Decoding by Embedding: Correct Decoding Radius and DMT Optimality

The closest vector problem (CVP) and shortest (nonzero) vector problem (SVP) are the core algorithmic problems on Euclidean lattices. They are central to the applications of lattices in many problems of communications and cryptography. Kannan's \emph{embedding technique} is a powerful technique for solving the approximate CVP, yet its remarkable practical performance is not well understood. In this paper, the embedding technique is analyzed from a \emph{bounded distance decoding} (BDD) viewpoint. We present two complementary analyses of the embedding technique: We establish a reduction from BDD to Hermite SVP (via unique SVP), which can be used along with any Hermite SVP solver (including, among others, the Lenstra, Lenstra and Lov\'asz (LLL) algorithm), and show that, in the special case of LLL, it performs at least as well as Babai's nearest plane algorithm (LLL-aided SIC). The former analysis helps to explain the folklore practical observation that unique SVP is easier than standard approximate SVP. It is proven that when the LLL algorithm is employed, the embedding technique can solve the CVP provided that the noise norm is smaller than a decoding radius $\lambda_1/(2\gamma)$, where $\lambda_1$ is the minimum distance of the lattice, and $\gamma \approx O(2^{n/4})$. This substantially improves the previously best known correct decoding bound $\gamma \approx {O}(2^{n})$. Focusing on the applications of BDD to decoding of multiple-input multiple-output (MIMO) systems, we also prove that BDD of the regularized lattice is optimal in terms of the diversity-multiplexing gain tradeoff (DMT), and propose practical variants of embedding decoding which require no knowledge of the minimum distance of the lattice and/or further improve the error performance.Comment: To appear in IEEE Transactions on Information Theor

Integer-Forcing MIMO Linear Receivers Based on Lattice Reduction

A new architecture called integer-forcing (IF) linear receiver has been recently proposed for multiple-input multiple-output (MIMO) fading channels, wherein an appropriate integer linear combination of the received symbols has to be computed as a part of the decoding process. In this paper, we propose a method based on Hermite-Korkine-Zolotareff (HKZ) and Minkowski lattice basis reduction algorithms to obtain the integer coefficients for the IF receiver. We show that the proposed method provides a lower bound on the ergodic rate, and achieves the full receive diversity. Suitability of complex Lenstra-Lenstra-Lovasz (LLL) lattice reduction algorithm (CLLL) to solve the problem is also investigated. Furthermore, we establish the connection between the proposed IF linear receivers and lattice reduction-aided MIMO detectors (with equivalent complexity), and point out the advantages of the former class of receivers over the latter. For the $2 \times 2$ and $4\times 4$ MIMO channels, we compare the coded-block error rate and bit error rate of the proposed approach with that of other linear receivers. Simulation results show that the proposed approach outperforms the zero-forcing (ZF) receiver, minimum mean square error (MMSE) receiver, and the lattice reduction-aided MIMO detectors.Comment: 9 figures and 11 pages. Modified the title, abstract and some parts of the paper. Major change from v1: Added new results on applicability of the CLLL reductio

Wyner-Ziv reconciliation for key exchange based on Ring-LWE

We consider a key encapsulation mechanism (KEM) based on ring-LWE where reconciliation is performed on an N-dimensional lattice using Wyner-Ziv coding. More precisely, we consider Barnes-Wall lattices and use Micciancio and Nicolosi's bounded distance decoder with polynomial complexity O(N log(N)^2). We show that in the asymptotic regime for large N, the achievable key rate is Θ(log N) bits per dimension, while the error probability P_e ≈ O(e −Nε). Unlike previous works, our scheme does not require a dither