/2009/605
Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: Proceedings of Advances in CryptologyCCRYPTO 2008, p. 554C571. Springer (2008)
Regev, O.: New lattice-based cryptographic constructions. J. ACM 51(6), 899–942 (2004)
Regev, O.: Lecture notes on lattices in computer science (2004). http://www.cs.tau.ac.il/odedr/teaching/lattices fall 2004/index. html
Regev, O.: On lattices, learing with errors, random linear codes, and cryptography. J. ACM 56(6), 1–40 (2009)
Schnorr, C.P., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Mathematics of Programming 66, 181–199 (1994)
Wang, X.Y., Liu, M.J.,Tian, C.L., Bi, J.G.: Improved Nguyen-Vidick heuristic sieve algorithm for shortest vector problem. In: ASIACCS 2011, pp. 1–9, Hongkong, China (2011)
Zhang, F., Pan, Y.B., Hu, G.R.: A three-level sieve algorithm for the shortest vector problem. Selected Areas in Cryptography, pp. 29–47 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Wei, W., Liu, M., Wang, X. (2015). Finding Shortest Lattice Vectors in the Presence of Gaps. In: Nyberg, K. (eds) Topics in Cryptology –- CT-RSA 2015. CT-RSA 2015. Lecture Notes in Computer Science(), vol 9048. Springer, Cham. https://doi.org/10.1007/978-3-319-16715-2_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-16715-2_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-16714-5
Online ISBN: 978-3-319-16715-2
eBook Packages: Computer ScienceComputer Science (R0)