On the reduction of a random basis

For $g < n$, let $b\_1,...,b\_{n-g}$ be $n - g$ independent vectors in $\mathbb{R}^n$ with a common distribution invariant by rotation. Considering these vectors as a basis for the Euclidean lattice they generate, the aim of this paper is to provide asymptotic results when $n\to +\infty$ concerning the property that such a random basis is reduced in the sense of {\sc Lenstra, Lenstra & Lov\'asz}. The proof passes by the study of the process $(r\_{g+1}^{(n)},r\_{g+2}^{(n)},...,r\_{n-1}^{(n)})$ where $r\_j^{(n)}$ is the ratio of lengths of two consecutive vectors $b^*\_{n-j+1}$ and $b^*\_{n-j}$ built from $(b\_1,...,b\_{n-g})$ by the Gram--Schmidt orthogonalization procedure, which we believe to be interesting in its own. We show that, as $n\to+\infty$, the process $(r\_j^{(n)}-1)\_j$ tends in distribution in some sense to an explicit process $({\mathcal R}\_j -1)\_j$; some properties of this latter are provided

DMT Optimality of LR-Aided Linear Decoders for a General Class of Channels, Lattice Designs, and System Models

The work identifies the first general, explicit, and non-random MIMO encoder-decoder structures that guarantee optimality with respect to the diversity-multiplexing tradeoff (DMT), without employing a computationally expensive maximum-likelihood (ML) receiver. Specifically, the work establishes the DMT optimality of a class of regularized lattice decoders, and more importantly the DMT optimality of their lattice-reduction (LR)-aided linear counterparts. The results hold for all channel statistics, for all channel dimensions, and most interestingly, irrespective of the particular lattice-code applied. As a special case, it is established that the LLL-based LR-aided linear implementation of the MMSE-GDFE lattice decoder facilitates DMT optimal decoding of any lattice code at a worst-case complexity that grows at most linearly in the data rate. This represents a fundamental reduction in the decoding complexity when compared to ML decoding whose complexity is generally exponential in rate. The results' generality lends them applicable to a plethora of pertinent communication scenarios such as quasi-static MIMO, MIMO-OFDM, ISI, cooperative-relaying, and MIMO-ARQ channels, in all of which the DMT optimality of the LR-aided linear decoder is guaranteed. The adopted approach yields insight, and motivates further study, into joint transceiver designs with an improved SNR gap to ML decoding.Comment: 16 pages, 1 figure (3 subfigures), submitted to the IEEE Transactions on Information Theor

Reduction algorithms for the cryptanalysis of lattice based asymmetrical cryptosystems

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2008Includes bibliographical references (leaves: 79-91)Text in English; Abstract: Turkish and Englishxi, 119 leavesThe theory of lattices has attracted a great deal of attention in cryptology in recent years. Several cryptosystems are constructed based on the hardness of the lattice problems such as the shortest vector problem and the closest vector problem. The aim of this thesis is to study the most commonly used lattice basis reduction algorithms, namely Lenstra Lenstra Lovasz (LLL) and Block Kolmogorov Zolotarev (BKZ) algorithms, which are utilized to approximately solve the mentioned lattice based problems.Furthermore, the most popular variants of these algorithms in practice are evaluated experimentally by varying the common reduction parameter delta in order to propose some practical assessments about the effect of this parameter on the process of basis reduction.These kind of practical assessments are believed to have non-negligible impact on the theory of lattice reduction, and so the cryptanalysis of lattice cryptosystems, due to thefact that the contemporary nature of the reduction process is mainly controlled by theheuristics

Bounding basis reduction properties

The paper describes improved analysis techniques for basis reduction that allow one to prove strong complexity bounds and reduced basis guarantees for traditional reduction algorithms and some of their variants. This is achieved by a careful exploitation of the linear equations and inequalities relating various bit sizes before and after one or more reduction steps