Abstract
We revisit the problem of generating a ‘hard’ random lattice together with a basis of relatively short vectors. This problem has gained in importance lately due to new cryptographic schemes that use such a procedure to generate public/secret key pairs. In these applications, a shorter basis corresponds to milder underlying complexity assumptions and smaller key sizes.
The contributions of this work are twofold. First, we simplify and modularize an approach originally due to Ajtai (ICALP 1999). Second, we improve the construction and its analysis in several ways, most notably by making the output basis asymptotically as short as possible.
Similar content being viewed by others
References
Ajtai, M.: Generating hard instances of the short basis problem. In: ICALP, pp. 1–9 (1999)
Ajtai, M.: Generating hard instances of lattice problems. Quad. Mat. 13, 1–32 (2004). Preliminary version in STOC 1996
Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. In: EUROCRYPT, pp. 523–552 (2010)
Goldreich, O., Goldwasser, S., Halevi, S.: Collision-free hashing from lattice problems. Electron. Colloq. Comput. Complex. (ECCC) 3(42) (1996)
Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: CRYPTO, pp. 112–131 (1997)
Gentry, C., Halevi, S., Vaikuntanathan, V.: A simple BGN-type cryptosystem from LWE. In: EUROCRYPT, pp. 506–522 (2010)
Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC, pp. 197–206 (2008)
Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)
Mazo, J.E., Odlyzko, A.M.: Lattice points in high-dimensional spheres. Mon. Math. 110(1), 47–61 (1990)
Micciancio, D.: Improving lattice based cryptosystems using the Hermite normal form. In: CaLC, pp. 126–145 (2001)
Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. SIAM J. Comput. 37(1), 267–302 (2007). Preliminary version in FOCS 2004
Micciancio, D., Regev, O.: Lattice-based cryptography. In: Post Quantum Cryptography, pp. 147–191. Springer, Berlin (2009)
Micciancio, D., Vadhan, S.P.: Statistical zero-knowledge proofs with efficient provers: Lattice problems and more. In: CRYPTO, pp. 282–298 (2003)
Micciancio, D., Warinschi, B.: A linear space algorithm for computing the Hermite normal form. In: ISSAC, pp. 231–236 (2001)
Nguyen, P.Q.: Cryptanalysis of the Goldreich-Goldwasser-Halevi cryptosystem from Crypto ’97. In: CRYPTO, pp. 288–304 (1999)
Nguyen, P.Q., Regev, O.: Learning a parallelepiped: Cryptanalysis of GGH and NTRU signatures. J. Cryptol. 22(2), 139–160 (2009). Preliminary version in Eurocrypt 2006
Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem. In: STOC, pp. 333–342 (2009)
Peikert, C., Vaikuntanathan, V.: Noninteractive statistical zero-knowledge proofs for lattice problems. In: CRYPTO, pp. 536–553 (2008)
Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: CRYPTO, pp. 554–571 (2008)
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6) (2009). Preliminary version in STOC 2005
Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)
Vershynin, R.: Lecture notes on non-asymptotic theory of random matrices (2007). Available at http://www-personal.umich.edu/~romanv/teaching/2006-07/280/, last accessed 17 Feb. 2010
Author information
Authors and Affiliations
Corresponding author
Additional information
Work of J. Alwen performed while at SRI International.
Much of work of C. Peikert was performed while at SRI International. This material is based upon work supported by the National Science Foundation under Grants CNS-0716786 and CNS-0749931. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.
Rights and permissions
About this article
Cite this article
Alwen, J., Peikert, C. Generating Shorter Bases for Hard Random Lattices. Theory Comput Syst 48, 535–553 (2011). https://doi.org/10.1007/s00224-010-9278-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00224-010-9278-3