Lattice Reduction: A Toolbox for the Cryptanalyst
- First Online:
- Cite this article as:
- Joux, A. & Stern, J. J. Cryptology (1998) 11: 161. doi:10.1007/s001459900042
- 220 Downloads
In recent years, methods based on lattice reduction have been used repeatedly for the cryptanalytic attack of various systems. Even if they do not rest on highly sophisticated theories, these methods may look a bit intricate to practically oriented cryptographers, both from the mathematical and the algorithmic point of view. The aim of this paper is to explain what can be achieved by lattice reduction algorithms, even without understanding the actual mechanisms involved. Two examples are given. One is the attack devised by the second author against Knuth's truncated linear congruential generator. This attack was announced a few years ago and appears here for the first time in complete detail.