Rounding and Chaining LLL: Finding Faster Small Roots of Univariate Polynomial Congruences

International audienceIn a seminal work at EUROCRYPT '96, Coppersmith showed how to find all small roots of a univariate polynomial congruence in polynomial time: this has found many applications in public-key cryptanalysis and in a few security proofs. However, the running time of the algorithm is a high-degree polynomial, which limits experiments: the bottleneck is an LLL reduction of a high-dimensional matrix with extra-large coefficients. We present in this paper the first significant speedups over Coppersmith's algorithm. The first speedup is based on a special property of the matrices used by Coppersmith's algorithm, which allows us to provably speed up the LLL reduction by rounding, and which can also be used to improve the complexity analysis of Coppersmith's original algorithm. The exact speedup depends on the LLL algorithm used: for instance, the speedup is asymptotically quadratic in the bit-size of the small-root bound if one uses the Nguyen-Stehlé L2 algorithm. The second speedup is heuristic and applies whenever one wants to enlarge the root size of Coppersmith's algorithm by exhaustive search. Instead of performing several LLL reductions independently, we exploit hidden relationships between these matrices so that the LLL reductions can be somewhat chained to decrease the global running time. When both speedups are combined, the new algorithm is in practice hundreds of times faster for typical parameters

Bounding basis reduction properties

The paper describes improved analysis techniques for basis reduction that allow one to prove strong complexity bounds and reduced basis guarantees for traditional reduction algorithms and some of their variants. This is achieved by a careful exploitation of the linear equations and inequalities relating various bit sizes before and after one or more reduction steps

Another view of the Gaussian algorithm

We introduce here a rewrite system in the group of unimodular matrices, i.e., matrices with integer entries and with determinant equal to ±1. We use this rewrite system to precisely characterize the mechanism of the Gaussian algorithm, that finds shortest vectors in a two–dimensional lattice given by any basis. Putting together the algorithmic of lattice reduction and the rewrite system theory, we propose a new worst–case analysis of the Gaussian algorithm. There is already an optimal worst–case bound for some variant of the Gaussian algorithm due to Vallée [16]. She used essentially geometric considerations. Our analysis generalizes her result to the case of the usual Gaussian algorithm. An interesting point in our work is its possible (but not easy) generalization to the same problem in higher dimensions, in order to exhibit a tight upper-bound for the number of iterations of LLL–like reduction algorithms in the worst case. Moreover, our method seems to work for analyzing other families of algorithms. As an illustration, the analysis of sorting algorithms are briefly developed in the last section of the paper

Equivalence Classes of Random Boolean Trees and Application to the Catalan Satisfiability Problem

International audienceAn and/or tree is a binary plane tree, with internal nodes labelled by connectives, and with leaves labelled by literals chosen in a fixed set of $k$ variables and their negations. We introduce the first model of such Catalan trees, whose number of variables $k_n$ is a function of $n$, its number of leaves. We describe the whole range of the probability distributions depending on the functions $k_n$, as soon as it tends jointly with $n$ to infinity. As a by-product we obtain a study of the satisfiability problem in the context of Catalan trees.Our study is mainly based on analytic combinatorics and extends the Kozik’s pattern theory, first developed for the fixed-$k$ Catalan tree model

[Incidence and mortality of central nervous system tumors in France: trends over the period 1978-2000 and influence of registration practices on results]

International audienceBACKGROUND: In France, cancer incidence figures are produced by cancer registries covering only 13.5% to 16% of the whole population of the country. Thus, to produce national figures, estimates have to be computed. Registration disparities between registries concerning tumors of the Central Nervous System (CNS) could have biased these estimates. METHODS: National estimates are based on modelling of the incidence/mortality ratio. The most recent estimations for year 2000 were calculated by the French Cancer Registry Network (FRANCIM) and the department of biostatistics of Lyon University Hospital. Since benign tumors are not recorded in some cancer registries, a new estimate of the incidence of CNS tumors was produced by estimating the number of benign tumors in these registries. RESULTS: In 2000 in France, the number of estimated cases of CNS tumors was 2697 in men and 2602 in women, with incidence rates (World standard) of 7.4 and 6.4 per 100,000 respectively. The incidence increased between 1978 and 2000, on an average by 2.25% per year in men and 3.01% per year in women. However, these estimates do not provide a correct picture of CNS incidence. First of all, pathological diagnoses are not performed in 3.5%-27.5% of the patients with CNS tumors registered in French registries. Second, figures for benign tumors (mainly meningiomas) were provided by only two of nine cancer registries. If benign tumors had been registered by all cancer registries, computed incidence would have increased by 12% for men and 26% for women. CONCLUSION: Incidence of CNS tumors is increasing in France, as in many other countries. To improve comparability with other countries, French cancer registries should also collect data on benign tumors. The discrepancies observed between registries in the proportion of patients without information on histology show differences in diagnostic practices and should be the starting point for a survey on this topic

[Incidence and mortality of central nervous system tumors in France: trends over the period 1978-2000 and influence of registration practices on results]

International audienceBACKGROUND: In France, cancer incidence figures are produced by cancer registries covering only 13.5% to 16% of the whole population of the country. Thus, to produce national figures, estimates have to be computed. Registration disparities between registries concerning tumors of the Central Nervous System (CNS) could have biased these estimates. METHODS: National estimates are based on modelling of the incidence/mortality ratio. The most recent estimations for year 2000 were calculated by the French Cancer Registry Network (FRANCIM) and the department of biostatistics of Lyon University Hospital. Since benign tumors are not recorded in some cancer registries, a new estimate of the incidence of CNS tumors was produced by estimating the number of benign tumors in these registries. RESULTS: In 2000 in France, the number of estimated cases of CNS tumors was 2697 in men and 2602 in women, with incidence rates (World standard) of 7.4 and 6.4 per 100,000 respectively. The incidence increased between 1978 and 2000, on an average by 2.25% per year in men and 3.01% per year in women. However, these estimates do not provide a correct picture of CNS incidence. First of all, pathological diagnoses are not performed in 3.5%-27.5% of the patients with CNS tumors registered in French registries. Second, figures for benign tumors (mainly meningiomas) were provided by only two of nine cancer registries. If benign tumors had been registered by all cancer registries, computed incidence would have increased by 12% for men and 26% for women. CONCLUSION: Incidence of CNS tumors is increasing in France, as in many other countries. To improve comparability with other countries, French cancer registries should also collect data on benign tumors. The discrepancies observed between registries in the proportion of patients without information on histology show differences in diagnostic practices and should be the starting point for a survey on this topic