An LLL Algorithm for Module Lattices (original) (raw)

Paper 2019/1035

An LLL Algorithm for Module Lattices

Changmin Lee, Alice Pellet-Mary, Damien Stehlé, and Alexandre Wallet

Abstract

The LLL algorithm takes as input a basis of a Euclidean lattice, and, within a polynomial number of operations, it outputs another basis of the same lattice but consisting of rather short vectors. We provide a generalization to R-modules contained in K^n for arbitrary number fields K and dimension n, with R denoting the ring of integers of K. Concretely, we introduce an algorithm that efficiently finds short vectors in rank-n modules when given access to an oracle that finds short vectors in rank-2 modules, and an algorithm that efficiently finds short vectors in rank-2 modules given access to a Closest Vector Problem oracle for a lattice that depends only on K. The second algorithm relies on quantum computations and its analysis is heuristic. In the special case of free modules, we propose a dequantized version of this algorithm.

Note: update: dequantizing the algorithm for free modules

BibTeX

@misc{cryptoeprint:2019/1035, author = {Changmin Lee and Alice Pellet-Mary and Damien Stehlé and Alexandre Wallet}, title = {An {LLL} Algorithm for Module Lattices}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/1035}, year = {2019}, url = {https://eprint.iacr.org/2019/1035} }