Faster Enumeration-based Lattice Reduction: Root Hermite Factor k^(1/(2k)) in Time k^(k/8 + o(k)) (original) (raw)

Paper 2020/707

Faster Enumeration-based Lattice Reduction: Root Hermite Factor k^(1/(2k)) in Time k^(k/8 + o(k))

Martin R. Albrecht, Shi Bai, Pierre-Alain Fouque, Paul Kirchner, Damien Stehlé, and Weiqiang Wen

Abstract

We give a lattice reduction algorithm that achieves root Hermite factor k1/(2k)k^{1/(2k)}k1/(2k) in time kk/8+o(k)k^{k/8 + o(k)}kk/8+o(k) and polynomial memory. This improves on the previously best known enumeration-based algorithms which achieve the same quality, but in time kk/(2e)+o(k)k^{k/(2e) + o(k)}kk/(2e)+o(k). A cost of kk/8+o(k)k^{k/8 + o(k)}kk/8+o(k) was previously mentioned as potentially achievable (Hanrot-Stehlé'10) or as a heuristic lower bound (Nguyen'10) for enumeration algorithms. We prove the complexity and quality of our algorithm under a heuristic assumption and provide empirical evidence from simulation and implementation experiments attesting to its performance for practical and cryptographic parameter sizes. Our work also suggests potential avenues for achieving costs below kk/8+o(k)k^{k/8 + o(k)}kk/8+o(k) for the same root Hermite factor, based on the geometry of SDBKZ-reduced bases.

BibTeX

@misc{cryptoeprint:2020/707, author = {Martin R. Albrecht and Shi Bai and Pierre-Alain Fouque and Paul Kirchner and Damien Stehlé and Weiqiang Wen}, title = {Faster Enumeration-based Lattice Reduction: Root Hermite Factor k^(1/(2k)) in Time k^(k/8 + o(k))}, howpublished = {Cryptology {ePrint} Archive, Paper 2020/707}, year = {2020}, url = {https://eprint.iacr.org/2020/707} }