Theory of Computing Systems

, Volume 48, Issue 3, pp 535–553

Generating Shorter Bases for Hard Random Lattices


DOI: 10.1007/s00224-010-9278-3

Cite this article as:
Alwen, J. & Peikert, C. Theory Comput Syst (2011) 48: 535. doi:10.1007/s00224-010-9278-3


We revisit the problem of generating a ‘hard’ random lattice together with a basis of relatively short vectors. This problem has gained in importance lately due to new cryptographic schemes that use such a procedure to generate public/secret key pairs. In these applications, a shorter basis corresponds to milder underlying complexity assumptions and smaller key sizes.

The contributions of this work are twofold. First, we simplify and modularize an approach originally due to Ajtai (ICALP 1999). Second, we improve the construction and its analysis in several ways, most notably by making the output basis asymptotically as short as possible.


Lattices Average-case hardness Cryptography Hermite normal form 

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.New York UniversityNew YorkUSA
  2. 2.Georgia Institute of TechnologyAtlantaUSA