5,809 research outputs found

    Gradual sub-lattice reduction and a new complexity for factoring polynomials

    Get PDF
    We present a lattice algorithm specifically designed for some classical applications of lattice reduction. The applications are for lattice bases with a generalized knapsack-type structure, where the target vectors are boundably short. For such applications, the complexity of the algorithm improves traditional lattice reduction by replacing some dependence on the bit-length of the input vectors by some dependence on the bound for the output vectors. If the bit-length of the target vectors is unrelated to the bit-length of the input, then our algorithm is only linear in the bit-length of the input entries, which is an improvement over the quadratic complexity floating-point LLL algorithms. To illustrate the usefulness of this algorithm we show that a direct application to factoring univariate polynomials over the integers leads to the first complexity bound improvement since 1984. A second application is algebraic number reconstruction, where a new complexity bound is obtained as well

    New practical algorithms for the approximate shortest lattice vector

    Get PDF
    We present a practical algorithm that given an LLL-reduced lattice basis of dimension n, runs in time O(n3(k=6)k=4+n4) and approximates the length of the shortest, non-zero lattice vector to within a factor (k=6)n=(2k). This result is based on reasonable heuristics. Compared to previous practical algorithms the new method reduces the proven approximation factor achievable in a given time to less than its fourthth root. We also present a sieve algorithm inspired by Ajtai, Kumar, Sivakumar [AKS01]

    Vortex-lattice melting in two-dimensional superconductors in intermediate fields

    Full text link
    To examine the field dependence of the vortex lattice melting transition in two-dimensional (2D) superconductors, Monte Carlo simulations of the 2D Ginzburg-Landau (GL) model are performed by extending the conventional lowest Landau level (LL) approximation to include several {\it higher} LL modes of the superconducting order parameter with LL indices up to six. It is found that a nearly vertical melting line in lower fields, which is familiar within the elastic theory, is reached just by including higher LL modes with LL indices less than five, and that the first order character of the melting transition in higher fields is significantly weakened with decreasing the field. Nevertheless, a genuine crossover to the consecutive continuous melting picture intervened by a hexatic liquid is not found within the use of the GL model.Comment: 6 pages, 7 figures. To appear in Phys. Rev.

    Search-to-Decision Reductions for Lattice Problems with Approximation Factors (Slightly) Greater Than One

    Get PDF
    We show the first dimension-preserving search-to-decision reductions for approximate SVP and CVP. In particular, for any γ1+O(logn/n)\gamma \leq 1 + O(\log n/n), we obtain an efficient dimension-preserving reduction from γO(n/logn)\gamma^{O(n/\log n)}-SVP to γ\gamma-GapSVP and an efficient dimension-preserving reduction from γO(n)\gamma^{O(n)}-CVP to γ\gamma-GapCVP. These results generalize the known equivalences of the search and decision versions of these problems in the exact case when γ=1\gamma = 1. For SVP, we actually obtain something slightly stronger than a search-to-decision reduction---we reduce γO(n/logn)\gamma^{O(n/\log n)}-SVP to γ\gamma-unique SVP, a potentially easier problem than γ\gamma-GapSVP.Comment: Updated to acknowledge additional prior wor

    화이트 박스 및 격자 암호 분석 도구

    Get PDF
    학위논문 (박사)-- 서울대학교 대학원 : 수리과학부, 2016. 2. 김명환.In crypto world, the existence of analytic toolbox which can be used as the measure of security is very important in order to design cryptographic systems. In this thesis, we focus on white-box cryptography and lattice based cryptography, and present analytic tools for them. White-box cryptography presented by Chow et al. is an obfuscation technique for protecting secret keys in software implementations even if an adversary has full access to the implementation of the encryption algorithm and full control over its execution platforms. Despite its practical importance, progress has not been substantial. In fact, it is repeated that as a proposal for a whitebox implementation is reported, an attack of lower complexity is soon announced. This is mainly because most cryptanalytic methods target specific implementations, and there is no general attack tool for white-box cryptography. In this thesis, we present an analytic toolbox on white-box implementations of the Chow et al.s style using lookup tables. Our toolbox could be used to measure the security of white-box implementations. Lattice based cryptography is very interesting field of cryptography nowadays. Many hard problems on lattice can be reduced to some specific form of the shortest vector problem or closest vector problem, and hence related to problem of finding a short basis for given lattice. Therefore, good lattice reduction algorithm can play a role of analytic tools for lattice based cryptography. We proposed an algorithm for lattice basis reduction which uses block reduction. This provides some trade-off of reduction time and quality. This can gives a guideline for the parameter setting of lattice based cryptography.CHAPTER 1 Introduction 1 1.1 Contributions 5 1.2 Organization 8 CHAPTER 2 Preliminaries 9 2.1 SLT Cipher 10 2.2 White-box Implementations 11 2.2.1 Chow et al.'s implementation 12 2.2.2 BGE Attack 13 2.2.3 Michiels et al.'s Cryptanalysis for SLT cipher 14 2.3 Lattice Basis Reduction 15 2.3.1 Lattice 15 2.3.2 LLL Algorithm 16 CHAPTER 3 Analytic Tools for White-box Cryptography 20 3.1 General Model for CEJO framework 21 3.2 Attack Toolbox for White-Box Implementation 24 3.2.1 Recovering Nonlinear Encodings 24 3.2.2 Ane Equivalence Algorithm with Multiple S-boxes 30 3.3 Approaches for Resisting Our Attack Tools 38 3.3.1 Limitation of White-Box Implementation 38 3.3.2 Perspective of White-Box Implementation 40 3.4 A Proposal for a White-Box Implementation of the AES Cipher 42 CHAPTER 4 New Lattice Basis Reduction Algorithm 48 4.1 Nearest Plane Algorithm 51 4.2 Blockwise LLL Algorithm 56 CHAPTER 5 Conclusions 61 Abstract (in Korean) 69Docto

    Non-Abelian Analogs of Lattice Rounding

    Full text link
    Lattice rounding in Euclidean space can be viewed as finding the nearest point in the orbit of an action by a discrete group, relative to the norm inherited from the ambient space. Using this point of view, we initiate the study of non-abelian analogs of lattice rounding involving matrix groups. In one direction, we give an algorithm for solving a normed word problem when the inputs are random products over a basis set, and give theoretical justification for its success. In another direction, we prove a general inapproximability result which essentially rules out strong approximation algorithms (i.e., whose approximation factors depend only on dimension) analogous to LLL in the general case.Comment: 30 page
    corecore