Abstract
AbstractRecently, lattice-based cryptography has received attention as a candidate of post-quantum cryptography (PQC). The essential security of lattice-based cryptography is based on the hardness of classical lattice problems such as the shortest vector problem (SVP) and the closest vector problem (CVP). A number of algorithms have been proposed for solving SVP exactly or approximately, and most of them are useful also for solving CVP. In this paper, we give a survey of typical algorithms for solving SVP from a mathematical point of view. We also present recent strategies for solving the Darmstadt SVP challenge in dimensions higher than 150.
Reference54 articles.
1. M. Ajtai, Generating hard instances of lattice problems, in Symposium on Theory of Computing (STOC 1996) (ACM, 1996), pp. 99–108
2. M. Ajtai, R. Kumar, D. Sivakumar, A sieve algorithm for the shortest lattice vector problem, in Symposium on Theory of Computing (STOC 2001) (ACM, 2001), pp. 601–610
3. M. Albrecht, L. Ducas, G. Herold, E. Kirshanova, E.W. Postlethwaite, M. Stevens, The general sieve kernel and new records in lattice reduction. Advances in Cryptology–EUROCRYPT 2019, Lecture Notes in Computer Science, vol. 11477 (Springer, Berlin, 2019), pp. 717–746
4. M.R. Albrecht, B.R. Curtis, A. Deo, A. Davidson, R. Player, E.W. Postlethwaite, F. Virdia, T. Wunderer, Estimate all the LWE, NTRU schemes! Security and Cryptography for Networks (SCN 2018), Lecture Notes in Computer Science, vol. 11035 (2018), pp. 351–367
5. Y. Aono, P.Q. Nguyen, Random sampling revisited: Lattice enumeration with discrete pruning. Advances in Cryptology–EUROCRYPT 2017, Lecture Notes in Computer Science, vol. 10211 (Springer, Berlin, 2017), pp. 65–102
Cited by
7 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献