41 research outputs found
On the Lattice Distortion Problem
We introduce and study the \emph{Lattice Distortion Problem} (LDP). LDP asks
how "similar" two lattices are. I.e., what is the minimal distortion of a
linear bijection between the two lattices? LDP generalizes the Lattice
Isomorphism Problem (the lattice analogue of Graph Isomorphism), which simply
asks whether the minimal distortion is one.
As our first contribution, we show that the distortion between any two
lattices is approximated up to a factor by a simple function of
their successive minima. Our methods are constructive, allowing us to compute
low-distortion mappings that are within a factor
of optimal in polynomial time and within a factor of optimal in
singly exponential time. Our algorithms rely on a notion of basis reduction
introduced by Seysen (Combinatorica 1993), which we show is intimately related
to lattice distortion. Lastly, we show that LDP is NP-hard to approximate to
within any constant factor (under randomized reductions), by a reduction from
the Shortest Vector Problem.Comment: This is the full version of a paper that appeared in ESA 201
Tensor-based trapdoors for CVP and their application to public key cryptography
We propose two trapdoors for the Closest-Vector-Problem in lattices (CVP) related to the lattice tensor product. Using these trapdoors we set up a lattice-based cryptosystem which resembles to the McEliece scheme
Reduction algorithms for the cryptanalysis of lattice based asymmetrical cryptosystems
Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2008Includes bibliographical references (leaves: 79-91)Text in English; Abstract: Turkish and Englishxi, 119 leavesThe theory of lattices has attracted a great deal of attention in cryptology in recent years. Several cryptosystems are constructed based on the hardness of the lattice problems such as the shortest vector problem and the closest vector problem. The aim of this thesis is to study the most commonly used lattice basis reduction algorithms, namely Lenstra Lenstra Lovasz (LLL) and Block Kolmogorov Zolotarev (BKZ) algorithms, which are utilized to approximately solve the mentioned lattice based problems.Furthermore, the most popular variants of these algorithms in practice are evaluated experimentally by varying the common reduction parameter delta in order to propose some practical assessments about the effect of this parameter on the process of basis reduction.These kind of practical assessments are believed to have non-negligible impact on the theory of lattice reduction, and so the cryptanalysis of lattice cryptosystems, due to thefact that the contemporary nature of the reduction process is mainly controlled by theheuristics
Integer-Forcing MIMO Linear Receivers Based on Lattice Reduction
A new architecture called integer-forcing (IF) linear receiver has been
recently proposed for multiple-input multiple-output (MIMO) fading channels,
wherein an appropriate integer linear combination of the received symbols has
to be computed as a part of the decoding process. In this paper, we propose a
method based on Hermite-Korkine-Zolotareff (HKZ) and Minkowski lattice basis
reduction algorithms to obtain the integer coefficients for the IF receiver. We
show that the proposed method provides a lower bound on the ergodic rate, and
achieves the full receive diversity. Suitability of complex
Lenstra-Lenstra-Lovasz (LLL) lattice reduction algorithm (CLLL) to solve the
problem is also investigated. Furthermore, we establish the connection between
the proposed IF linear receivers and lattice reduction-aided MIMO detectors
(with equivalent complexity), and point out the advantages of the former class
of receivers over the latter. For the and MIMO
channels, we compare the coded-block error rate and bit error rate of the
proposed approach with that of other linear receivers. Simulation results show
that the proposed approach outperforms the zero-forcing (ZF) receiver, minimum
mean square error (MMSE) receiver, and the lattice reduction-aided MIMO
detectors.Comment: 9 figures and 11 pages. Modified the title, abstract and some parts
of the paper. Major change from v1: Added new results on applicability of the
CLLL reductio
Lattice Points in Large Borel Sets and Successive Minima
Let be a Borel set in with volume . It is
shown that almost all lattices in contain infinitely many
pairwise disjoint -tuples, that is sets of linearly independent points
in . A consequence of this result is the following: let be a star body
in with . Then for almost all lattices in
the successive minima
of with respect to are 0. A corresponding result holds for most
lattices in the Baire category sense. A tool for the latter result is the
semi-continuity of the successive minima.Comment: 8 page
On the Smallest Ratio Problem of Lattice Bases
Let be a lattice basis with Gram-Schmidt orthogonalization , the quantities
for
play important roles in
analyzing lattice reduction algorithms and lattice enumeration algorithms.
In this paper, we study the problem of minimizing the quantity over all bases of a given -dimensional lattice. We
first prove that there exists a basis
for any lattice of dimension such that
,
and
for .
This leads us to introduce a new NP-hard computational problem, that is, the smallest ratio problem (SRP): given an -dimensional
lattice ,
find a basis of such that
is minimal. The problem inspires the new lattice invariant
and new lattice constant
over all -dimensional
lattices : both the minimum and maximum are justified. The properties of and are discussed.
We also present an exact algorithm and an approximation algorithm for SRP.
This is the first sound study of SRP. Our work is a tiny step towards solving an open problem proposed by Dadush-Regev-Stephens-Davidowitz (CCC \u2714) for tackling the closest vector problem with preprocessing, that is, whether there exists a basis for any -rank lattice such that
Quantum algorithmic solutions to the shortest vector problem on simulated coherent Ising machines
Quantum computing poses a threat to contemporary cryptosystems, with advances
to a state in which it will cause problems predicted for the next few decades.
Many of the proposed cryptosystems designed to be quantum-secure are based on
the Shortest Vector Problem and related problems. In this paper we use the
Quadratic Unconstrained Binary Optimisation formulation of the Shortest Vector
Problem implemented as a quantum Ising model on a simulated Coherent Ising
Machine, showing progress towards solving SVP for three variants of the
algorithm.Comment: 15 page
On the Closest Vector Problem with a Distance Guarantee
We present a substantially more efficient variant, both in terms of running
time and size of preprocessing advice, of the algorithm by Liu, Lyubashevsky,
and Micciancio for solving CVPP (the preprocessing version of the Closest
Vector Problem, CVP) with a distance guarantee. For instance, for any , our algorithm finds the (unique) closest lattice point for any target
point whose distance from the lattice is at most times the length of
the shortest nonzero lattice vector, requires as preprocessing advice only vectors, and runs in
time .
As our second main contribution, we present reductions showing that it
suffices to solve CVP, both in its plain and preprocessing versions, when the
input target point is within some bounded distance of the lattice. The
reductions are based on ideas due to Kannan and a recent sparsification
technique due to Dadush and Kun. Combining our reductions with the LLM
algorithm gives an approximation factor of for search
CVPP, improving on the previous best of due to Lagarias, Lenstra,
and Schnorr. When combined with our improved algorithm we obtain, somewhat
surprisingly, that only O(n) vectors of preprocessing advice are sufficient to
solve CVPP with (the only slightly worse) approximation factor of O(n).Comment: An early version of the paper was titled "On Bounded Distance
Decoding and the Closest Vector Problem with Preprocessing". Conference on
Computational Complexity (2014