A more efficient algorithm for lattice basis reduction

  • C. P. Schnorr
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 226)


The famous lattice basis reduction algorithm of L. Lovász transforms a given integer lattice basis b1,...,bn ∈ ℤn into a reduced basis, and does this by O(n4 log B) arithmetic operations on O(n log B)-bit integers. Here B bounds the euclidean length of the input vectors, i.e. ∥b12,...,∥bn2 ≦ B. The new algorithm operates on integers with at most O(n + log B) bits and uses at most O(n4 log B) arithmetic operations on such integers. This reduces the number of bit operations for reduction by a factor n2 if n is proportional to log B and if standard arithmetic is used. For most practical cases reduction can be done without very large integer arithmetic but with floating point arithmetic instead.


Arithmetic Operation Reduction Algorithm Basis Reduction Diophantine Approximation Lattice Basis 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. L. Adleman: On breaking the iterated Merkle-Hellman public key cryptosystem. Proc. 15th ACM Symp. on theory of Computing (1983), 402–412.Google Scholar
  2. A.M.Frieze, R. Kannan and J.C. Lagarias: Linear congruential generators do not produce random sequences. Proc. 25th IEEE Symp. on Theory of Computing (1984) 480–484.Google Scholar
  3. J. Hastad and A. Shamir: The cryptographic security of truncated linearly related variables. Proc. 17th ACM Symp. on Theory of Computing (1985), 356–362.Google Scholar
  4. J. Hastad, B. Helfrich, J.C.Lagarias and C.P.Schnorr: Polynomial time algorithms for finding integer relations among real numbers. Proceedings of STACS 86, 3rd Symposium on Theoretical Aspects of Computer Science, Jan. 1986, Orsay, Springer Lecture Notes in Computer Science.Google Scholar
  5. E. Kaltofen: On the complexity of finding short vectors in integer lattices. Proc. Eurocal'83. Lecture Notes in Comp. Sci.Google Scholar
  6. J.C.Lagarias: The computational complexity of simultaneous diophantine approximation problems. Proc. 23d IEEE Symp. on Foundations of Computer Science (1983), 32–39.Google Scholar
  7. A.K. Lenstra, H.W. Lenstra Jr., L. Lovàsz: Factoring polynomials with rational coefficients. Math. Ann. 261 (1982), 515–534.Google Scholar
  8. H.W. Lenstra, Jr.: Integer programming in a fixed number of variables. Mathematics of Operations Research 8 (1983) 538–548.Google Scholar
  9. A. M.Odlyzko and H. te Riele: Disproof of the Mertens conjecture. Preprint 1984.Google Scholar
  10. C.P.Schnorr: A hierarchy of polynomial time lattice basis reduction algorithms. Extended abstract in: Theory of Algebra, Colloquia Mathematica Societatis Janos Bolyai 44 (North-Holland, Amsterdam, 1986) Complete paper is submitted for publication.Google Scholar
  11. A.Schönhage: Factorization of univariate integer polynomials by diophantine approximation and an improved basis reduction algorithm. Proc. ICALP (1984) Antwerpen.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1986

Authors and Affiliations

  • C. P. Schnorr
    • 1
  1. 1.Fachbereich Mathematik/InformatikUniversität FrankfurtGermany

Personalised recommendations