Random Sampling for Short Lattice Vectors on Graphics Cards

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6917)


We present a GPU implementation of the Simple Sampling Reduction (SSR) algorithm that searches for short vectors in lattices. SSR makes use of the famous BKZ algorithm. It complements an exhaustive search in a suitable search region to insert random, short vectors to the lattice basis. The sampling of short vectors can be executed in parallel.

Our GPU implementation increases the number of sampled vectors per second from 5200 to more than 120,000. With this we are the first to present a parallel implementation of SSR and we make use of the computing capability of modern graphics cards to enhance the search for short vectors even more.


Lattice reduction random sampling SSR BKZ 


  1. 1.
    Advanced Micro Devices. ATI CTM Guide. Technical report, ATI (2006)Google Scholar
  2. 2.
    Backes, W., Wetzel, S.: Parallel lattice basis reduction using a multi-threaded schnorr-euchner LLL algorithm. In: Sips, H., Epema, D., Lin, H.-X. (eds.) Euro-Par 2009. LNCS, vol. 5704, pp. 960–973. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Bernstein, D.J., Chen, T.-R., Cheng, C.-M., Lange, T., Yang, B.-Y.: ECM on graphics cards. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 483–501. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Bos, J.W., Stefan, D.: Performance analysis of the SHA-3 candidates on exotic multi-core architectures. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 279–293. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Buchmann, J., Lindner, R.: Secure parameters for SWIFFT. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 1–17. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  6. 6.
    Buchmann, J., Lindner, R., Rückert, M.: Explicit hard instances of the shortest vector problem. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 79–94. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  7. 7.
    Buchmann, J., Ludwig, C.: Practical lattice basis sampling reduction. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 222–237. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Cook, D.L., Ioannidis, J., Keromytis, A.D., Luck, J.: CryptoGraphics: Secret key cryptography using graphics cards. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 334–350. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Dagdelen, Ö., Schneider, M.: Parallel enumeration of shortest lattice vectors. In: D’Ambra, P., Guarracino, M., Talia, D. (eds.) Euro-Par 2010. LNCS, vol. 6272, pp. 211–222. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Detrey, J., Hanrot, G., Pujol, X., Stehlé, D.: Accelerating lattice reduction with FPGAs. In: Abdalla, M., Barreto, P.S.L.M. (eds.) LATINCRYPT 2010. LNCS, vol. 6212, pp. 124–143. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Fleissner, S.: GPU-accelerated montgomery exponentiation. In: Shi, Y., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2007. LNCS, vol. 4487, pp. 213–220. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  13. 13.
    Gama, N., Schneider, M.: SVP Challenge (2010),
  14. 14.
    Harrison, O., Waldron, J.: AES encryption implementation and analysis on commodity graphics processing units. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 209–226. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Hermans, J., Schneider, M., Buchmann, J., Vercauteren, F., Preneel, B.: Parallel shortest lattice vector enumeration on graphics cards. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 52–68. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Lenstra, A., Lenstra, H., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 4, 515–534 (1982)CrossRefGoogle Scholar
  17. 17.
    Ludwig, C.: Practical Lattice Basis Sampling Reduction. PhD thesis, Technische Universität Darmstadt (2005),
  18. 18.
    Manavski, S.A.: CUDA compatible GPU as an efficient hardware accelerator for AES cryptography. In: ICSPC, pp. 65–68. IEEE Computer Society Press, Los Alamitos (2007)Google Scholar
  19. 19.
    Micciancio, D., Goldwasser, S.: Complexity of Lattice Problems: a cryptographic perspective. Kluwer Academic Publishers, Dordrecht (2002)zbMATHGoogle Scholar
  20. 20.
    Micciancio, D., Regev, O.: Lattice-based cryptography. In: Bernstein, D.J., Buchmann, J.A., Dahmen, E. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 147–191. Springer, Heidelberg (2008)Google Scholar
  21. 21.
    Moss, A., Page, D., Smart, N.P.: Toward acceleration of RSA using 3D graphics hardware. In: Galbraith, S.D. (ed.) Cryptography and Coding 2007. LNCS, vol. 4887, pp. 364–383. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  22. 22.
    Nguyen, P.Q., Vallée, B.: The LLL Algorithm - Survey and Applications. Springer, Heidelberg (2010)zbMATHCrossRefGoogle Scholar
  23. 23.
    NVIDIA. Compute Unified Device Architecture Programming Guide. Technical report, NVIDIA (2007)Google Scholar
  24. 24.
    NVIDIA. CUBLAS Library (2007)Google Scholar
  25. 25.
    Schnorr, C.-P.: Block reduced lattice bases and successive minima. Combinatorics, Probability & Computing 3, 507–522 (1994)MathSciNetzbMATHCrossRefGoogle Scholar
  26. 26.
    Schnorr, C.-P.: Lattice reduction by random sampling and birthday methods. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 146–156. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  27. 27.
    Schnorr, C.-P., Euchner, M.: Lattice basis reduction: Improved practical algorithms and solving subset sum problems. Mathematical Programming 66, 181–199 (1994)MathSciNetzbMATHCrossRefGoogle Scholar
  28. 28.
    Shoup, V.: Number theory library (NTL) for C++,
  29. 29.
    Szerwinski, R., Güneysu, T.: Exploiting the power of gPUs for asymmetric cryptography. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 79–99. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  30. 30.
    Villard, G.: Parallel lattice basis reduction. In: ISSAC, pp. 269–277. ACM, New York (1992)Google Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  1. 1.Technische Universität DarmstadtGermany

Personalised recommendations