Abstract
Building upon a famous result due to Ajtai, we propose a sequence of lattice bases with growing dimension, which can be expected to be hard instances of the shortest vector problem (SVP) and which can therefore be used to benchmark lattice reduction algorithms.
The SVP is the basis of security for potentially post-quantum cryptosystems. We use our sequence of lattice bases to create a challenge, which may be helpful in determining appropriate parameters for these schemes.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Aharonov, D., Regev, O.: Lattice problems in NP ∩ coNP. J. ACM 52(5), 749–765 (2005)
Ajtai, M.: Generating hard instances of lattice problems. In: Proceedings of the Annual Symposium on the Theory of Computing (STOC), pp. 99–108. ACM Press, New York (1996)
Ajtai, M., Dwork, C.: A public-key cryptosystem with worst-case/average-case equivalence. In: Proceedings of the Annual Symposium on the Theory of Computing (STOC), pp. 284–293. ACM Press, New York (1997)
Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Proceedings of the Annual Symposium on the Theory of Computing (STOC), pp. 601–610. ACM Press, New York (2001)
Bailey, D., Crandall, R.: On the random character of fundamental constant expansions. Experimental Mathematics 10(2), 175–190 (2001)
Bailey, D., Crandall, R.: Random generators and normal numbers. Experimental Mathematics 11(4), 527–546 (2002)
Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Mathematische Annalen 296(4), 625–635 (1993)
Buchmann, J., Lindner, R., Rückert, M.: Explicit hard instances of the shortest vector problem (extended version). Cryptology ePrint Archive, Report 2008/333 (2008), http://eprint.iacr.org/2008/333
Cai, J., Nerurkar, A.: An improved worst-case to average-case connection for lattice problems. In: Proceedings of the Annual Symposium on Foundations of Computer Science (FOCS), pp. 468–477 (1997)
Certicom Corp. The Certicom ECC Challenge, http://www.certicom.com/index.php/the-certicom-ecc-challenge
Coppersmith, D., Shamir, A.: Lattice Attacks on NTRU. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 52–61. Springer, Heidelberg (1997)
Filipović, B.: Implementierung der gitterbasenreduktion in segmenten. Master’s thesis, Johann Wolfgang Goethe-Universität Frankfurt am Main (2002)
Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008)
Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Ladner, R.E., Dwork, C. (eds.) STOC, pp. 197–206. ACM Press, New York (2008)
Goldreich, O., Goldwasser, S.: On the limits of nonapproximability of lattice problems. J. Comput. Syst. Sci. 60(3), 540–563 (2000)
Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 112–131. Springer, Heidelberg (1997)
Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: A ring-based public key cryptosystem. In: Buhler, J. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998)
Hoffstein, J., Silverman, J.H., Whyte, W.: Estimated breaking times for NTRU lattices. Technical Report 012, Version 2, NTRU Cryptosystems (2003), http://ntru.com/cryptolab/tech_notes.htm
Howgrave-Graham, N., Pipher, H.J.J., Whyte, W.: On estimating the lattice security of NTRU. Technical Report 104, Cryptology ePrint Archive (2005), http://eprint.iacr.org/2005/104/
Kleinbock, D., Weiss, B.: Dirichlet’s theorem on diophantine approximation and homogeneous flows. J.MOD.DYN. 4, 43 (2008)
Koy, H.: Primale-duale Segment-Reduktion (2004), http://www.mi.informatik.uni-frankfurt.de/research/papers.html
Koy, H., Schnorr, C.-P.: Segment LLL-reduction of lattice bases. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 67–80. Springer, Heidelberg (2001)
Lagarias, J.C., Lenstra Jr., H.W., Schnorr, C.-P.: Korkin-Zolotarev bases and successive minima of a lattice and its reciprocal lattice. Combinatorica 10(4), 333–348 (1990)
Lenstra, A., Lenstra, H., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261(4), 515–534 (1982)
Ludwig, C.: A faster lattice reduction method using quantum search. In: Ibaraki, T., Katoh, N., Ono, H. (eds.) ISAAC 2003. LNCS, vol. 2906, pp. 199–208. Springer, Heidelberg (2003)
Ludwig, C.: Practical Lattice Basis Sampling Reduction. PhD thesis, Technische Universität Darmstadt (2005), http://elib.tu-darmstadt.de/diss/000640/
McCurley, K.S.: The discrete logarithm problem. In: Pomerance, C. (ed.) Cryptology and computational number theory, Providence, pp. 49–74. American Mathematical Society (1990)
Micciancio, D.: Almost perfect lattices, the covering radius problem, and applications to Ajtai’s connection factor. SIAM Journal on Computing 34(1), 118–169 (2004)
Micciancio, D., Regev, O.: Worst-case to average-case reductions based on gaussian measures. SIAM Journal on Computing 37(1), 267–302 (2007)
Nguyen, P.Q., Stehlé, D.: Floating-point LLL revisited. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 215–233. Springer, Heidelberg (2005)
Nguyen, P.Q., Stehlé, D.: LLL on the average. In: Hess, F., Pauli, S., Pohst, M.E. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 238–256. Springer, Heidelberg (2006)
Peikert, C.: Limits on the hardness of lattice problems in ℓ p norms. In: IEEE Conference on Computational Complexity, pp. 333–346. IEEE Computer Society Press, Los Alamitos (2007)
Regev, O.: Quantum computation and lattice problems. SIAM J. Comput. 33(3), 738–760 (2004)
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the 37th annual ACM symposium on Theory of computing, pp. 84–93. ACM Press, New York (2005)
Regev, O.: On the complexity of lattice problems with polynomial approximation factors. In: A survey for the LLL+25 conference (2007)
RSA Security Inc. The RSA Challenge Numbers, http://www.rsa.com/rsalabs/node.asp?id=2093
Schmidt, W.: Diophantine Approximation. Lecture Notes in Mathematics, vol. 785. Springer, Heidelberg (1980)
Schnorr, C.: A hierarchy of polynomial time lattice basis reduction algorithms. Theoretical Computer Science 53, 201–224 (1987)
Schnorr, C.: Block reduced lattice bases and successive minima. Combinatorics, Probability and Computing 4, 1–16 (1994)
Schnorr, C.: Lattice reduction by random sampling and birthday methods. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 146–156. Springer, Heidelberg (2003)
Shoup, V.: Number theory library (NTL) for C++, http://www.shoup.net/ntl/
Stehlé, D.: Damien Stehlé’s homepage at école normale supérieure de Lyon, http://perso.ens-lyon.fr/damien.stehle/english.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Buchmann, J., Lindner, R., Rückert, M. (2008). Explicit Hard Instances of the Shortest Vector Problem. In: Buchmann, J., Ding, J. (eds) Post-Quantum Cryptography. PQCrypto 2008. Lecture Notes in Computer Science, vol 5299. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88403-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-88403-3_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88402-6
Online ISBN: 978-3-540-88403-3
eBook Packages: Computer ScienceComputer Science (R0)