Floating-Point LLL Revisited
Identifieur interne : 001575 ( Istex/Checkpoint ); précédent : 001574; suivant : 001576Floating-Point LLL Revisited
Auteurs : Phong Q. Nguên [France] ; Damien Stehlé [France]Source :
- Lecture Notes in Computer Science [ 0302-9743 ]
Abstract
Abstract: The Lenstra-Lenstra-Lovász lattice basis reduction algorithm (LLL or L3) is a very popular tool in public-key cryptanalysis and in many other fields. Given an integer d-dimensional lattice basis with vectors of norm less than B in an n-dimensional space, L3 outputs a so-called L3-reduced basis in polynomial time O(d 5 n log3 B), using arithmetic operations on integers of bit-length O(d log B). This worst-case complexity is problematic for lattices arising in cryptanalysis where d or/and log B are often large. As a result, the original L3 is almost never used in practice. Instead, one applies floating-point variants of L3, where the long-integer arithmetic required by Gram-Schmidt orthogonalisation (central in L3) is replaced by floating-point arithmetic. Unfortunately, this is known to be unstable in the worst-case: the usual floating-point L3 is not even guaranteed to terminate, and the output basis may not be L3-reduced at all. In this article, we introduce the L2 algorithm, a new and natural floating-point variant of L3 which provably outputs L3-reduced bases in polynomial time O(d 4 n (d + log B) log B). This is the first L3 algorithm whose running time (without fast integer arithmetic) provably grows only quadratically with respect to log B, like the well-known Euclidean and Gaussian algorithms, which it generalizes.
Url:
DOI: 10.1007/11426639_13
Affiliations:
Links toward previous steps (curation, corpus...)
Links to Exploration step
ISTEX:9CD6779A71CD1A56FD89A716A2C2CF047A672CB1Le document en format XML
<record><TEI wicri:istexFullTextTei="biblStruct"><teiHeader><fileDesc><titleStmt><title xml:lang="en">Floating-Point LLL Revisited</title>
<author><name sortKey="Nguen, Phong Q" sort="Nguen, Phong Q" uniqKey="Nguen P" first="Phong Q." last="Nguên">Phong Q. Nguên</name>
</author>
<author><name sortKey="Stehle, Damien" sort="Stehle, Damien" uniqKey="Stehle D" first="Damien" last="Stehlé">Damien Stehlé</name>
</author>
</titleStmt>
<publicationStmt><idno type="wicri:source">ISTEX</idno>
<idno type="RBID">ISTEX:9CD6779A71CD1A56FD89A716A2C2CF047A672CB1</idno>
<date when="2005" year="2005">2005</date>
<idno type="doi">10.1007/11426639_13</idno>
<idno type="url">https://api.istex.fr/ark:/67375/HCB-VF0KK9W1-H/fulltext.pdf</idno>
<idno type="wicri:Area/Istex/Corpus">002471</idno>
<idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Corpus" wicri:corpus="ISTEX">002471</idno>
<idno type="wicri:Area/Istex/Curation">002440</idno>
<idno type="wicri:Area/Istex/Checkpoint">001575</idno>
<idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Checkpoint">001575</idno>
</publicationStmt>
<sourceDesc><biblStruct><analytic><title level="a" type="main" xml:lang="en">Floating-Point LLL Revisited</title>
<author><name sortKey="Nguen, Phong Q" sort="Nguen, Phong Q" uniqKey="Nguen P" first="Phong Q." last="Nguên">Phong Q. Nguên</name>
<affiliation wicri:level="3"><country xml:lang="fr">France</country>
<wicri:regionArea>CNRS/École normale supérieure, DI, 45 rue d’Ulm, 75005, Paris</wicri:regionArea>
<placeName><region type="region" nuts="2">Île-de-France</region>
<settlement type="city">Paris</settlement>
</placeName>
</affiliation>
<affiliation wicri:level="1"><country wicri:rule="url">France</country>
</affiliation>
</author>
<author><name sortKey="Stehle, Damien" sort="Stehle, Damien" uniqKey="Stehle D" first="Damien" last="Stehlé">Damien Stehlé</name>
<affiliation wicri:level="3"><country xml:lang="fr">France</country>
<wicri:regionArea>Univ. Nancy 1/LORIA, 615 rue du J. Botanique, 54602, Villers-lès-Nancy</wicri:regionArea>
<placeName><region type="region" nuts="2">Grand Est</region>
<region type="old region" nuts="2">Lorraine (région)</region>
<settlement type="city">Villers-lès-Nancy</settlement>
</placeName>
</affiliation>
<affiliation wicri:level="1"><country wicri:rule="url">France</country>
</affiliation>
</author>
</analytic>
<monogr></monogr>
<series><title level="s" type="main" xml:lang="en">Lecture Notes in Computer Science</title>
<idno type="ISSN">0302-9743</idno>
<idno type="eISSN">1611-3349</idno>
<idno type="ISSN">0302-9743</idno>
</series>
</biblStruct>
</sourceDesc>
<seriesStmt><idno type="ISSN">0302-9743</idno>
</seriesStmt>
</fileDesc>
<profileDesc><textClass></textClass>
</profileDesc>
</teiHeader>
<front><div type="abstract" xml:lang="en">Abstract: The Lenstra-Lenstra-Lovász lattice basis reduction algorithm (LLL or L3) is a very popular tool in public-key cryptanalysis and in many other fields. Given an integer d-dimensional lattice basis with vectors of norm less than B in an n-dimensional space, L3 outputs a so-called L3-reduced basis in polynomial time O(d 5 n log3 B), using arithmetic operations on integers of bit-length O(d log B). This worst-case complexity is problematic for lattices arising in cryptanalysis where d or/and log B are often large. As a result, the original L3 is almost never used in practice. Instead, one applies floating-point variants of L3, where the long-integer arithmetic required by Gram-Schmidt orthogonalisation (central in L3) is replaced by floating-point arithmetic. Unfortunately, this is known to be unstable in the worst-case: the usual floating-point L3 is not even guaranteed to terminate, and the output basis may not be L3-reduced at all. In this article, we introduce the L2 algorithm, a new and natural floating-point variant of L3 which provably outputs L3-reduced bases in polynomial time O(d 4 n (d + log B) log B). This is the first L3 algorithm whose running time (without fast integer arithmetic) provably grows only quadratically with respect to log B, like the well-known Euclidean and Gaussian algorithms, which it generalizes.</div>
</front>
</TEI>
<affiliations><list><country><li>France</li>
</country>
<region><li>Grand Est</li>
<li>Lorraine (région)</li>
<li>Île-de-France</li>
</region>
<settlement><li>Paris</li>
<li>Villers-lès-Nancy</li>
</settlement>
</list>
<tree><country name="France"><region name="Île-de-France"><name sortKey="Nguen, Phong Q" sort="Nguen, Phong Q" uniqKey="Nguen P" first="Phong Q." last="Nguên">Phong Q. Nguên</name>
</region>
<name sortKey="Nguen, Phong Q" sort="Nguen, Phong Q" uniqKey="Nguen P" first="Phong Q." last="Nguên">Phong Q. Nguên</name>
<name sortKey="Stehle, Damien" sort="Stehle, Damien" uniqKey="Stehle D" first="Damien" last="Stehlé">Damien Stehlé</name>
<name sortKey="Stehle, Damien" sort="Stehle, Damien" uniqKey="Stehle D" first="Damien" last="Stehlé">Damien Stehlé</name>
</country>
</tree>
</affiliations>
</record>
Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Istex/Checkpoint
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 001575 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Istex/Checkpoint/biblio.hfd -nk 001575 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien |wiki= Wicri/Lorraine |area= InforLorV4 |flux= Istex |étape= Checkpoint |type= RBID |clé= ISTEX:9CD6779A71CD1A56FD89A716A2C2CF047A672CB1 |texte= Floating-Point LLL Revisited }}
![]() | This area was generated with Dilib version V0.6.33. | ![]() |