Korkin-Zolotarev bases and successive minima of a lattice and its reciprocal lattice

Wetensch. publicatieFaculteit der Wiskunde en Natuurwetenschappe

Tensor-based trapdoors for CVP and their application to public key cryptography

We propose two trapdoors for the Closest-Vector-Problem in lattices (CVP) related to the lattice tensor product. Using these trapdoors we set up a lattice-based cryptosystem which resembles to the McEliece scheme

On the Lattice Distortion Problem

We introduce and study the \emph{Lattice Distortion Problem} (LDP). LDP asks how "similar" two lattices are. I.e., what is the minimal distortion of a linear bijection between the two lattices? LDP generalizes the Lattice Isomorphism Problem (the lattice analogue of Graph Isomorphism), which simply asks whether the minimal distortion is one. As our first contribution, we show that the distortion between any two lattices is approximated up to a $n^{O(\log n)}$ factor by a simple function of their successive minima. Our methods are constructive, allowing us to compute low-distortion mappings that are within a $2^{O(n \log \log n/\log n)}$ factor of optimal in polynomial time and within a $n^{O(\log n)}$ factor of optimal in singly exponential time. Our algorithms rely on a notion of basis reduction introduced by Seysen (Combinatorica 1993), which we show is intimately related to lattice distortion. Lastly, we show that LDP is NP-hard to approximate to within any constant factor (under randomized reductions), by a reduction from the Shortest Vector Problem.Comment: This is the full version of a paper that appeared in ESA 201

A sharp upper bound for the Lattice Programming Gap

Abstract. Given a full-dimensional lattice Λ ⊂ Z d and a vector l ∈ Qd >0 , we consider the family of the lattice problems Minimize {l · x : x ≡ r( mod Λ), x ∈ Z d ≥0} , r ∈ Z d (0.1) . The lattice programming gap gap(Λ,l) is the largest value of the minima in (0.1) as r varies over Z d . We obtain a sharp upper bound for gap(Λ,l)

On the Lattice Isomorphism Problem

We study the Lattice Isomorphism Problem (LIP), in which given two lattices L_1 and L_2 the goal is to decide whether there exists an orthogonal linear transformation mapping L_1 to L_2. Our main result is an algorithm for this problem running in time n^{O(n)} times a polynomial in the input size, where n is the rank of the input lattices. A crucial component is a new generalized isolation lemma, which can isolate n linearly independent vectors in a given subset of Z^n and might be useful elsewhere. We also prove that LIP lies in the complexity class SZK.Comment: 23 pages, SODA 201