Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Journal of Mathematical Cryptology

Managing Editor: Magliveras, Spyros S. / Steinwandt, Rainer / Trung, Tran

Editorial Board: Blackburn, Simon R. / Blundo, Carlo / Burmester, Mike / Cramer, Ronald / Dawson, Ed / Gilman, Robert / Gonzalez Vasco, Maria Isabel / Grosek, Otokar / Helleseth, Tor / Kim, Kwangjo / Koblitz, Neal / Kurosawa, Kaoru / Lauter, Kristin / Lange, Tanja / Menezes, Alfred / Nguyen, Phong Q. / Pieprzyk, Josef / Rötteler, Martin / Safavi-Naini, Rei / Shparlinski, Igor E. / Stinson, Doug / Takagi, Tsuyoshi / Williams, Hugh C. / Yung, Moti

4 Issues per year


CiteScore 2017: 1.43

SCImago Journal Rank (SJR) 2017: 0.293
Source Normalized Impact per Paper (SNIP) 2017: 1.117

Mathematical Citation Quotient (MCQ) 2017: 0.51

Online
ISSN
1862-2984
See all formats and pricing
More options …
Volume 2, Issue 2

Issues

Sieve algorithms for the shortest vector problem are practical

Phong Q. Nguyen / Thomas Vidick
Published Online: 2008-09-11 | DOI: https://doi.org/10.1515/JMC.2008.009

Abstract

The most famous lattice problem is the Shortest Vector Problem (SVP), which has many applications in cryptology. The best approximation algorithms known for SVP in high dimension rely on a subroutine for exact SVP in low dimension. In this paper, we assess the practicality of the best (theoretical) algorithm known for exact SVP in low dimension: the sieve algorithm proposed by Ajtai, Kumar and Sivakumar (AKS) in 2001. AKS is a randomized algorithm of time and space complexity 2O(n), which is theoretically much lower than the super-exponential complexity of all alternative SVP algorithms. Surprisingly, no implementation and no practical analysis of AKS has ever been reported. It was in fact widely believed that AKS was impractical: for instance, Schnorr claimed in 2003 that the constant hidden in the 2O(n) complexity was at least 30. In this paper, we show that AKS can actually be made practical: we present a heuristic variant of AKS whose running time is polynomial-time operations, and whose space requirement is polynomially many bits. Our implementation can experimentally find shortest lattice vectors up to dimension 50, but is slower than classical alternative SVP algorithms in these dimensions.

Keywords.: Lattices; AKS Algorithm; sieve; LLL; enumeration

About the article

Received: 2007-10-04

Published Online: 2008-09-11

Published in Print: 2008-07-01


Citation Information: Journal of Mathematical Cryptology, Volume 2, Issue 2, Pages 181–207, ISSN (Online) 1862-2984, ISSN (Print) 1862-2976, DOI: https://doi.org/10.1515/JMC.2008.009.

Export Citation

© de Gruyter 2008.Get Permission

Citing Articles

Here you can find all Crossref-listed publications in which this article is cited. If you would like to receive automatic email messages as soon as this article is cited in other publications, simply activate the “Citation Alert” on the top of this page.

[1]
Zhongxiang Zheng, Xiaoyun Wang, Guangwu Xu, and Yang Yu
Science China Information Sciences, 2018, Volume 61, Number 3
[2]
Artur Mariano, Thijs Laarhoven, Fabio Correia, Manuel Rodrigues, and Gabriel Falcao
IEEE Access, 2017, Volume 5, Page 24184
[3]
Daya Sagar Gupta and G. P. Biswas
Transactions on Emerging Telecommunications Technologies, 2017, Page e3255
[4]
Shi Bai, Thijs Laarhoven, and Damien Stehlé
LMS Journal of Computation and Mathematics, 2016, Volume 19, Number A, Page 146
[5]
Liqin Ding, Kimmo Kansanen, Yang Wang, and Jiliang Zhang
IEEE Transactions on Wireless Communications, 2015, Volume 14, Number 12, Page 6955
[6]
Kyung-Ah Shim
IEEE Communications Surveys & Tutorials, 2016, Volume 18, Number 1, Page 577
[7]
Wen Zhang, Sanzheng Qiao, and Yimin Wei
IEEE Transactions on Signal Processing, 2012, Volume 60, Number 11, Page 5963
[8]
Shuiyin Liu, Cong Ling, and Damien Stehle
IEEE Transactions on Information Theory, 2011, Volume 57, Number 9, Page 5933
[9]
Daniele Micciancio and Panagiotis Voulgaris
SIAM Journal on Computing, 2013, Volume 42, Number 3, Page 1364
[10]
Thijs Laarhoven, Michele Mosca, and Joop van de Pol
Designs, Codes and Cryptography, 2015, Volume 77, Number 2-3, Page 375
[11]
Anja Becker, Nicolas Gama, and Antoine Joux
LMS Journal of Computation and Mathematics, 2014, Volume 17, Number A, Page 49
[12]
Robert Hildebrand and Matthias Köppe
Discrete Optimization, 2013, Volume 10, Number 1, Page 69
[13]
Bala Krishnamoorthy, William Webb, and Nathan Moyer
Discrete Optimization, 2012, Volume 9, Number 3, Page 159
[14]
Heiko Vogel
Annals of Operations Research, 2012, Volume 196, Number 1, Page 581
[15]
Émilie Charrier, Fabien Feschet, and Lilian Buzer
Theoretical Computer Science, 2011, Volume 412, Number 36, Page 4814

Comments (0)

Please log in or register to comment.
Log in