A hierarchy of polynomial time lattice basis reduction algorithms
Theoretical Computer Science
Lattice basis reduction: improved practical algorithms and solving subset sum problems
Mathematical Programming: Series A and B
A public-key cryptosystem with worst-case/average-case equivalence
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Finding the closest lattice vector when it's unusually close
SODA '00 Proceedings of the eleventh annual ACM-SIAM symposium on Discrete algorithms
A sieve algorithm for the shortest lattice vector problem
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Complexity of Lattice Problems
Complexity of Lattice Problems
Positive Applications of Lattices to Cryptography
MFCS '97 Proceedings of the 22nd International Symposium on Mathematical Foundations of Computer Science
NTRU: A Ring-Based Public Key Cryptosystem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
The Two Faces of Lattices in Cryptology
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Improved algorithms for integer programming and related lattice problems
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
New lattice-based cryptographic constructions
Journal of the ACM (JACM)
On lattices, learning with errors, random linear codes, and cryptography
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Worst-Case to Average-Case Reductions Based on Gaussian Measures
SIAM Journal on Computing
Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions
Computational Complexity
Lossy trapdoor functions and their applications
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Finding short lattice vectors within mordell's inequality
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Rigorous and Efficient Short Lattice Vectors Enumeration
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Improved analysis of Kannan's shortest lattice vector algorithm
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Closest point search in lattices
IEEE Transactions on Information Theory
On the complexity of circuit satisfiability
Proceedings of the forty-second ACM symposium on Theory of computing
Proceedings of the forty-second ACM symposium on Theory of computing
Accelerating lattice reduction with FPGAs
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Parallel enumeration of shortest lattice vectors
Euro-Par'10 Proceedings of the 16th international Euro-Par conference on Parallel processing: Part II
Better key sizes (and attacks) for LWE-based encryption
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Analysis of gauss-sieve for solving the shortest vector problem in lattices
WALCOM'11 Proceedings of the 5th international conference on WALCOM: algorithms and computation
Improved Nguyen-Vidick heuristic sieve algorithm for shortest vector problem
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Lattice reduction algorithms: theory and practice
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Algorithms for the shortest and closest lattice vector problems
IWCC'11 Proceedings of the Third international conference on Coding and cryptology
Analyzing blockwise lattice algorithms using dynamical systems
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
A parallel implementation of GaussSieve for the shortest vector problem in lattices
PaCT'11 Proceedings of the 11th international conference on Parallel computing technologies
Extreme enumeration on GPU and in clouds: how many dollars you need to break SVP challenges
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Cryptanalysis of a quadratic compact knapsack public-key cryptosystem
Computers & Mathematics with Applications
Lattice enumeration using extreme pruning
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Parallel shortest lattice vector enumeration on graphics cards
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
BKZ 2.0: better lattice security estimates
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Random walks and bisections in random circulant graphs
LATIN'12 Proceedings of the 10th Latin American international conference on Theoretical Informatics
On the number of lattice points in a small sphere and a recursive lattice decoding algorithm
Designs, Codes and Cryptography
| Hi-index | 0.00 |
We present new faster algorithms for the exact solution of the shortest vector problem in arbitrary lattices. Our main result shows that the shortest vector in any n-dimensional lattice can be found in time 23.199n (and space 21.325n), or in space 21.095n (and still time 2O(n)). This improves the best previously known algorithm by Ajtai, Kumar and Sivakumar [Proceedings of STOC 2001] which was shown by Nguyen and Vidick [J. Math. Crypto. 2(2):181--207] to run in time 25.9n and space 22.95n. We also present a practical variant of our algorithm which provably uses an amount of space proportional to τn, the "kissing" constant in dimension n. No upper bound on the running time of our second algorithm is currently known, but experimentally the algorithm seems to perform fairly well in practice, with running time 20.52n, and space complexity 20.2n.