LATIN 2010: LATIN 2010: Theoretical Informatics pp 267-281 | Cite as
Modelling the LLL Algorithm by Sandpiles
Abstract
The LLL algorithm aims at finding a “reduced” basis of a Euclidean lattice and plays a primary role in many areas of mathematics and computer science. However, its general behaviour is far from being well understood. There are already many experimental observations about the number of iterations or the geometry of the output, that raise challenging questions which remain unanswered and lead to natural conjectures which are yet to be proved. However, until now, there exist few experimental observations about the precise execution of the algorithm. Here, we provide experimental results which precisely describe an essential parameter of the execution, namely the “logarithm of the decreasing ratio”. These experiments give arguments towards a “regularity” hypothesis (R). Then, we propose a simplified model for the LLL algorithm based on the hypothesis (R), which leads us to discrete dynamical systems, namely sandpiles models. It is then possible to obtain a precise quantification of the main parameters of the LLL algorithm. These results fit the experimental results performed on general input bases, which indirectly substantiates the validity of such a regularity hypothesis and underlines the usefulness of such a simplified model.
Keywords
Input Distribution Input Base Probabilistic Behaviour Sandpile Model Euclidean LatticePreview
Unable to display preview. Download preview PDF.
References
- 1.Ajtai, M.: Optimal lower bounds for the Korkine-Zolotareff parameters of a lattice and for Schnorr’s algorithm for the shortest vector problem. Theory of Computing 4(1), 21–51 (2008)CrossRefMathSciNetGoogle Scholar
- 2.Akhavi, A.: Random lattices, threshold phenomena and efficient reduction algorithms. Theoret. Comput. Sci. 287(2), 359–385 (2002)MATHCrossRefMathSciNetGoogle Scholar
- 3.Bak, P., Tang, C., Wiesenfeld, K.: Self-organized criticality: An explanation of the 1/f noise. Phys. Rev. Lett. 59(4), 381–384 (1987)CrossRefMathSciNetGoogle Scholar
- 4.Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key d less than N ≤ 0.292. IEEE Trans. Inform. Theory 46(4), 1339–1349 (2000)MATHCrossRefMathSciNetGoogle Scholar
- 5.Daudé, H., Vallée, B.: An upper bound on the average number of iterations of the LLL algorithm. Theoretical Computer Science 123(1), 95–115 (1994)MATHCrossRefMathSciNetGoogle Scholar
- 6.Gama, N., Nguyen, P.: Predicting Lattice Reduction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008)CrossRefGoogle Scholar
- 7.Georgieva, M.: Étude expérimentale de l’algorithme LLL sur certaines bases de Coppersmith, Master Thesis, University of Caen (2009)Google Scholar
- 8.Goles, E., Kiwi, M.A.: Games on line graphs and sandpiles. Theoret. Comput. Sci. 115(2), 321–349 (1993)MATHCrossRefMathSciNetGoogle Scholar
- 9.Jensen, H.J.: Self-organized criticality. In: Emergent complex behavior in physical and biological systems. Cambridge Lecture Notes in Physics, vol. 10. Cambridge University Press, Cambridge (1998)Google Scholar
- 10.Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261(4), 515–534 (1982)MATHCrossRefMathSciNetGoogle Scholar
- 11.Nguyen, P., Stehlé, D.: LLL on the average. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 238–256. Springer, Heidelberg (2006)CrossRefGoogle Scholar
- 12.Vallée, B.: Euclidean Dynamics. Discrete and Continuous Dynamical Systems 15(1), 281–352 (2006)MATHCrossRefMathSciNetGoogle Scholar
- 13.Vallée, B., Vera, A.: Probabilistic analyses of lattice reduction algorithms. In: ch.3. The LLL Algorithm. Collection Information Security and Cryptography Series. Springer, Heidelberg (2009)Google Scholar
- 14.Vera, A.: Analyses de l’algorithme de Gauss. Applications à l’analyse de l’algorithme LLL, PhD Thesis, Universiy of Caen (2009)Google Scholar