Practical Lattice Basis Sampling Reduction

  • Johannes Buchmann
  • Christoph Ludwig
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4076)


We propose Simple Sampling Reduction (SSR) that makes Schnorr’s Random Sampling Reduction (RSR) practical. We also introduce generalizations of SSR that yield bases with several short basis vectors and that, in combination, generate shorter basis vectors than SSR alone. Furthermore, we give a formula for Pr[||v||2x] provided v is randomly sampled from SSR’s search space. We describe two algorithms that estimate the probability that a further SSR iteration will find an even shorter vector, one algorithm based on our formula for Pr[||v||2x], the other based on the approach of Schnorr’s RSR analysis. Finally, we report on some cryptographic applications.


Search Space Base Vector Lattice Reduction Lattice Basis Short Vector 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 515–534 (1982)MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Schnorr, C.P.: Lattice reduction by random sampling and birthday methods. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 146–156. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Ludwig, C.: Practical Lattice Basis Sampling Reduction. PhD thesis, TU Darmstadt (2005), Available at:
  4. 4.
    Schnorr, C.P., Euchner, M.: Lattice basis reduction: Improved practical algorithms and solving subset sum problems. Math. Programming 66, 181–199 (1994)CrossRefMathSciNetMATHGoogle Scholar
  5. 5.
    Nguyen, P.Q., Stehlé, D.: Floating-Point LLL Revisited. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 215–233. Springer, Heidelberg (2005) (extended abstract) available at: CrossRefGoogle Scholar
  6. 6.
    Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 112–131. Springer, Heidelberg (1997)Google Scholar
  7. 7.
    Micciancio, D.: Improving lattice based cryptosystems using the Hermite normal form. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 126–145. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Press, W.H., Teukolsky, S.A., Vetterling, W.T., Flannery, B.P.: Numerical Recipes in C, 2nd edn. Cambridge University Press, Cambridge (1992)MATHGoogle Scholar
  9. 9.
    Frigo, M., Johnson, S.G.: The design and implementation of FFTW3. Proceedings of the IEEE 93, 216–231 (2005); Special issue on Program Generation, Optimization, and Platform Adaptation CrossRefGoogle Scholar
  10. 10.
    Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: A ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  11. 11.
    Coster, M.J., Joux, A., LaMacchia, B.A., Odlyzko, A.M., Schnorr, C.P., Stern, J.: Improved low-density subset sum algorithms. Comput. Complexity 2, 111–128 (1992)MATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Shoup, V.: NTL – a library for doing number theory, Release 5.4 (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Johannes Buchmann
    • 1
  • Christoph Ludwig
    • 1
  1. 1.Fachbereich InformatikTechnische Universität DarmstadtDarmstadtGermany

Personalised recommendations