# Sieving for closest lattice vectors (with preprocessing)

10 Citaten (Scopus)

## Samenvatting

Lattice-based cryptography has recently emerged as a prime candidate for efficient and secure post-quantum cryptography. The two main hard problems underlying its security are the shortest vector problem (SVP) and the closest vector problem (CVP). Various algorithms have been studied for solving these problems, and for SVP, lattice sieving currently dominates in terms of the asymptotic time complexity: one can heuristically solve SVP in time $2^{0.292d}$ in high dimensions $d$ [BDGL'16]. Although several SVP algorithms can also be used to solve CVP, it is not clear whether this also holds for heuristic lattice sieving methods. The best time complexity for CVP is currently $2^{0.377d}$ [BGJ'14]. In this paper we revisit sieving algorithms for solving SVP, and study how these algorithms can be modified to solve CVP and its variants as well. Our first method is aimed at solving one problem instance and minimizes the overall time complexity for a single CVP instance with a time complexity of $2^{0.292d}$. Our second method minimizes the amortized time complexity for several instances on the same lattice, at the cost of a larger preprocessing cost. We can solve the closest vector problem with preprocessing (CVPP) with $2^{0.636d}$ space and preprocessing, in $2^{0.136d}$ time, while the query complexity can even be reduced to $2^{\epsilon d}$ at the cost of preprocessing time and memory complexities of $(1/\epsilon)^{O(d)}$. For easier variants of CVP, such as approximate CVP and bounded distance decoding (BDD), we further show how the preprocessing method achieves even better complexities. For instance, we can solve approximate CVPP with large approximation factors $k$ with polynomial-sized advice in polynomial time if $k = \Omega(\sqrt{d/\log d})$, heuristically closing the gap between the decision-CVPP result of [AR'04] and the search-CVPP result of [DRS'14].
Originele taal-2 Engels Selected Areas in Cryptography – SAC 2016 23rd International Conference, St. John's, NL, Canada, August 10-12, 2016, Revised Selected Papers R. Avanzi, H. Heys Dordrecht Springer 533-542 978-3-319-69453-5 978-3-319-69452-8 https://doi.org/10.1007/978-3-319-69453-5_28 Gepubliceerd - 16 jul 2016 23rd International Conference on Selected Areas in Cryptography (SAC 2016) - St. John's, CanadaDuur: 10 aug 2016 → 12 aug 2016Congresnummer: 23

### Publicatie series

Naam LNCS 10532

### Congres

Congres 23rd International Conference on Selected Areas in Cryptography (SAC 2016) SAC 2016 Canada St. John's 10/08/16 → 12/08/16