一种基于过格的筛选算法

Q1 Mathematics

Lms Journal of Computation and Mathematics Pub Date : 2014-08-01 DOI:10.1112/S1461157014000229

Anja Becker, Nicolas Gama, A. Joux

{"title":"一种基于过格的筛选算法","authors":"Anja Becker, Nicolas Gama, A. Joux","doi":"10.1112/S1461157014000229","DOIUrl":null,"url":null,"abstract":"In this paper, we present a heuristic algorithm for solving exact, as well as approximate, shortest vector and closest vector problems on lattices. The algorithm can be seen as a modified sieving algorithm for which the vectors of the intermediate sets lie in overlattices or translated cosets of overlattices. The key idea is hence no longer to work with a single lattice but to move the problems around in a tower of related lattices. We initiate the algorithm by sampling very short vectors in an overlattice of the original lattice that admits a quasi-orthonormal basis and hence an efficient enumeration of vectors of bounded norm. Taking sums of vectors in the sample, we construct short vectors in the next lattice. Finally, we obtain solution vector(s) in the initial lattice as a sum of vectors of an overlattice. The complexity analysis relies on the Gaussian heuristic. This heuristic is backed by experiments in low and high dimensions that closely reflect these estimates when solving hard lattice problems in the average case. \n \nThis new approach allows us to solve not only shortest vector problems, but also closest vector problems, in lattices of dimension $n$ in time $2^{0.3774n}$ using memory $2^{0.2925n}$. Moreover, the algorithm is straightforward to parallelize on most computer architectures.","PeriodicalId":54381,"journal":{"name":"Lms Journal of Computation and Mathematics","volume":"17 1","pages":"49-70"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1112/S1461157014000229","citationCount":"40","resultStr":"{\"title\":\"A sieve algorithm based on overlattices\",\"authors\":\"Anja Becker, Nicolas Gama, A. Joux\",\"doi\":\"10.1112/S1461157014000229\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we present a heuristic algorithm for solving exact, as well as approximate, shortest vector and closest vector problems on lattices. The algorithm can be seen as a modified sieving algorithm for which the vectors of the intermediate sets lie in overlattices or translated cosets of overlattices. The key idea is hence no longer to work with a single lattice but to move the problems around in a tower of related lattices. We initiate the algorithm by sampling very short vectors in an overlattice of the original lattice that admits a quasi-orthonormal basis and hence an efficient enumeration of vectors of bounded norm. Taking sums of vectors in the sample, we construct short vectors in the next lattice. Finally, we obtain solution vector(s) in the initial lattice as a sum of vectors of an overlattice. The complexity analysis relies on the Gaussian heuristic. This heuristic is backed by experiments in low and high dimensions that closely reflect these estimates when solving hard lattice problems in the average case. \\n \\nThis new approach allows us to solve not only shortest vector problems, but also closest vector problems, in lattices of dimension $n$ in time $2^{0.3774n}$ using memory $2^{0.2925n}$. Moreover, the algorithm is straightforward to parallelize on most computer architectures.\",\"PeriodicalId\":54381,\"journal\":{\"name\":\"Lms Journal of Computation and Mathematics\",\"volume\":\"17 1\",\"pages\":\"49-70\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1112/S1461157014000229\",\"citationCount\":\"40\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Lms Journal of Computation and Mathematics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1112/S1461157014000229\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"Mathematics\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Lms Journal of Computation and Mathematics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1112/S1461157014000229","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"Mathematics","Score":null,"Total":0}

引用次数: 40

摘要

本文提出了一种启发式算法，用于求解格上的精确、近似、最短向量和最近向量问题。该算法可以看作是一种改进的筛分算法，其中中间集的向量位于过格或过格的平移协集中。因此，关键思想不再是处理单个晶格，而是在相关晶格的塔中移动问题。我们通过在原始格的过格中采样非常短的向量来启动算法，该过格允许一个准标准正交基，因此可以有效地枚举有界范数的向量。取样本中的向量和，我们在下一个晶格中构造短向量。最后，我们得到了初始格中的解向量(s)作为一个上格的向量和。复杂度分析依赖于高斯启发式。这种启发式是由低维和高维的实验支持的，在解决平均情况下的硬晶格问题时，这些实验密切反映了这些估计。这个新方法允许我们在时间$2^{0.3774n}$使用内存$2^{0.2925n}$的时间$2^{0.3774n}$中，在维数$n$的格中，不仅解决最短向量问题，而且解决最近向量问题。此外，该算法易于在大多数计算机体系结构上并行化。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A sieve algorithm based on overlattices

In this paper, we present a heuristic algorithm for solving exact, as well as approximate, shortest vector and closest vector problems on lattices. The algorithm can be seen as a modified sieving algorithm for which the vectors of the intermediate sets lie in overlattices or translated cosets of overlattices. The key idea is hence no longer to work with a single lattice but to move the problems around in a tower of related lattices. We initiate the algorithm by sampling very short vectors in an overlattice of the original lattice that admits a quasi-orthonormal basis and hence an efficient enumeration of vectors of bounded norm. Taking sums of vectors in the sample, we construct short vectors in the next lattice. Finally, we obtain solution vector(s) in the initial lattice as a sum of vectors of an overlattice. The complexity analysis relies on the Gaussian heuristic. This heuristic is backed by experiments in low and high dimensions that closely reflect these estimates when solving hard lattice problems in the average case. This new approach allows us to solve not only shortest vector problems, but also closest vector problems, in lattices of dimension $n$ in time $2^{0.3774n}$ using memory $2^{0.2925n}$. Moreover, the algorithm is straightforward to parallelize on most computer architectures.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Lms Journal of Computation and Mathematics MATHEMATICS, APPLIED-MATHEMATICS

CiteScore

2.60

自引率

0.00%

发文量

审稿时长

>12 weeks

期刊介绍： LMS Journal of Computation and Mathematics has ceased publication. Its final volume is Volume 20 (2017). LMS Journal of Computation and Mathematics is an electronic-only resource that comprises papers on the computational aspects of mathematics, mathematical aspects of computation, and papers in mathematics which benefit from having been published electronically. The journal is refereed to the same high standard as the established LMS journals, and carries a commitment from the LMS to keep it archived into the indefinite future. Access is free until further notice.