Advertisement

A New Lattice Sieving Algorithm Base on Angular Locality-Sensitive Hashing

  • Ping Wang
  • Dongdong Shang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10726)

Abstract

Currently, the space requirement of sieving algorithms to solve the shortest vector problem (SVP) grows as \(2^{0.2075n+o(n)}\), where n is the lattice dimension. In high dimensions, the memory requirement makes them uncompetitive with enumeration algorithms. Shi Bai et al. presents a filtered triple sieving algorithm that breaks the bottleneck with memory \( 2^{0.1887n+o(n)}\) and time \( 2^{0.481n+o(n)}\).

Benefiting from the angular locality-sensitive hashing (LSH) method, our proposed algorithm runs in time \(2^{0.4098n+o(n)}\) with the same space complexity \(2^{0.1887n+o(n)}\) as the filtered triple sieving algorithm. Our experiment demonstrates that the proposed algorithm achieves the desired results. Furthermore, we use the proposed algorithm to solve the closest vector problem (CVP) with the lowest space complexity as far as we know in the literature.

Keywords

Filtered triple sieving Angular locality-sensitive hashing Shortest vector problem Closest vector problem 

References

  1. 1.
    Lenstra, H.W., Lenstra, A.K., Lovfiasz, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261, 515–534 (1982)MathSciNetCrossRefMATHGoogle Scholar
  2. 2.
    Kannan, R.: Improved algorithms for integer programming and related lattice problems. In: ACM Symposium on Theory of Computing, 25–27 April 1983, Boston, Massachusetts, USA, pp. 193–206 (1983)Google Scholar
  3. 3.
    Schnorr, C.P., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. In: Budach, L. (ed.) FCT 1991. LNCS, vol. 529, pp. 68–85. Springer, Heidelberg (1991).  https://doi.org/10.1007/3-540-54458-5_51 CrossRefGoogle Scholar
  4. 4.
    Gama, N., Nguyen, P.Q., Regev, O.: Lattice enumeration using extreme pruning. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 257–278. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_13 CrossRefGoogle Scholar
  5. 5.
    Chen, Y., Nguyen, P.Q.: BKZ 2.0: better lattice security estimates. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 1–20. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25385-0_1 CrossRefGoogle Scholar
  6. 6.
    Micciancio, D., Walter, M.: Practical, predictable lattice basis reduction. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 820–849. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49890-3_31 CrossRefGoogle Scholar
  7. 7.
    Aono, Y., Wang, Y., Hayashi, T., Takagi, T.: Improved progressive BKZ algorithms and their precise cost estimation by sharp simulator. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 789–819. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49890-3_30 CrossRefGoogle Scholar
  8. 8.
    Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: ACM Symposium on Theory of Computing, pp. 601–610 (2002)Google Scholar
  9. 9.
    Nguyen, P.Q., Vidick, T.: Sieve algorithms for the shortest vector problem are practical. J. Math. Cryptology 2(2), 181–207 (2008)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Wang, X., Liu, M., Tian, C., Bi, J.: Improved Nguyen-Vidick heuristic sieve algorithm for shortest vector problem. In: ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, Hong Kong, China, March 2011, pp. 1–9 (2011)Google Scholar
  11. 11.
    Micciancio, D., Voulgaris, P.: Faster exponential time algorithms for the shortest vector problem. In: ACM-SIAM Symposium on Discrete Algorithms, pp. 1468–1480 (2010)Google Scholar
  12. 12.
    Pujol, X., Stehl, D.: Solving the shortest lattice vector problem in time 2 2.465n. IACR Cryptology ePrint Archive, vol. 2009 (2006)Google Scholar
  13. 13.
    Micciancio, D., Voulgaris, P.: A deterministic single exponential time algorithm for most lattice problems based on Voronoi cell computations. In: ACM Symposium on Theory of Computing, pp. 351–358 (2010)Google Scholar
  14. 14.
    Aggarwal, D., Dadush, D., Regev, O., Stephens-Davidowitz, N.: Solving the shortest vector problem in 2 n time using discrete Gaussian sampling: extended abstract. In: Forty-Seventh ACM Symposium on Theory of Computing, pp. 733–742 (2015)Google Scholar
  15. 15.
    Charikar, M.S.: Similarity estimation techniques from rounding algorithms. In: Thiry-Fourth ACM Symposium on Theory of Computing, pp. 380–388 (2002)Google Scholar
  16. 16.
    Indyk, P., Motwani, R.: Approximate nearest neighbors: towards removing the curse of dimensionality. In: Theory of Computing, no. 11, pp. 604–613 (2000)Google Scholar
  17. 17.
    Becker, A., Laarhoven, T.: Efficient (ideal) lattice sieving using cross-polytope LSH. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2016. LNCS, vol. 9646, pp. 3–23. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-31517-1_1 CrossRefGoogle Scholar
  18. 18.
    Becker, A., Ducas, L., Gama, N., Laarhoven, T.: New directions in nearest neighbor searching with applications to lattice sieving. In: Twenty-Seventh ACM-SIAM Symposium on Discrete Algorithms, pp. 10–24 (2016)Google Scholar
  19. 19.
    Shi, B.: Tuple lattice sieving. LMS J. Comput. Math. 19(A), 146–162 (2016)MathSciNetCrossRefMATHGoogle Scholar
  20. 20.
    Laarhoven, T.: Sieving for shortest vectors in lattices using angular locality-sensitive hashing. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 3–22. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-47989-6_1 CrossRefGoogle Scholar
  21. 21.
    Panigrahy, R.: Entropy based nearest neighbor search in high dimensions. In: SODA 2006: Proceedings of the Seventeenth Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 1186–1195 (2005)Google Scholar
  22. 22.
    Goldstein, D., Mayer, A.: On the equidistribution of hecke points. Forum Mathematicum 15(2), 165–189 (2003)MathSciNetCrossRefMATHGoogle Scholar
  23. 23.
    Goldstein, D.M.A.: SVP challenge (2010). http://www.latticechallenge.org
  24. 24.
    Schneider, M.: Sieving for shortest vectors in ideal lattices. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 375–391. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38553-7_22 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.College of Information EngineeringShenzhen UniversityShenzhenChina
  2. 2.College of Computer Science and SoftwareShenzhen UniversityShenzhenChina

Personalised recommendations