nach oben

Designs, Codes and Cryptography

Erschienen in:

19.04.2019

A new polynomial-time variant of LLL with deep insertions for decreasing the squared-sum of Gram–Schmidt lengths

verfasst von: Masaya Yasuda, Junpei Yamaguchi

Erschienen in: Designs, Codes and Cryptography | Ausgabe 11/2019

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Lattice basis reduction algorithms have been used in cryptanalysis. The most famous algorithm is LLL, proposed by Lenstra, Lenstra, Lovász, and one of its typical improvements is LLL with deep insertions (DeepLLL). A DeepLLL-reduced basis is LLL-reduced, and hence its quality is at least as good as LLL. In practice, DeepLLL often outputs a more reduced basis than LLL, but no theoretical result is known. First, we show provable output quality of DeepLLL, strictly better than that of LLL. Second, as a main work of this paper, we propose a new variant of DeepLLL. The squared-sum of Gram–Schmidt lengths of a basis is related with the computational hardness of lattice problems such as the shortest vector problem (SVP). Given an input basis, our variant monotonically decreases the squared-sum by a given factor at every deep insertion. This guarantees that our variant runs in polynomial-time.

Vorheriger Artikel A probabilistic analysis on a lattice attack against DSA

Nächster Artikel Matrix theory for minimal trellises

Ajtai M.: Generating random lattices according to the invariant distribution, Draft of March (2006).

Aono Y., Nguyen P.Q.: Random sampling revisited: Lattice enumeration with discrete pruning. In: Advances in Cryptology—EUROCRYPT 2017, Lecture Notes in Computer Science. 10211, pp. 65–102 (2017).

Aono Y., Wang Y., Hayashi T., Takagi T.: Improved progressive BKZ algorithms and their precise cost estimation by sharp simulator. In: Advances in Cryptology—EUROCRYPT 2016, Lecture Notes in Computer Science 9665, pp. 789–819 (2016).CrossRef

Babai L.: On Lovász’ lattice reduction and the nearest lattice point problem. Combinatorica 6(1), 1–13 (1986).MathSciNetMATHCrossRef

Bremner M.R.: Lattice Basis Reduction: An Introduction to the LLL Algorithm and Its Applications. CRC Press, Boca Raton (2011).CrossRef

Chen Y., Nguyen P.Q.: BKZ 2.0: better lattice security estimates. In: Advances in Cryptology—ASIACRYPT 2011, Lecture Notes in Computer Science 7073, pp. 1–20 (2011).

Cohen H.: A Course in Computational Algebraic Number Theory, vol. 138. Graduate Texts in MathSpringer, Berlin (1993).MATHCrossRef

Darmstadt T.U.: SVP Challenge. http://www.latticechallenge.org/svp-challenge/.

Ducas L.: Shortest vector from lattice sieving: a few dimensions for free. In: Advances in Cryptology—EUROCRYPT 2018, Lecture Notes in Computer Science 10820, pp. 125–145 (2018).CrossRef

10.

Fukase M., Kashiwabara K.: An accelerated algorithm for solving SVP based on statistical analysis. J. Inf. Process. 23(1), 1–15 (2015).

11.

Fontein F., Schneider M., Wagner U.: PotLLL: a polynomial time version of LLL with deep insertions. Des. Codes Cryptogr. 73, 355–368 (2014).MathSciNetMATHCrossRef

12.

Galbraith S.D.: Mathematics of Public Key Cryptography. Cambridge University Press, Cambridge (2012).MATHCrossRef

13.

Gama N., Nguyen P.Q.: Predicting lattice reduction. In: Advances in Cryptology—EUROCRYPT 2008, Lecture Notes in Computer Science 4965, pp. 31–51 (2008).

14.

Goldstein D., Mayer A.: On the equidistribution of Hecke points. Forum Math. 15, 165–189 (2003).MathSciNetMATHCrossRef

15.

Hanrot G., Pujol X., Stehlé D.: Analyzing blockwise lattice algorithms using dynamical systems. In: Advances in Cryptology—CRYPTO 2011, Lecture Notes in Computer Science 6841, pp. 447–464 (2011).CrossRef

16.

Korkine A., Zolotarev G.: Sur les formes quadratiques. Math. Ann. 6, 366–389 (1873).MathSciNetMATHCrossRef

17.

Lenstra A.K., Lenstra H.W., Lovász L.: Factoring polynomials with rational coefficients. Math. Ann. 261(4), 515–534 (1982).MathSciNetMATHCrossRef

18.

Matsuda Y., Teruya T., Kashiwabara K.: Estimation of the success probability of random sampling by the Gram–Charlier approximation. IACR ePrint 2018/815 (2018).

19.

Micciancio D., Goldwasser S.: Complexity of Lattice Problems: A Cryptographic Perspective. Springer, New York (2012).MATH

20.

Nguyen Q., Vallée B.: The LLL Algorithm. Information Security Cryptography (2010).

21.

Schnorr C.P.: Lattice reduction by random sampling and birthday methods. In: International Symposium on Theoretical Aspects of Computer Science—STACS 2003, Lecture Notes in Computer Science 2606, pp. 145–156 (2003).

22.

Schnorr C.P., Euchner M.: Lattice basis reduction: Improved practical algorithms and solving subset sum problems. Math. Program. 66, 181–199 (1994).MathSciNetMATHCrossRef

23.

Shoup V.: NTL: a library for doing number theory. http://www.shoup.net/ntl/.

24.

Teruya T., Kashiwabara K., Hanaoka G.: Fast lattice basis reduction suitable for massive parallelization and its application to the shortest vector problem. In: Public-Key Cryptography—PKC 2018, Lecture Notes in Computer Science 10769, pp. 437–460 (2018).CrossRef

25.

Yamaguchi J., Yasuda M.: Explicit formula for Gram–Schmidt vectors in LLL with deep insertions and its applications. In: Number-Theoretic Methods in Cryptology—NuTMiC 2017, Lecture Notes in Computer Science 10737, pp. 142–160 (2018).MATHCrossRef

26.

Yasuda M., Yokoyama K., Shimoyama T., Kogure J., Koshiba T.: Analysis of decreasing squared-sum of Gram–Schmidt lengths for short lattice vectors. J. Math. Cryptol. 11(1), 1–24 (2017).MathSciNetMATHCrossRef

Titel: A new polynomial-time variant of LLL with deep insertions for decreasing the squared-sum of Gram–Schmidt lengths
verfasst von: Masaya Yasuda
Junpei Yamaguchi
Publikationsdatum: 19.04.2019
Verlag: Springer US
Erschienen in: Designs, Codes and Cryptography / Ausgabe 11/2019
Print ISSN: 0925-1022
Elektronische ISSN: 1573-7586
DOI: https://doi.org/10.1007/s10623-019-00634-9

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 11/2019

Binary additive MRD codes with minimum distance must contain a semifield spread set

Functional repair codes: a view from projective geometry

A probabilistic analysis on a lattice attack against DSA

Further study on the maximum number of bent components of vectorial functions

Flag-transitive 2-designs from PSL(2, q) with block size 4

Partial geometric designs from group actions