A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
The optimal LLL algorithm is still polynomial in fixed dimension
2003
Theoretical Computer Science
Preserved Fulltext
ACM 32(1) (1985) 229) seem to show that the algorithm remains polynomial in average. ...
However, no bound better than a naive exponential order one is established for the worst-case complexity of the optimal LLL algorithm, even for ÿxed small dimension (higher than 2). ...
Acknowledgements I am indebted to Brigitte Vallà ee for drawing my attention to algorithmic problems in lattice theory and for regular helpful discussions. ...
doi:10.1016/s0304-3975(02)00616-3
fatcat:w2txuny4vvee7m4zkgfbdi6t34
Worst-Case Complexity of the Optimal LLL Algorithm
[chapter]
2000
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
However no bound better than a naive exponential order one is established for the worstcase complexity of the optimal LLL algorithm, even for fixed small dimension (higher than ¾). ...
Here we prove that, for any fixed dimension Ò, the number of iterations of the LLL algorithm is linear with respect to the size of the input. ...
I am indebted to Brigitte Vallée for drawing my attention to algorithmic problems in lattice theory and for regular helpful discussions. I wish to thank her also for her help to improve this paper. ...
doi:10.1007/10719839_35
fatcat:uzqcj2goejeylmnimxabdepdei
Adaptive Precision Floating Point LLL
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
The LLL algorithm is one of the most studied lattice basis reduction algorithms in the literature. ...
In its classic setting, the floating point precision is a fixed value, determined by the dimension of the input basis at the initiation of the algorithm. ...
The LLL algorithm, named after its inventors, Lenstra, Lenstra and Lovász [11] , is a polynomial time lattice reduction algorithm. ...
doi:10.1007/978-3-642-39059-3_8
fatcat:s27mn24dgbhhxkx6ogdakksiwe
Integer Programming and Algorithmic Geometry of Numbers
[chapter]
2009
50 Years of Integer Programming 1958-2008
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Lenstra's algorithm runs in polynomial time in the input encoding length if the dimension is fixed. ...
It turns out that the parametric shortest vector problem can be solved in linear time when the dimension is fixed with a cascaded LLL-algorithm. ...
doi:10.1007/978-3-540-68279-0_14
fatcat:c7iusb6esbgpnbjnmohiokwegy
Formalizing the LLL Basis Reduction Algorithm and the LLL Factorization Algorithm in Isabelle/HOL
2020
Journal of automated reasoning
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The LLL basis reduction algorithm was the first polynomial-time algorithm to compute a reduced basis of a given lattice, and hence also a short vector in the lattice. ...
The algorithm has applications in number theory, computer algebra and cryptography. In this paper, we provide an implementation of the LLL algorithm. ...
Sebastiaan is now working at University of Twente, the Netherlands, and supported by the NWO VICI 639.023.710 Mercedes project. ...
doi:10.1007/s10817-020-09552-1
pmid:32831440
pmcid:PMC7413592
fatcat:fhfgozhs5zhvzg7zfooxpdiina
Cryptanalysis of RSA: A Special Case of Boneh-Durfee's Attack
[article]
2020
IACR Cryptology ePrint Archive
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
The core objective is to explore RSA polynomials underlying algebraic structure so that we can improve the performance of weak key attacks. ...
Boneh-Durfee proposed (at Eurocrypt 1999) a polynomial time attacks on RSA small decryption exponent which exploits lattices and sub-lattice structure to obtain an optimized bounds d < N 0.284 and d < ...
After that LLL algorithm process the scanned lattice efficiently especially it is useful for large dimension matrices. Only pick specific vectors whose dimension approximately remains same. ...
dblp:journals/iacr/MumtazL20
fatcat:sgoegczurrfatbbcuvcw7dzrya
A Formalization of the LLL Basis Reduction Algorithm
[chapter]
2018
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We additionally integrate one application of LLL, namely a verified factorization algorithm for univariate integer polynomials which runs in polynomial time. ...
The LLL basis reduction algorithm was the first polynomialtime algorithm to compute a reduced basis of a given lattice, and hence also a short vector in the lattice. ...
This research was supported by the Austrian Science Fund (FWF) project Y757. Jose Divasón is partially funded by the Spanish projects MTM2014-54151-P and MTM2017-88804-P. ...
doi:10.1007/978-3-319-94821-8_10
fatcat:fpazlnxfyrhvzltnl23t6u36e4
The History of the LLL-Algorithm
[chapter]
2009
The LLL Algorithm
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Polynomial Factorization Arjen Lenstra's connection with the LLL-algorithm began while he still was a student. ...
If the solution set K is full-dimensional, then vol(K) > 0 and one can prove that log(1/vol(K)) is bounded by a polynomial in the dimension n and the length of the rest of input for K. ...
doi:10.1007/978-3-642-02295-1_1
dblp:series/isc/SmeetsLLLB10
fatcat:dtyaqbe255fozauekdsl543ora
Page 2614 of Mathematical Reviews Vol. , Issue 2001D
[page]
2001
Mathematical Reviews
Preserved Fulltext
The Internet Archive has digitized a microfilm copy of this work. It may be possible to borrow a copy for reading.
Classical results concern the optimal order of n(e,d), for fixed dimension d, as a function of ¢. Usually these results include an unknown constant Cy, which depends on d. ...
The number n(e,d) is the minimal number of function values needed for a worst case error € in the dimension d for the class Fy. ...
Techniques for Solving Shortest Vector Problem
2021
International Journal of Advanced Computer Science and Applications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
More precisely, this paper presents four algorithms: the Lenstra-Lenstra-Lovasz (LLL) algorithm, the Block Korkine-Zolotarev (BKZ) algorithm, a Metropolis algorithm, and a convex relaxation of SVP. ...
This problem has a great many applications such as optimization, communication theory, cryptography, etc. ...
ACKNOWLEDGMENT The authors would like to thank the reviewers for their valuable comments. ...
doi:10.14569/ijacsa.2021.0120598
fatcat:x2hfrvhtyjewnniblcyiu7deru
Approximate common divisors via lattices
[article]
2012
arXiv
pre-print
Preserved Fulltext
The Internet Archive has a preservation copy of this work in our general collections.
The file type is application/pdf.
Other Versions
The multivariate approximate common divisor problem is the number-theoretic analogue of multivariate polynomial reconstruction, and we develop a corresponding lattice-based algorithm for the latter problem ...
While these results do not challenge the suggested parameters, a 2^(n^epsilon) approximation algorithm with epsilon<2/3 for lattice basis reduction in n dimensions could be used to break these parameters ...
The algorithm runs in polynomial time for fixed m. ...
arXiv:1108.2714v2
fatcat:u4dmeg7ulbhcljzauzuxtkddj4
Fast Lattice Point Enumeration with Minimal Overhead
[chapter]
2014
Proceedings of the Twenty-Sixth Annual ACM-SIAM Symposium on Discrete Algorithms
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
The last technique is used to obtain a new SVP enumeration procedure withÕ(n n/2e ) running time, matching (even in the constant in the exponent) the optimal worst-case analysis (Hanrot and Stehlé, CRYPTO ...
Enumeration algorithms are the best currently known methods to solve lattice problems, both in theory (within the class of polynomial space algorithms), and in practice (where they are routinely used to ...
polynomial in the dimension n. ...
doi:10.1137/1.9781611973730.21
dblp:conf/soda/MicciancioW15
fatcat:wf3jvwa47falzk4nuabsayq2yi
New Results for Partial Key Exposure on RSA with Exponent Blinding
2015
Proceedings of the 12th International Conference on Security and Cryptography
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
This type of attacks is of particular interest in the context of side-channel attacks. ...
Additionally, we apply partial key exposure attacks to CRT-RSA when exponent blinding is used, a case not yet analyzed in literature. ...
ACKNOWLEDGEMENTS This work was partly supported by the Italian MIUR project SecurityHorizons (c.n. 2010XSEMLC). ...
doi:10.5220/0005571701360147
dblp:conf/secrypt/CimatoMS15
fatcat:z4xlwabdrvadblonvhaln6izvy
Decoding by Sampling: A Randomized Lattice Algorithm for Bounded Distance Decoding
2011
IEEE Transactions on Information Theory
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Of particular interest is that a fixed gain in the decoding radius compared to Babai's decoding can be achieved at polynomial complexity. ...
The technical contribution of this paper is two-fold: we analyze and optimize the decoding radius of sampling decoding resulting in better error performance than Klein's original algorithm, and propose ...
The third author gratefully acknowledges the Department of Computing of Macquarie University and the Department of Mathematics and Statistics of the University of Sydney, where part of this work was undergone ...
doi:10.1109/tit.2011.2162180
fatcat:tju7blaa65g4nlxrn77tcltrpa
Analyzing Blockwise Lattice Algorithms Using Dynamical Systems
[chapter]
2011
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
(or SVP) subroutine, then BKZ returns a basis whose first vector has norm ≤ 2ν n−1 2(β−1) + 3 2 β · (det L) 1 n , where ν β ≤ β is the maximum of Hermite's constants in dimensions ≤ β. ...
Among them, the BKZ algorithm introduced by Schnorr and Euchner [FCT'91] seems to achieve the best time/quality compromise in practice. ...
Nguyen for explaining to us their bound on the number of tours of the original BKZ algorithm. We also thank C.-P. Schnorr for helpful discussions. ...
doi:10.1007/978-3-642-22792-9_25
fatcat:wmrqaut75bgwljwomdfvqyuiou
« Previous
Showing results 1 — 15 out of 1,143 results