Top

International Journal of Information Security

Published in:

13-05-2020 | regular contribution

Studying lattice reduction algorithms improved by quick reordering technique

Authors: Yuntao Wang, Tsuyoshi Takagi

Published in: International Journal of Information Security | Issue 2/2021

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Under the threat of quantum computers’ expected powerful computational capacity, the study on post-quantum cryptography is becoming urgent nowadays. Lattice-based cryptography is one of the most promising candidates of post-quantum cryptography. To give a secure instantiation for practical applications, it is necessary to understand the complexity of the best-known attacks. Most of the attacks to lattice-based cryptography use basis reduction algorithms. For instance, the most commonly used practical basis reduction algorithms are variants of the block Korkin–Zolotarev (BKZ) algorithm. In this paper, we study the effect of applying the quick reordering technique (QRT) to lattice algorithms, mainly the enumeration algorithm and the BKZ algorithm. We show that QRT is a simple method to improve these two algorithms with respect to cutting down the number of search nodes and thus reducing the total runtime. For improving on the LLL algorithm with dimensions smaller than 30, the success rate is larger than 10%, and for the BKZ algorithm with blocksize smaller than 30, the success rate is larger than 40%. At first, we observe that reordering the LLL-reduced basis vectors by increasing norm orders will change the distribution of search nodes in the enumeration tree, which gives a chance to reduce the enumeration search nodes with a certain probability. The experimental results show that the runtime of the enumeration algorithm can be accelerated approximately by a factor of two. We further explain this phenomenon from a theoretical point of view, which follows Gama–Nguyen–Regev’s analysis (Gama et al., in: Advances in cryptology—EUROCRYPT 2010, proceedings of 29th annual international conference on the theory and applications of cryptographic techniques, pp 257–278, 2010). Then we apply this reordering technique to the implementation of the BKZ algorithm in the open-source library NTL. Our experimental results in dimensions 100–120 with blocksize 15–30 show that on the LLL-reduced bases, our modified NTL-BKZ outputs a vector shorter than the original NTL-BKZ with rate 40.91%-45.73% by setting the LLL approximation factor by \(\delta _{LLL}=0.99\). Furthermore, in the instances where the improved BKZ found one same or shorter vector, the runtime is up to 2.02 times faster than the original NTL-BKZ when setting the blocksize \(\beta =25\) with \(\delta _{LLL}=0.99\).

previous article An SDN approach to detect targeted attacks in P2P fully connected overlays

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Available only for authorised users

Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Proceedings of the Thirty-third Annual ACM Symposium on Theory of Computing, pp. 601–610 (2001)

Albrecht, M.R., Ducas, L., Herold, G., Kirshanova, E., Postlethwaite, E. W., Stevens, M.: The general sieve kernel and new records in lattice reduction. In: Advances in Cryptology—EUROCRYPT 2019—38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings, Part II, pp. 717–746 (2019)

Aono, Y.: A faster method for computing Gama–Nguyen–Regev’s extreme pruning coefficients. CoRR, arXiv:1406.0342 (2014)

Aono, Y., Nguyen, P.Q.: Random sampling revisited: Lattice enumeration with discrete pruning. In: Advances in Cryptology—EUROCRYPT 2017—36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings, Part II, pp. 65–102 (2017)

Aono, Y., Nguyen, P.Q., Seito, T., Shikata, J.: Lower bounds on lattice enumeration with extreme pruning. In: Advances in Cryptology—- CRYPTO 2018—38th Annual International Cryptology Conference, Proceedings, Part II, pp. 608–637 (2018)

Aono, Y., Wang, Y., Hayashi, T., Takagi, T.: Improved progressive BKZ algorithms and their precise cost estimation by sharp simulator. In: Advances in Cryptology—EUROCRYPT 2016—35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings, Part I, pp. 789–819 (2016)

Bai, S., Stehlé, D., Wen, W.: Measuring, simulating and exploiting the head concavity phenomenon in BKZ. In: Advances in Cryptology—ASIACRYPT 2018—- 24th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings, Part I, pp. 369–404 (2018)

Becker, A., Ducas, L., Gama, N., Laarhoven, T.: New directions in nearest neighbor searching with applications to lattice sieving. In: Proceedings of the Twenty-Seventh Annual ACM-SIAM Symposium on Discrete Algorithms, SODA, vol. 2016, pp. 10–24 (2016)

Chen, Y., Nguyen, P.Q.: Bkz 2.0: better lattice security estimates. In: Advances in Cryptology—ASIACRYPT 2011: 17th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings, pp. 1–20 (2011)

10.

N.I.o.S. Computer Security Division, Information Technology Laboratory and U. D. o. C. Technology. Post-quantum cryptography | csrc, (2017)

11.

Darmstadt, T.: Svp challenge (2017). https://www.latticechallenge.org/svp-challenge

12.

T. F. development team. fplll, a lattice reduction library (2017). https://github.com/fplll/fplll

13.

Fincke, U., Pohst, M.: Improved methods for calculating vectors of short length in a lattice, including a complexity analysis. Math. Comput. 44(170), 463–471 (1985)MathSciNetCrossRef

14.

Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Advances in Cryptology—EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings, pp. 31–51 (2008)

15.

Gama, N., Nguyen, P.Q., Regev, O.: Lattice enumeration using extreme pruning. In: Advances in Cryptology—EUROCRYPT 2010, Proceedings of 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 257–278 (2010)

16.

Hoare, C.A.R.: Quicksort. Comput. J. 5(1), 10–16 (1962)MathSciNetCrossRef

17.

Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Algorithmic Number Theory, Third International Symposium, ANTS-III, Proceedings, pp. 267–288 (1998)

18.

Kannan, R.: Improved algorithms for integer programming and related lattice problems. In: Proceedings of the 15th Annual ACM Symposium on Theory of Computing, pp. 193–206 (1983)

19.

Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)MathSciNetCrossRef

20.

Korkine, A., Zolotareff, G.: Sur les forms quadratiques. Math. Ann. 6, 581–583 (1873)CrossRef

21.

Lagrange, L.: Recherches d’arithmétique. Nouv. Mém. Acad. (1773)

22.

Lenstra, A., Lenstra, H., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 515–534 (1982)MathSciNetCrossRef

23.

Micciancio, D., Voulgaris, P.: Faster exponential time algorithms for the shortest vector problem. In: Proceedings of the Twenty-First Annual ACM-SIAM Symposium on Discrete Algorithms, SODA, vol. 2010, pp. 1468–1480 (2010)

24.

Miller, V.S.: Use of elliptic curves in cryptography. In: Advances in Cryptology—CRYPTO’85, Proceedings, pp. 417–426 (1985)

25.

Nguyen, P.Q., Stehlé, D.: Floating-point LLL revisited. In: Advances in Cryptology—EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings, pp. 215–233 (2005)

26.

Nguyen, P.Q., Stehlé, D.: LLL on the average. In: Algorithmic Number Theory, 7th International Symposium, ANTS-VII, Proceedings, pp. 238–256 (2006)

27.

Nguyen, P.Q., Vidick, T.: Sieve algorithms for the shortest vector problem are practical. J. Math. Cryptol. 2(2), 181–207 (2008)MathSciNetCrossRef

28.

Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the 37th Annual ACM Symposium on Theory of Computing, pp. 84–93 (2005)

29.

Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRef

30.

Schnorr, C.: A more efficient algorithm for lattice basis reduction. J. Algorithms 9(1), 47–62 (1988)MathSciNetCrossRef

31.

Schnorr, C.: Lattice reduction by random sampling and birthday methods. In: STACS 2003, 20th Annual Symposium on Theoretical Aspects of Computer Science, Proceedings, pp. 145–156 (2003)

32.

Schnorr, C., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Math. Program. 66, 181–199 (1994)MathSciNetCrossRef

33.

Schnorr, C., Hörner, H.H.: Attacking the chor-rivest cryptosystem by improved lattice reduction. In: Advances in Cryptology—EUROCRYPT’95, International Conference on the Theory and Application of Cryptographic Techniques, Saint-Malo, France, May 21–25, 1995, Proceeding, pp. 1–12 (1995)

34.

Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings 35th Annual Symposium on Foundations of Computer Science, pp. 124–134 (1994)

35.

Shoup, V.: NTL, a library for doing number theory (2017). http://www.shoup.net/ntl/

36.

Skiena, S.: The Algorithm Design Manual, 2nd edn. Springer, Berlin (2008)CrossRef

37.

Wang, Y., Takagi, T.: Improving the BKZ reduction algorithm by quick reordering technique. In: Information Security and Privacy—23rd Australasian Conference, ACISP 2018, Proceedings, pp. 787–795 (2018)

38.

Yamaguchi, J., Yasuda, M.: Explicit formula for gram-Schmidt vectors in LLL with deep insertions and its applications. In: Number-Theoretic Methods in Cryptology-First International Conference, 2017, Revised Selected Papers, pp. 142–160 (2017)

Title: Studying lattice reduction algorithms improved by quick reordering technique
Authors: Yuntao Wang
Tsuyoshi Takagi
Publication date: 13-05-2020
Publisher: Springer Berlin Heidelberg
Published in: International Journal of Information Security / Issue 2/2021
Print ISSN: 1615-5262
Electronic ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-020-00501-y

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2021

An SDN approach to detect targeted attacks in P2P fully connected overlays

Secure and efficient wildcard search over encrypted data

Strong leakage-resilient encryption: enhancing data confidentiality by hiding partial ciphertext

A secure architecture for TCP/UDP-based cloud communications

Combining behavioral biometrics and session context analytics to enhance risk-based static authentication in web applications

Toward a blockchain-based framework for challenge-based collaborative intrusion detection

Premium Partner