Journal of the Korean Mathematical Society (대한수학회지)

Korean Mathematical Society (대한수학회)
권호 표지
DOI QR코드

DOI QR Code

ON PAIRWISE GAUSSIAN BASES AND LLL ALGORITHM FOR THREE DIMENSIONAL LATTICES

  • Received : 2021.08.13
  • Accepted : 2022.07.28
  • Published : 2022.11.01
Download PDF
⟨ Previous Next ⟩

Abstract

For two dimensional lattices, a Gaussian basis achieves all two successive minima. For dimension larger than two, constructing a pairwise Gaussian basis is useful to compute short vectors of the lattice. For three dimensional lattices, Semaev showed that one can convert a pairwise Gaussian basis to a basis achieving all three successive minima by one simple reduction. A pairwise Gaussian basis can be obtained from a given basis by executing Gauss algorithm for each pair of basis vectors repeatedly until it returns a pairwise Gaussian basis. In this article, we prove a necessary and sufficient condition for a pairwise Gaussian basis to achieve the first k successive minima for three dimensional lattices for each k ∈ {1, 2, 3} by modifying Semaev's condition. Our condition directly checks whether a pairwise Gaussian basis contains the first k shortest independent vectors for three dimensional lattices. LLL is the most basic lattice basis reduction algorithm and we study how to use LLL to compute a pairwise Gaussian basis. For δ ≥ 0.9, we prove that LLL(δ) with an additional simple reduction turns any basis for a three dimensional lattice into a pairwise SV-reduced basis. By using this, we convert an LLL reduced basis to a pairwise Gaussian basis in a few simple reductions. Our result suggests that the LLL algorithm is quite effective to compute a basis with all three successive minima for three dimensional lattices.

Keywords

Acknowledgement

Hyang-Sook Lee was supported by the National Research Foundation of Korea(NRF) grant funded by the Korea government(MSIT) (No. NRF-2021R1A2C1094821) and partially supported by the Basic Science Research Program through the NRF funded by the Ministry of Education (Grant No. 2019R1A6A1A11051177). Seongan Lim was supported by the NRF of Korea (Grant Number: 2016R1D1A1B01008562).

References

  1. M. Ajtai, The shortest vector problem in L2 is NP-hard for randomized reductions, STOC 98 Proceedings of the 13th annual ACM symposium on Theory of computing, pp. 10-19, 1998.
  2. M. Bremner, Lattice Basis Reduction: An Introduction to the LLL Algorithm and Its Applications, CRC Press, 2011.
  3. Y. Chen and P. Q. Nguyen, BKZ 2.0: better lattice security estimates, in Advances in cryptology-ASIACRYPT 2011, 1-20, Lecture Notes in Comput. Sci., 7073, Springer, Heidelberg, 2011. https://doi.org/10.1007/978-3-642-25385-0_1
  4. C. F. Gauss, Disquisitiones arithmeticae, translated and with a preface by Arthur A. Clarke, Springer-Verlag, New York, 1986.
  5. J. Hoffstein, J. Pipher, and J. H. Silverman, An Introduction to Mathematical Cryptography, Undergraduate Texts in Mathematics, Springer, New York, 2008.
  6. H.-S. Lee, S. Lim, K. Song, and I. Yie, New orthogonality criterion for shortest vector of lattices and its applications, Discrete Appl. Math. 283 (2020), 323-335. https://doi.org/10.1016/j.dam.2020.01.023
  7. A. K. Lenstra, H. W. Lenstra, Jr., and L. Lovasz, Factoring polynomials with rational coefficients, Math. Ann. 261 (1982), no. 4, 515-534. https://doi.org/10.1007/BF01457454
  8. D. Micciancio and P. Voulgaris, Faster exponential time algorithms for the shortest vector problem, in Proceedings of the Twenty-First Annual ACM-SIAM Symposium on Discrete Algorithms, 1468-1480, SIAM, Philadelphia, PA, 2010.
  9. R. Neelamani, S. Dash, and R. G. Baraniuk, On nearly orthogonal lattice bases and random lattices, SIAM J. Discrete Math. 21 (2007), no. 1, 199-219. https://doi.org/10.1137/050635985
  10. P. Q. Nguyen and D. Stehl'e, Low-dimensional lattice basis reduction revisited, ACM Trans. Algorithms 5 (2009), no. 4, Art. 46, 48 pp. https://doi.org/10.1145/1597036.1597050
  11. I. Semaev, A 3-dimensional lattice reduction algorithm, in Cryptography and lattices(Providence, RI, 2001), 181-193, Lecture Notes in Comput. Sci., 2146, Springer, Berlin, 2001. https://doi.org/10.1007/3-540-44670-2_13