Advertisement

Factoring Integers by CVP Algorithms

  • Claus Peter Schnorr
Chapter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8260)

Abstract

We use pruned enumeration algorithms to find lattice vectors close to a specific target vector for the prime number lattice. These algorithms generate multiplicative prime number relations modulo N that factorize a given integer N. The algorithm New Enum performs the stages of exhaustive enumeration of close lattice vectors in order of decreasing success rate. For example an integer N ≈ 1014 can be factored by about 90 prime number relations modulo N for the 90 smallest primes. Our randomized algorithm generated for example 139 such relations in 15 minutes. This algorithm can be further optimized. The optimization for larger integers N is still open.

Keywords

Factoring integers enumeration of close lattice vectors the prime number lattice 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [Ad95]
    Adleman, L.A.: Factoring and lattice reduction. Manuscript (1995)Google Scholar
  2. [Ba86]
    Babai, L.: On Lovász lattice reduction and the nearest lattice point problem. Combinatorica 6 (1), 1–13 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  3. [BL05]
    Buchmann, J., Ludwig, C.: Practical lattice basis sampling reduction. eprint.iacr.org, TR 072 (2005)Google Scholar
  4. [Ch13]
    Charlet, M.: Faktorisierung ganzer Zahlen mit dem NEW ENUM-Gitteralgorithmus. Diplomarbeit, Frankfurt (2013)Google Scholar
  5. [FP85]
    Fincke, U., Pohst, M.: Improved methods for calculating vectors of short length in a lattice, including a complexity analysis. Math. of Comput. 44, 463–471 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  6. [GN08]
    Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  7. [GNR10]
    Gama, N., Nguyen, P.Q., Regev, O.: Lattice enumeration using extreme pruning. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 257–278. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. [G08]
    Granville, A.: Smooth numbers: computational number theory and beyond. Algorithmic Number Theory 44, 267–323 (2008)MathSciNetGoogle Scholar
  9. [H84]
    Hildebrand, A.: Integers free of large prime factors and the Riemann hypothesis. Mathematika 31, 258–271 (1984)MathSciNetCrossRefzbMATHGoogle Scholar
  10. [HHHW09]
    Hirschhorn, P.S., Hoffstein, J., Howgrave-Graham, N., Whyte, W.: Choosing NTRUEncrypt parameters in light of combined lattice reduction and MITM approaches. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 437–455. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. [H07]
    Howgrave-Graham, N.: A hybrid lattice–reduction and meet-in-the-middle attiack against NTRU. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 150–169. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. [Ka87]
    Kannan, R.: Minkowski’s convex body theorem and integer programming. Math. Oper. Res. 12, 415–440 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  13. [La13]
    Lange, B.: Neue Schranken für SVP-Approximation und SVP-Algorithmen. Dissertation, Frankfurt (2013)Google Scholar
  14. [LLL82]
    Lenstra Jr., H.W., Lenstra, A.K., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261, 515–534 (1982)MathSciNetCrossRefzbMATHGoogle Scholar
  15. [L86]
    lOVász, L.: An Algorithmic Theory of Numbers, Graphs and Convexity. SIAM (1986)Google Scholar
  16. [MG02]
    Micciancio, D., Goldwasser, S.: Complexity of Lattice Problems: A Cryptographic Perspective. Kluwer Academic Publishers, Boston (2002)CrossRefGoogle Scholar
  17. [MV09]
    Micciancio, D., Voulgaris, P.: Faster exponential time algorithms for the shortest vector problem. ECCC Report No. 65 (2009)Google Scholar
  18. [N10]
    Nguyen, P.Q.: Hermite’s Constant and Lattice Algorithms. In: Nguyen, P.Q., Vallée, B. (eds.) The LLL Algorithm. Springer (January 2010)Google Scholar
  19. [S87]
    Schnorr, C.P.: A hierarchy of polynomial time lattice basis reduction algorithms. Theoret. Comput. Sci. 53, 201–224 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  20. [S93]
    Schnorr, C.-P.: Factoring integers and computing discrete logarithms via Diophantine approximation. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 281–293. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  21. [SE94]
    Schnorr, C.P., Euchner, M.: Lattce basis reduction: Improved practical algorithms and solving subset sum problems. Mathematical Programming 66, 181–199 (1994), http://www.mi.informatik.uni-frankfurt.de/ MathSciNetCrossRefzbMATHGoogle Scholar
  22. [SH95]
    Schnorr, C.-P., Hörner, H.H.: Attacking the Chor–Rivest cryptosystem by improved lattice reduction. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 1–12. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  23. [S03]
    Schnorr, C.P.: Lattice reduction by sampling and birthday methods. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 145–156. Springer, Heidelberg (2003), www.mi.informatik.uni-frankfurt.de CrossRefGoogle Scholar
  24. [S07]
    Schnorr, C.P.: Progress on LLL and lattice reduction. In: Phong, P.Q., Vallée, B. (eds.) Proceedings LLL+25, Caen, France, June 29-July 1. The LLL Algorithm (2007), www.mi.informatik.uni-frankfurt.de/
  25. [S10]
    Schnorr, C.P.: Average Time Fast SVP and CVP Algorithms for Low Density Lattices and the Factorisation of Integers (2010), www.mi.informatik.uni-frankfurt.de

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Claus Peter Schnorr
    • 1
  1. 1.Fachbereich Informatik und MathematikGoethe-Universität FrankfurtFrankfurt am MainGermany

Personalised recommendations