A $$2^{n/2}$$-Time Algorithm for $$\sqrt{n}$$-SVP and $$\sqrt{n}$$-Hermite SVP, and an Improved Time-Approximation Tradeoff for (H)SVP
نویسندگان
چکیده
We show a $$2^{n/2+o(n)}$$ -time algorithm that, given as input basis of lattice $$\mathcal {L}\subset \mathbb {R}^n$$ , finds (non-zero) vector in whose length is at most $$\widetilde{O}(\sqrt{n})\cdot \min \{\lambda _1(\mathcal {L}), \det (\mathcal {L})^{1/n}\}$$ where $$\lambda {L})$$ the shortest non-zero and $$\det determinant. Minkowski showed that {L}) \le \sqrt{n} {L})^{1/n}$$ there exist lattices with \ge \varOmega (\sqrt{n}) \cdot so our vectors are short possible relative to determinant (up polylogarithmic factor). The main technical contribution behind this result new analysis (a simpler variant of) $$2^{n/2 + o(n)}$$ from [ADRS15], which was only previously known solve less useful problems. To achieve this, we rely crucially on “reverse theorem” (conjectured by Dadush [DR16] proven [RS17]), can be thought partial converse fact . Previously, fastest for finding such $$2^{.802n due [LWXZ11], actually found $$O(1) \lambda Though do not how find time suffices important application algorithms: reduction. In particular, modified version Gama Nguyen’s slide-reduction [GN08], combined above improve time-length tradeoff shortest-vector algorithms nearly all regimes—including regimes relevant cryptography.
منابع مشابه
Just Take the Average! An Embarrassingly Simple 2^n-Time Algorithm for SVP (and CVP)
We show a 2-time (and space) algorithm for the Shortest Vector Problem on lattices (SVP) that works by repeatedly running an embarrassingly simple “pair and average” sievinglike procedure on a list of lattice vectors. This matches the running time (and space) of the current fastest known algorithm, due to Aggarwal, Dadush, Regev, and Stephens-Davidowitz (ADRS, in STOC, 2015), with a far simpler...
متن کاملtight frame approximation for multi-frames and super-frames
در این پایان نامه یک مولد برای چند قاب یا ابر قاب تولید شده تحت عمل نمایش یکانی تصویر برای گروه های شمارش پذیر گسسته بررسی خواهد شد. مثال هایی از این قاب ها چند قاب های گابور، ابرقاب های گابور و قاب هایی برای زیرفضاهای انتقال پایاست. نشان می دهیم که مولد چند قاب تنک نرمال شده (ابرقاب) یکتا وجود دارد به طوری که مینیمم فاصله را از ان دارد. همچنین مسایل مشابه برای قاب های دوگان مطرح شده و برخی ...
15 صفحه اولAn Accelerated Algorithm for Solving SVP Based on Statistical Analysis
In this paper, we propose an accelerated algorithm for solving the shortest vector problem (SVP). We construct our algorithm by using two novel ideas, i.e., the choice of appropriate distributions of the natural number representation and the reduction of the sum of the squared lengths of the Gram-Schmidt orthogonalized vectors. These two ideas essentially depend on statistical analysis. The fir...
متن کاملA New Reduction from Search SVP to Optimization SVP
It is well known that search SVP is equivalent to optimization SVP. However, the former reduction from search SVP to optimization SVP by Kannan needs polynomial times calls to the oracle that solves the optimization SVP. In this paper, a new rank-preserving reduction is presented with only one call to the optimization SVP oracle. It is obvious that the new reduction needs the least calls, and i...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Lecture Notes in Computer Science
سال: 2021
ISSN: ['1611-3349', '0302-9743']
DOI: https://doi.org/10.1007/978-3-030-77870-5_17