Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
SIAM Journal on Computing
Polynomial-time quantum algorithms for Pell's equation and the principal ideal problem
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Complexity of Lattice Problems
Complexity of Lattice Problems
Number Theoretic Algorithms and Cryptology
FCT '91 Proceedings of the 8th International Symposium on Fundamentals of Computation Theory
Fast quantum algorithms for computing the unit group and class group of a number field
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Polynomial time quantum algorithm for the computation of the unit group of a number field
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Worst-Case to Average-Case Reductions Based on Gaussian Measures
SIAM Journal on Computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Decomposing finite Abelian groups
Quantum Information & Computation
Hi-index | 0.00 |
We study the problem of determining the probability that m vectors selected uniformly at random from the intersection of the full-rank lattice @L in R^n and the window [0,B)^n generate @L when B is chosen to be appropriately large. This problem plays an important role in the analysis of the success probability of quantum algorithms for solving the Discrete Logarithm Problem in infrastructures obtained from number fields and also for computing fundamental units of number fields. We provide the first complete and rigorous proof that 2n+1 vectors suffice to generate @L with constant probability (provided that B is chosen to be sufficiently large in terms of n and the covering radius of @L and the last n+1 vectors are sampled from a slightly larger window). Based on extensive computer simulations, we conjecture that only n+1 vectors sampled from one window suffice to generate @L with constant success probability. If this conjecture is true, then a significantly better success probability of the above quantum algorithms can be guaranteed.