Top

Published in:

2017 | OriginalPaper | Chapter

Random Sampling Revisited: Lattice Enumeration with Discrete Pruning

Authors : Yoshinori Aono, Phong Q. Nguyen

Published in: Advances in Cryptology – EUROCRYPT 2017

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In 2003, Schnorr introduced Random sampling to find very short lattice vectors, as an alternative to enumeration. An improved variant has been used in the past few years by Kashiwabara et al. to solve the largest Darmstadt SVP challenges. However, the behaviour of random sampling and its variants is not well-understood: all analyses so far rely on a questionable heuristic assumption, namely that the lattice vectors produced by some algorithm are uniformly distributed over certain parallelepipeds. In this paper, we introduce lattice enumeration with discrete pruning, which generalizes random sampling and its variants, and provides a novel geometric description based on partitions of the n-dimensional space. We obtain what is arguably the first sound analysis of random sampling, by showing how discrete pruning can be rigorously analyzed under the well-known Gaussian heuristic, in the same model as the Gama-Nguyen-Regev analysis of pruned enumeration from EUROCRYPT ’10, albeit using different tools: we show how to efficiently compute the volume of the intersection of a ball with a box, and to efficiently approximate a large sum of many such volumes, based on statistical inference. Furthermore, we show how to select good parameters for discrete pruning by enumerating integer points in an ellipsoid. Our analysis is backed up by experiments and allows for the first time to reasonably estimate the success probability of random sampling and its variants, and to make comparisons with previous forms of pruned enumeration. Our work unifies random sampling and pruned enumeration and show that they are complementary of each other: both have different characteristics and offer different trade-offs to speed up enumeration.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Functional Encryption: Deterministic to Randomized Functions from Simple Assumptions

next chapter On Dual Lattice Attacks Against Small-Secret LWE and Parameter Choices in HElib and SEAL

Agrell, E., Eriksson, T., Vardy, A., Zeger, K.: Closest point search in lattices. IEEE Trans. Info. Theory 48(8), 2201–2214 (2002)MathSciNetCrossRefMATH

Aono, Y., Wang, Y., Hayashi, T., Takagi, T.: Improved progressive BKZ algorithms and their precise cost estimation by sharp simulator. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 789–819. Springer, Heidelberg (2016). doi:10.1007/978-3-662-49890-3_30 CrossRef

Babai, L.: On Lovász’ lattice reduction and the nearest lattice point problem. In: Mehlhorn, K. (ed.) STACS 1985. LNCS, vol. 182, pp. 13–20. Springer, Heidelberg (1985). doi:10.1007/BFb0023990 CrossRef

Buchmann, J., Ludwig, C.: Practical lattice basis sampling reduction. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 222–237. Springer, Heidelberg (2006). doi:10.1007/11792086_17 CrossRef

Chen, Y., Nguyen, P.Q.: BKZ 2.0: better lattice security estimates. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 1–20. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25385-0_1 CrossRef

Ding, D., Zhu, G., Wang, X.: A genetic algorithm for searching the shortest lattice vector of SVP challenge. In: Proceedings of the Genetic and Evolutionary Computation Conference, GECCO 2015, pp. 823–830 (2015)

Fincke, U., Pohst, M.: Improved methods for calculating vectors of short length in a lattice, including a complexity analysis. Math. Comput. 44(170), 463–471 (1985)MathSciNetCrossRefMATH

Fukase, M., Kashiwabara, K.: An accelerated algorithm for solving SVP based on statistical analysis. JIP 23(1), 67–80 (2015)

Fukase, M., Yamaguchi, K.: Analysis of the extended search space for the shortest vector in lattice. J. Syst. Cybern. Inf. 9(6), 42–46 (2011)

10.

Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78967-3_3 CrossRef

11.

Gama, N., Nguyen, P.Q., Regev, O.: Lattice enumeration using extreme pruning. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 257–278. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13190-5_13 CrossRef

12.

Hanrot, G., Stehlé, D.: Improved analysis of kannan’s shortest lattice vector algorithm. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 170–186. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74143-5_10 CrossRef

13.

Håstad, J., Just, B., Lagarias, J.C., Schnorr, C.-P.: Polynomial time algorithms for finding integer relations among real numbers. SIAM J. Comput. 18(5), 859–881 (1989)MathSciNetCrossRefMATH

14.

Hosono, T.: Numerical inversion of laplace transform and some applications to wave optics. Radio Sci. 16(6), 1015–1019 (1981)CrossRef

15.

Kannan, R.: Improved algorithms for integer programming and related lattice problems. In: Proceedings of the 15th ACM Symposium on Theory of Computing (STOC), pp. 193–206 (1983)

16.

Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 513–534 (1982)MathSciNetCrossRefMATH

17.

Lindner, R., Peikert, C.: Better key sizes (and Attacks) for LWE-based encryption. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 319–339. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19074-2_21 CrossRef

18.

Lindner, R., Rückert, M.: TU Darmstadt lattice challenge. http://www.latticechallenge.org/

19.

Liu, M., Nguyen, P.Q.: Solving BDD by enumeration: an update. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 293–309. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36095-4_19 CrossRef

20.

Ludwig, C.: Practical Lattice Basis Sampling Reduction. Ph.D. thesis, Technische Universität Darmstadt (2005)

21.

Mazo, J.E., Odlyzko, A.M.: Lattice points in high dimensional spheres. Monatsh. Math. 17, 47–61 (1990)MathSciNetCrossRefMATH

22.

Nguyen, P.Q.: Public-key cryptanalysis. In: Luengo, I. (ed.) Recent Trends in Cryptography. Contemporary Mathematics, vol. 477. AMS-RSME (2009)

23.

Nguyen, P.Q., Stehlé, D.: LLL on the average. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 238–256. Springer, Heidelberg (2006). doi:10.1007/11792086_18 CrossRef

24.

Nguyen, P.Q., Vallée, B. (eds.): The LLL Algorithm: Survey and Applications. Information Security and Cryptography. Springer, Heidelberg (2009)

25.

Pohst, M.: On the computation of lattice vectors of minimal length, successive minima and reduced bases with applications. SIGSAM Bull. 15(1), 37–44 (1981)CrossRefMATH

26.

Rogers, C.A.: The number of lattice points in a set. Proc. London Math. Soc. 6(3), 305–320 (1956)MathSciNetCrossRefMATH

27.

Rousseau, C.C., Ruehr, O.G.: Problems and solutions. SIAM Review 39(4), 779–786 (1997). Subsection: The Volume of the Intersection of a Cube and a Ball in \(N\)-space. Two solutions by Bernd Tibken and Denis ConstalesCrossRef

28.

Schneider, M., Gama, N.: SVP challenge. http://www.latticechallenge.org/svp-challenge/

29.

Schneider, M., Göttert, N.: Random sampling for short lattice vectors on graphics cards. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 160–175. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23951-9_11 CrossRef

30.

Schnorr, C.P.: Lattice reduction by random sampling and birthday methods. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 145–156. Springer, Heidelberg (2003). doi:10.1007/3-540-36494-3_14 CrossRef

31.

Schnorr, C.-P., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Math. Program. 66, 181–199 (1994)MathSciNetCrossRefMATH

32.

Schnorr, C.P., Hörner, H.H.: Attacking the Chor-Rivest cryptosystem by improved lattice reduction. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 1–12. Springer, Heidelberg (1995). doi:10.1007/3-540-49264-X_1 CrossRef

33.

Innovation, S.: NTRU challenge. https://www.securityinnovation.com/products/ntru-crypto/ntru-challenge

34.

Siegel, C.L.: A mean value theorem in geometry of numbers. Ann. Math. 46(2), 340–347 (1945)MathSciNetCrossRefMATH

35.

Stehlé, D., Watkins, M.: On the extremality of an 80-dimensional lattice. In: Hanrot, G., Morain, F., Thomé, E. (eds.) ANTS 2010. LNCS, vol. 6197, pp. 340–356. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14518-6_27 CrossRef

Title: Random Sampling Revisited: Lattice Enumeration with Discrete Pruning
Authors: Yoshinori Aono
Phong Q. Nguyen
Publisher: Springer International Publishing
Book: Advances in Cryptology – EUROCRYPT 2017
Print ISBN: 978-3-319-56613-9

Electronic ISBN: 978-3-319-56614-6

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-56614-6_3

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner