Sieving for shortest vectors in lattices using angular locality-sensitive hashing

T.M.M. Laarhoven

doi:10.1007/978-3-662-47989-6_1

Sieving for shortest vectors in lattices using angular locality-sensitive hashing

T.M.M. Laarhoven

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/Congresprocedure › Conferentiebijdrage › Academic › peer review

48 Citaten (Scopus)

Samenvatting

By replacing the brute-force list search in sieving algorithms with Charikar’s angular locality-sensitive hashing (LSH) method, we get both theoretical and practical speedups for solving the shortest vector problem (SVP) on lattices. Combining angular LSH with a variant of Nguyen and Vidick’s heuristic sieve algorithm, we obtain heuristic time and space complexities for solving SVP of 2^0.3366n+o(n) and 2^0.2075n+o(n) respectively, while combining the same hash family with Micciancio and Voulgaris’ GaussSieve algorithm leads to an algorithm with (conjectured) heuristic time and space complexities of 2^0.3366n+o(n). Experiments with the GaussSieve-variant show that in moderate dimensions the proposed HashSieve algorithm already outperforms the GaussSieve, and the practical increase in the space complexity is much smaller than the asymptotic bounds suggest, and can be further reduced with probing. Extrapolating to higher dimensions, we estimate that a fully optimized and parallelized implementation of the GaussSieve-based HashSieve algorithm might need a few core years to solve SVP in dimension 130 or even 140. Keywords: Lattices; Shortest vector problem (SVP); Sieving algorithms; Approximate nearest neighbor problem; Locality-sensitive hashing (LSH)

Originele taal-2	Engels
Titel	Advances in Cryptology - CRYPTO 2015 (35th Annual Cryptology Conference, Santa Barbara CA, USA, August 16-20, 2015), Part I
Redacteuren	R. Gennaro, M. Robshaw
Plaats van productie	Berlin
Uitgeverij	Springer
Pagina's	3-22
ISBN van geprinte versie	978-3-662-47988-9
DOI's	https://doi.org/10.1007/978-3-662-47989-6_1
Status	Gepubliceerd - 2015
Evenement	35th Annual International Cryptology Conference (CRYPTO 2015), August 16-20, 2015, Santa Barbara, CA, USA - University of California, Santa Barbara (UCSB) , Santa Barbara, CA, Verenigde Staten van Amerika Duur: 16 aug 2015 → 20 aug 2015 https://www.iacr.org/conferences/crypto2015/

Publicatie series

Naam	Lecture Notes in Computer Science
Volume	9215
ISSN van geprinte versie	0302-9743

Congres

Congres	35th Annual International Cryptology Conference (CRYPTO 2015), August 16-20, 2015, Santa Barbara, CA, USA
Verkorte titel	CRYPTO 2015
Land	Verenigde Staten van Amerika
Stad	Santa Barbara, CA
Periode	16/08/15 → 20/08/15
Ander	35th Annual Cryptology Conference on Advances in Cryptology
Internet adres	https://www.iacr.org/conferences/crypto2015/

Toegang tot document

10.1007/978-3-662-47989-6_1

Vingerafdruk Duik in de onderzoeksthema's van 'Sieving for shortest vectors in lattices using angular locality-sensitive hashing'. Samen vormen ze een unieke vingerafdruk.

Citeer dit

Laarhoven, T. M. M. (2015). Sieving for shortest vectors in lattices using angular locality-sensitive hashing. In R. Gennaro, & M. Robshaw (editors), Advances in Cryptology - CRYPTO 2015 (35th Annual Cryptology Conference, Santa Barbara CA, USA, August 16-20, 2015), Part I (blz. 3-22). (Lecture Notes in Computer Science; Vol. 9215). Springer. https://doi.org/10.1007/978-3-662-47989-6_1

@inproceedings{521dad7ab6b142fa93aeec30b05f78e1,

title = "Sieving for shortest vectors in lattices using angular locality-sensitive hashing",

abstract = "By replacing the brute-force list search in sieving algorithms with Charikar{\textquoteright}s angular locality-sensitive hashing (LSH) method, we get both theoretical and practical speedups for solving the shortest vector problem (SVP) on lattices. Combining angular LSH with a variant of Nguyen and Vidick{\textquoteright}s heuristic sieve algorithm, we obtain heuristic time and space complexities for solving SVP of 2^0.3366n+o(n) and 2^0.2075n+o(n) respectively, while combining the same hash family with Micciancio and Voulgaris{\textquoteright} GaussSieve algorithm leads to an algorithm with (conjectured) heuristic time and space complexities of 2^0.3366n+o(n). Experiments with the GaussSieve-variant show that in moderate dimensions the proposed HashSieve algorithm already outperforms the GaussSieve, and the practical increase in the space complexity is much smaller than the asymptotic bounds suggest, and can be further reduced with probing. Extrapolating to higher dimensions, we estimate that a fully optimized and parallelized implementation of the GaussSieve-based HashSieve algorithm might need a few core years to solve SVP in dimension 130 or even 140. Keywords: Lattices; Shortest vector problem (SVP); Sieving algorithms; Approximate nearest neighbor problem; Locality-sensitive hashing (LSH)",

author = "T.M.M. Laarhoven",

year = "2015",

doi = "10.1007/978-3-662-47989-6_1",

language = "English",

isbn = "978-3-662-47988-9",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "3--22",

editor = "R. Gennaro and M. Robshaw",

booktitle = "Advances in Cryptology - CRYPTO 2015 (35th Annual Cryptology Conference, Santa Barbara CA, USA, August 16-20, 2015), Part I",

address = "Germany",

note = "35th Annual International Cryptology Conference (CRYPTO 2015), August 16-20, 2015, Santa Barbara, CA, USA, CRYPTO 2015 ; Conference date: 16-08-2015 Through 20-08-2015",

url = "https://www.iacr.org/conferences/crypto2015/",

}

Laarhoven, TMM 2015, Sieving for shortest vectors in lattices using angular locality-sensitive hashing. in R Gennaro & M Robshaw (redactie), Advances in Cryptology - CRYPTO 2015 (35th Annual Cryptology Conference, Santa Barbara CA, USA, August 16-20, 2015), Part I. Lecture Notes in Computer Science, vol. 9215, Springer, Berlin, blz. 3-22, 35th Annual International Cryptology Conference (CRYPTO 2015), August 16-20, 2015, Santa Barbara, CA, USA, Santa Barbara, CA, Verenigde Staten van Amerika, 16/08/15. https://doi.org/10.1007/978-3-662-47989-6_1

Sieving for shortest vectors in lattices using angular locality-sensitive hashing. / Laarhoven, T.M.M.

Advances in Cryptology - CRYPTO 2015 (35th Annual Cryptology Conference, Santa Barbara CA, USA, August 16-20, 2015), Part I. redactie / R. Gennaro; M. Robshaw. Berlin : Springer, 2015. blz. 3-22 (Lecture Notes in Computer Science; Vol. 9215).

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/Congresprocedure › Conferentiebijdrage › Academic › peer review

TY - GEN

T1 - Sieving for shortest vectors in lattices using angular locality-sensitive hashing

AU - Laarhoven, T.M.M.

PY - 2015

Y1 - 2015

N2 - By replacing the brute-force list search in sieving algorithms with Charikar’s angular locality-sensitive hashing (LSH) method, we get both theoretical and practical speedups for solving the shortest vector problem (SVP) on lattices. Combining angular LSH with a variant of Nguyen and Vidick’s heuristic sieve algorithm, we obtain heuristic time and space complexities for solving SVP of 2^0.3366n+o(n) and 2^0.2075n+o(n) respectively, while combining the same hash family with Micciancio and Voulgaris’ GaussSieve algorithm leads to an algorithm with (conjectured) heuristic time and space complexities of 2^0.3366n+o(n). Experiments with the GaussSieve-variant show that in moderate dimensions the proposed HashSieve algorithm already outperforms the GaussSieve, and the practical increase in the space complexity is much smaller than the asymptotic bounds suggest, and can be further reduced with probing. Extrapolating to higher dimensions, we estimate that a fully optimized and parallelized implementation of the GaussSieve-based HashSieve algorithm might need a few core years to solve SVP in dimension 130 or even 140. Keywords: Lattices; Shortest vector problem (SVP); Sieving algorithms; Approximate nearest neighbor problem; Locality-sensitive hashing (LSH)

AB - By replacing the brute-force list search in sieving algorithms with Charikar’s angular locality-sensitive hashing (LSH) method, we get both theoretical and practical speedups for solving the shortest vector problem (SVP) on lattices. Combining angular LSH with a variant of Nguyen and Vidick’s heuristic sieve algorithm, we obtain heuristic time and space complexities for solving SVP of 2^0.3366n+o(n) and 2^0.2075n+o(n) respectively, while combining the same hash family with Micciancio and Voulgaris’ GaussSieve algorithm leads to an algorithm with (conjectured) heuristic time and space complexities of 2^0.3366n+o(n). Experiments with the GaussSieve-variant show that in moderate dimensions the proposed HashSieve algorithm already outperforms the GaussSieve, and the practical increase in the space complexity is much smaller than the asymptotic bounds suggest, and can be further reduced with probing. Extrapolating to higher dimensions, we estimate that a fully optimized and parallelized implementation of the GaussSieve-based HashSieve algorithm might need a few core years to solve SVP in dimension 130 or even 140. Keywords: Lattices; Shortest vector problem (SVP); Sieving algorithms; Approximate nearest neighbor problem; Locality-sensitive hashing (LSH)

U2 - 10.1007/978-3-662-47989-6_1

DO - 10.1007/978-3-662-47989-6_1

M3 - Conference contribution

SN - 978-3-662-47988-9

T3 - Lecture Notes in Computer Science

SP - 3

EP - 22

BT - Advances in Cryptology - CRYPTO 2015 (35th Annual Cryptology Conference, Santa Barbara CA, USA, August 16-20, 2015), Part I

A2 - Gennaro, R.

A2 - Robshaw, M.

PB - Springer

CY - Berlin

T2 - 35th Annual International Cryptology Conference (CRYPTO 2015), August 16-20, 2015, Santa Barbara, CA, USA

Y2 - 16 August 2015 through 20 August 2015

ER -

Laarhoven TMM. Sieving for shortest vectors in lattices using angular locality-sensitive hashing. In Gennaro R, Robshaw M, redacteurs, Advances in Cryptology - CRYPTO 2015 (35th Annual Cryptology Conference, Santa Barbara CA, USA, August 16-20, 2015), Part I. Berlin: Springer. 2015. blz. 3-22. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-662-47989-6_1