Improved analysis of Kannan's shortest lattice vector algorithm

Guillaume Hanrot; Damien Stehlé

doi:10.1007/978-3-540-74143-5_10

Improved analysis of Kannan's shortest lattice vector algorithm

Guillaume Hanrot, Damien Stehlé

School of Computing

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

104 Citations (Scopus)

Abstract

The security of lattice-based cryptosystems such as NTRU, GGH and Ajtai-Dwork essentially relies upon the intractability of computing a shortest non-zero lattice vector and a closest lattice vector to a given target vector in high dimensions. The best algorithms for these tasks are due to Kannan, and, though remarkably simple, their complexity estimates have not been improved since over twenty years. Kannan’s algorithm for solving the shortest vector problem (SVP) is in particular crucial in Schnorr’s celebrated block reduction algorithm, on which rely the best known generic attacks against the lattice-based encryption schemes mentioned above. In this paper we improve the complexity upper-bounds of Kannan’s algorithms. The analysis provides new insight on the practical cost of solving SVP, and helps progressing towards providing meaningful key-sizes.

Original language	English
Title of host publication	Advances in cryptology - CRYPTO 2007
Editors	Alfred Menezes
Place of Publication	Berlin/Heidelberg, Germany
Publisher	Springer, Springer Nature
Pages	170-186
Number of pages	17
ISBN (Print)	9783540741428
DOIs	https://doi.org/10.1007/978-3-540-74143-5_10
Publication status	Published - 2007
Event	Annual International Cryptology Conference (27th : 2007) - Santa Barbara, CA, USA Duration: 19 Aug 2007 → 23 Aug 2007

Publication series

Name	Lecture notes in computer science
Publisher	Springer
Volume	4622

Conference

Conference	Annual International Cryptology Conference (27th : 2007)
City	Santa Barbara, CA, USA
Period	19/08/07 → 23/08/07

Access to Document

10.1007/978-3-540-74143-5_10

Cite this

@inproceedings{308fe707b5f54c17a644d8191d9929ae,

title = "Improved analysis of Kannan's shortest lattice vector algorithm",

abstract = "The security of lattice-based cryptosystems such as NTRU, GGH and Ajtai-Dwork essentially relies upon the intractability of computing a shortest non-zero lattice vector and a closest lattice vector to a given target vector in high dimensions. The best algorithms for these tasks are due to Kannan, and, though remarkably simple, their complexity estimates have not been improved since over twenty years. Kannan{\textquoteright}s algorithm for solving the shortest vector problem (SVP) is in particular crucial in Schnorr{\textquoteright}s celebrated block reduction algorithm, on which rely the best known generic attacks against the lattice-based encryption schemes mentioned above. In this paper we improve the complexity upper-bounds of Kannan{\textquoteright}s algorithms. The analysis provides new insight on the practical cost of solving SVP, and helps progressing towards providing meaningful key-sizes.",

author = "Guillaume Hanrot and Damien Stehl{\'e}",

year = "2007",

doi = "10.1007/978-3-540-74143-5\_10",

language = "English",

isbn = "9783540741428",

series = "Lecture notes in computer science",

publisher = "Springer, Springer Nature",

pages = "170--186",

editor = "Alfred Menezes",

booktitle = "Advances in cryptology - CRYPTO 2007",

address = "United States",

note = "Annual International Cryptology Conference (27th : 2007) ; Conference date: 19-08-2007 Through 23-08-2007",

}

Hanrot, G & Stehlé, D 2007, Improved analysis of Kannan's shortest lattice vector algorithm. in A Menezes (ed.), Advances in cryptology - CRYPTO 2007. Lecture notes in computer science, vol. 4622, Springer, Springer Nature, Berlin/Heidelberg, Germany, pp. 170-186, Annual International Cryptology Conference (27th : 2007), Santa Barbara, CA, USA, 19/08/07. https://doi.org/10.1007/978-3-540-74143-5_10

Improved analysis of Kannan's shortest lattice vector algorithm. / Hanrot, Guillaume; Stehlé, Damien.
Advances in cryptology - CRYPTO 2007. ed. / Alfred Menezes. Berlin/Heidelberg, Germany: Springer, Springer Nature, 2007. p. 170-186 (Lecture notes in computer science; Vol. 4622).

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - Improved analysis of Kannan's shortest lattice vector algorithm

AU - Hanrot, Guillaume

AU - Stehlé, Damien

PY - 2007

Y1 - 2007

N2 - The security of lattice-based cryptosystems such as NTRU, GGH and Ajtai-Dwork essentially relies upon the intractability of computing a shortest non-zero lattice vector and a closest lattice vector to a given target vector in high dimensions. The best algorithms for these tasks are due to Kannan, and, though remarkably simple, their complexity estimates have not been improved since over twenty years. Kannan’s algorithm for solving the shortest vector problem (SVP) is in particular crucial in Schnorr’s celebrated block reduction algorithm, on which rely the best known generic attacks against the lattice-based encryption schemes mentioned above. In this paper we improve the complexity upper-bounds of Kannan’s algorithms. The analysis provides new insight on the practical cost of solving SVP, and helps progressing towards providing meaningful key-sizes.

AB - The security of lattice-based cryptosystems such as NTRU, GGH and Ajtai-Dwork essentially relies upon the intractability of computing a shortest non-zero lattice vector and a closest lattice vector to a given target vector in high dimensions. The best algorithms for these tasks are due to Kannan, and, though remarkably simple, their complexity estimates have not been improved since over twenty years. Kannan’s algorithm for solving the shortest vector problem (SVP) is in particular crucial in Schnorr’s celebrated block reduction algorithm, on which rely the best known generic attacks against the lattice-based encryption schemes mentioned above. In this paper we improve the complexity upper-bounds of Kannan’s algorithms. The analysis provides new insight on the practical cost of solving SVP, and helps progressing towards providing meaningful key-sizes.

UR - https://www.scopus.com/pages/publications/38049105289

U2 - 10.1007/978-3-540-74143-5_10

DO - 10.1007/978-3-540-74143-5_10

M3 - Conference proceeding contribution

SN - 9783540741428

T3 - Lecture notes in computer science

SP - 170

EP - 186

BT - Advances in cryptology - CRYPTO 2007

A2 - Menezes, Alfred

PB - Springer, Springer Nature

CY - Berlin/Heidelberg, Germany

T2 - Annual International Cryptology Conference (27th : 2007)

Y2 - 19 August 2007 through 23 August 2007

ER -

Improved analysis of Kannan's shortest lattice vector algorithm

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this