[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Lattice Reduction in Cryptology: An Update

  • Conference paper
Algorithmic Number Theory (ANTS 2000)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1838))

Included in the following conference series:

Abstract

Lattices are regular arrangements of points in space, whose study appeared in the 19th century in both number theory and crystallography. The goal of lattice reduction is to find useful representations of lattices. A major breakthrough in that field occurred twenty years ago, with the appearance of Lovász’s reduction algorithm, also known as LLL or L3. Lattice reduction algorithms have since proved invaluable in many areas of mathematics and computer science, especially in algorithmic number theory and cryptology. In this paper, we survey some applications of lattices to cryptology. We focus on recent developments of lattice reduction both in cryptography and cryptanalysis, which followed seminal works of Ajtai and Coppersmith.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 71.50
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 89.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Adleman, L.M.: On breaking generalized knapsack publick key cryptosystems. In: Proc. of 15th STOC, pp. 402–412. ACM Press, New York (1983)

    Google Scholar 

  2. Adleman, L.M.: Factoring and lattice reduction (1995) (unpublished manuscript)

    Google Scholar 

  3. Ajtai, M.: Generating hard instances of lattice problems. In: Proc. of 28th STOC, pp. 99–108. ACM Press, New York (1996); Available at [39] at TR96-007

    Google Scholar 

  4. Ajtai, M.: The shortest vector problem in L2 is NP-hard for randomized reductions. In: Proc. of 30th STOC. ACM Press, New York (1998); Available at [39] as TR97-047

    Google Scholar 

  5. Ajtai, M., Dwork, C.: A public-key cryptosystem with worst-case/average-case equivalence. In: Proc. of 29th STOC, pp. 284–293. ACM Press, New York (1997); Available at [39] at TR96-065

    Google Scholar 

  6. Arora, S., Babai, L., Stern, J., Sweedyk, Z.: The hardness of approximate optima in lattices, codes, and systems of linear equations. Journal of Computer and System Sciences 54(2), 317–331 (1997)

    Article  MATH  MathSciNet  Google Scholar 

  7. Babai, L.: On Lovász lattice reduction and the nearest lattice point problem. Combinatorica 6, 1–13 (1986)

    Article  MATH  MathSciNet  Google Scholar 

  8. Bellare, M., Goldwasser, S., Micciancio, D.: “Pseudo-random” number generation within cryptographic algorithms: The DSS case. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 277–291. Springer, Heidelberg (1997)

    Google Scholar 

  9. Bleichenbacher, D.: On the security of the KMOV public key cryptosystem. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 235–248. Springer, Heidelberg (1997)

    Google Scholar 

  10. Bleichenbacher, D., Nguyen, P.Q.: Noisy polynomial interpolation and noisy Chinese remaindering. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 53. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  11. Blömer, J., Seifert, J.-P.: On the complexity of computing short linearly independent vectors and short bases in a lattice. In: Proc. of 31st STOC. ACM, New York (1999)

    Google Scholar 

  12. Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  13. Boneh, D.: Twenty years of attacks on the RSA cryptosystem. Notices of the AMS 46(2), 203–213 (1999)

    MATH  MathSciNet  Google Scholar 

  14. Boneh, D.: Finding smooth integers in short intervals using CRT decoding. In: Proc. of 32nd STOC. ACM Press, New York (2000)

    Google Scholar 

  15. Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key d less than n0:292. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 1–11. Springer, Heidelberg (1999)

    Google Scholar 

  16. Boneh, D., Durfee, G., Frankel, Y.: An attack on RSA given a small fraction of the private key bits. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 25–34. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  17. Boneh, D., Durfee, G., Howgrave-Graham, N.: Factoring N = p rq for large r. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 326. Springer, Heidelberg (1999)

    Google Scholar 

  18. Boneh, D., Venkatesan, R.: Hardness of computing the most significant bits of secret keys in diffie-hellman and related schemes. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129–142. Springer, Heidelberg (1996)

    Google Scholar 

  19. Boneh, D., Venkatesan, R.: Breaking RSA may not be equivalent to factoring. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 59–71. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  20. Boyko, V., Peinado, M., Venkatesan, R.: Speeding up discrete log and factoring based schemes via precomputations. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 221–235. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  21. Brickell, E.F.: Solving low density knapsacks. In: Proc. of Crypto 1983, Plenum Press, New York (1984)

    Google Scholar 

  22. Brickell, E.F.: Breaking iterated knapsacks. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 342–358. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  23. Brickell, E.F., Odlyzko, A.M.: Cryptanalysis: A survey of recent results. In: Contemporary Cryptology, pp. 501–540. IEEE Press, Los Alamitos (1991)

    Google Scholar 

  24. Cai, J.-Y.: Some recent progress on the complexity of lattice problems. In: Proc. of FCRC (1999); Available at [39] as TR99-006

    Google Scholar 

  25. Cai, J.-Y.: The complexity of some lattice problems. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 1–32. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  26. Cai, J.-Y., Cusick, T.W.: A lattice-based public-key cryptosystem. Information and Computation 151, 17–31 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  27. Cai, J.-Y., Nerurkar, A.P.: An improved worst-case to average-case connection for lattice problems. In: Proc. of 38th FOCS, pp. 468–477. IEEE, Los Alamitos (1997)

    Google Scholar 

  28. Cavallar, S., Dodson, B., Lenstra, A.K., Lioen, W., Montgomery, P.L., Murphy, B., te Riele, H., Aardal, K., Gilchrist, J., Guillerm, G., Leyland, P., Marchand, J., Morain, F., Muffett, A., Putnam, C., Putnam, C., Zimmermann, P.: Factorization of 512-bit RSA key using the number field sieve. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 1. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  29. Chor, B., Rivest, R.L.: A knapsack-type public key cryptosystem based on arithmetic in finite fields. IEEE Trans. Inform. Theory 34 (1988)

    Google Scholar 

  30. Cohen, H.: A Course in ComputationalAlgebraic Number Theory, 2nd edn. Springer, Heidelberg (1995)

    Google Scholar 

  31. Conway, J.H., Sloane, N.J.A.: Sphere Packings, Lattices and Groups, 3rd edn. Springer, Heidelberg (1998)

    Google Scholar 

  32. Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. of Cryptology 10(4), 233–260 (1997); Revised version of two articles of Eurocrypt 1996

    Article  MATH  MathSciNet  Google Scholar 

  33. Coppersmith, D., Shamir, A.: Lattice attacks on NTRU. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 52–61. Springer, Heidelberg (1997)

    Google Scholar 

  34. Coster, M.J., Joux, A., LaMacchia, B.A., Odlyzko, A.M., Schnorr, C.-P., Stern, J.: Improved low-density subset sum algorithms. Comput. Complexity 2, 111–128 (1992)

    Article  MATH  MathSciNet  Google Scholar 

  35. Coupé, C., Nguyen, P., Stern, J.: The effectiveness of lattice attacks against low-exponent RSA. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, p. 204. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  36. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inform. Theory IT-22, 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  37. Dinur, I.: Approximating SVP ∞  to within almost-polynomial factors is NP-hard; Available at [39] at TR99-016

    Google Scholar 

  38. Dinur, I., Kindler, G., Safra, S.: Approximating CVP to within almostpolynomial factors is NP-hard. In: Proc. of 39th FOCS, pp. 99–109. IEEE, Los Alamitos (1998);0 Available at [39] at TR98-048

    Google Scholar 

  39. ECCC. The Electronic Colloquium on Computational Complexity, http://www.eccc.uni-trier.de/eccc/

  40. van Emde Boas, P.: Another NP-complete problem and the complexity of computing short vectors in a lattice. Technical report, Mathematisch Instituut, University of Amsterdam (1981), Report 81-04., Available at http://turing.wins.uva.nl/~peter/

  41. Fischlin, R., Seifert, J.-P.: Tensor-based trapdoors for CVP and their application to public key cryptography. In: Walker, M. (ed.) Cryptography and Coding 1999. LNCS, vol. 1746, pp. 244–257. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  42. Frieze, A.M.: On the lagarias-odlyzko algorithm for the subset sum problem. SIAM J. Comput 15(2), 536–539 (1986)

    Article  MATH  MathSciNet  Google Scholar 

  43. Furst, M.L., Kannan, R.: Succinct certificates for almost all subset sum problems. SIAM J. Comput 18(3), 550–558 (1989)

    Article  MATH  MathSciNet  Google Scholar 

  44. : Disquisitiones Arithmeticæ, Leipzig (1801)

    Google Scholar 

  45. Girault, M., Misarsky, J.-F.: Cryptanalysis of countermeasures proposed for repairing ISO 9796-1. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 81. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  46. Goldreich, O., Goldwasser, S.: On the limits of non-approximability of lattice problems. In: Proc. of 30th STOC. ACM, New York (1998); Available at [39] as TR97-031

    Google Scholar 

  47. Goldreich, O., Goldwasser, S., Halevi, S.: Challeges for the GGH cryptosystem., Available at http://theory.lcs.mit.edu/~shaih/challenge.html

  48. Goldreich, O., Goldwasser, S., Halevi, S.: Eliminating decryption errors in the Ajtai-Dwork cryptosystem. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 105–111. Springer, Heidelberg (1997); Available at [39] as TR97-018.

    Google Scholar 

  49. Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 112–131. Springer, Heidelberg (1997); Available at [39] as TR96-056.

    Google Scholar 

  50. Goldreich, O., Micciancio, D., Safra, S., Seifert, J.-P.: Approximating shortest lattice vectors is not harder than approximating closest lattice vectors, Available at [39] at TR99-002

    Google Scholar 

  51. González Vasco, M.I., Shparlinski, I.E.: On the security of Diffie-Hellman bits. In: Lam, K.-Y., Shparlinski, I.E., Wang, H., Xing, C. (eds.) Proc. Workshop on Cryptography and Comp. Number Theory (CCNT 1999). Birkhauser, Basel (2000)

    Google Scholar 

  52. Grötschel, M., Lovász, L., Schrijver, A.: Geometric Algorithms and Combina- torial Optimization. Springer, Heidelberg (1993)

    Google Scholar 

  53. Gruber, M., Lekkerkerker, C.G.: Geometry of Numbers. North-Holland, Amsterdam (1987)

    MATH  Google Scholar 

  54. Håstad, J.: Solving simultaneous modular equations of low degree. SIAM J. Comput. 17(2), 336–341 (1988); Early version in Proc. of Crypto 1985

    Article  MATH  MathSciNet  Google Scholar 

  55. Hermite, C.: Extraits de lettres de M. Hermite à M. Jacobi sur différents objets de la théorie des nombres, deuxième lettre. J. Reine Angew. Math. 40, 279–290 (1850); Also in the first volume of Hermite’s complete works (Gauthier-Villars)

    Article  Google Scholar 

  56. Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998); Additional information at, http://www.ntru.com

    Chapter  Google Scholar 

  57. Howgrave-Graham, N.A.: Finding small roots of univariate modular equations revisited. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 131–142. Springer, Heidelberg (1997)

    Google Scholar 

  58. N. A. Howgrave-Graham. Computational Mathematics Inspired by RSA. PhD thesis, University of Bath (1998)

    Google Scholar 

  59. Howgrave-Graham, N.A., Smart, N.P.: Lattice attacks on digital signature schemes. Technical report, HP Labs, HPL-1999-90 (1999)

    Google Scholar 

  60. Jaulmes, É., Joux, A.: A chosen ciphertext attack on NTRU. (2000) (preprint)

    Google Scholar 

  61. Joux, A., Stern, J.: Lattice reduction: A toolbox for the cryptanalyst. J. of Cryptology 11, 161–185 (1998)

    Article  MATH  MathSciNet  Google Scholar 

  62. Jutla, C.S.: On finding small solutions of modular multivariate polynomial equations. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 158–170. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  63. Kannan, R.: Improved algorithms for integer programming and related lattice problems. In: Proc. of 15th STOC, pp. 193–206. ACM, New York (1983)

    Google Scholar 

  64. Kannan, R.: Algorithmic geometry of numbers. Annual review of computer science 2, 231–267 (1987)

    Article  MathSciNet  Google Scholar 

  65. Kannan, R.: Minkowski’s convex body theorem and integer programming. Math. Oper. Res. 12(3), 415–440 (1987)

    Article  MATH  MathSciNet  Google Scholar 

  66. Klein, P.: Finding the closest lattice vector when it’s unusually close. In: Proc. of SODA 2000, ACM–SIAM (2000)

    Google Scholar 

  67. Korkine, A., Zolotareff, G.: Sur les formes quadratiques positives ternaires. Math. Ann. 5, 581–583 (1872)

    Article  MathSciNet  Google Scholar 

  68. Korkine, A., Zolotareff, G.: Sur les formes quadratiques. Math. Ann. 6, 336–389 (1873)

    Article  MathSciNet  Google Scholar 

  69. Lagarias, J.C.: Point lattices. In: Graham, R., Grötschel, M., Lovász, L. (eds.) Handbook of Combinatorics, vol. 1, ch. 19, Elsevier, Amsterdam (1995)

    Google Scholar 

  70. Lagarias, J.C., Odlyzko, A.M.: Solving low-density subset sum problems. Journal of the Association for Computing Machinery (January 1985)

    Google Scholar 

  71. Lagrange, L.: Recherches d’arithmétique. Nouv. Mém. Acad. (1773)

    Google Scholar 

  72. Lenstra, A.K., Lenstra Jr., H.W.: The Development of the Number Field Sieve. Lecture Notes in Mathematics, vol. 1554. Springer, Heidelberg (1993)

    Book  MATH  Google Scholar 

  73. Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Ann. 261, 513–534 (1982)

    Google Scholar 

  74. Lenstra Jr., H.W.: Integer programming with a fixed number of variables. Math. Oper. Res. 8(4), 538–548 (1983)

    Article  MATH  MathSciNet  Google Scholar 

  75. Lovász, L.: An Algorithmic Theory of Numbers, Graphs and Convexity. SIAM. CBMS-NSF Regional Conference Series in Applied Mathematics, vol. 50 (1986)

    Google Scholar 

  76. Martinet, J.: Les Réseaux Parfaits des Espaces Euclidiens. Editions Masson, English translation to appear at Springer-Verlag (1996)

    Google Scholar 

  77. Mazo, J.E., Odlyzko, A.M.: Lattice points in high-dimensional spheres. Monatsh. Math. 110, 47–61 (1990)

    Article  MATH  MathSciNet  Google Scholar 

  78. McEliece, R.J.: A public-key cryptosystem based on algebraic number theory. Technical report, Jet Propulsion Laboratory, DSN Progress Report 42-44 (1978)

    Google Scholar 

  79. Menezes, A., Van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptogra- phy. CRC Press, Boca Raton (1997)

    Google Scholar 

  80. Merkle, R., Hellman, M.: Hiding information and signatures in trapdoor knapsacks. IEEE Trans. Inform. Theory IT-24, 525–530 (1978)

    Article  Google Scholar 

  81. Micciancio, D.: On the Hardness of the Shortest Vector Problem. PhD thesis, Massachusetts Institute of Technology (1998)

    Google Scholar 

  82. Micciancio, D.: The shortest vector problem is NP-hard to approximate within some constant. In: Proc. of 39th FOCS, IEEE, Los Alamitos (1998); Available at [39] at TR98-016

    Google Scholar 

  83. Micciancio, D.: Lattice based cryptography: A global improvement. Technical report, Theory of Cryptography Library, Report 99-05 (1999)

    Google Scholar 

  84. Milnor, J., Husemoller, D.: Symmetric Bilinear Forms. Springer, Heidelberg (1973)

    MATH  Google Scholar 

  85. Minkowski, H.: Geometrie der Zahlen, Teubner-Verlag, Leipzig (1896)

    Google Scholar 

  86. Misarsky, J.-F.: A multiplicative attack using LLL algorithm on RSA signatures with redundancy. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 221–234. Springer, Heidelberg (1997)

    Google Scholar 

  87. Montgomery, P.L.: Square roots of products of algebraic numbers. In: Gautschi, W. (ed.) Mathematics of Computation 1943-1993: a Half-Century of Computational Mathematics, Proc. of Symposia in Applied Mathematics, pp. 567–571. American Mathematical Society (1994)

    Google Scholar 

  88. National Institute of Standards and Technology (NIST). FIPS Publication 186: Digital Signature Standard (May 1994)

    Google Scholar 

  89. Nguyen, P.: A Montgomery-like square root for the number field sieve. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  90. Nguyen, P.: Cryptanalysis of the Goldreich-Goldwasser-Halevi cryptosystem from Crypto 1997. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 288–304. Springer, Heidelberg (1999)

    Google Scholar 

  91. Nguyen, P., Stern, J.: Merkle-Hellman revisited: a cryptanalysis of the QuVanstone cryptosystem based on group factorizations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 198–212. Springer, Heidelberg (1997)

    Google Scholar 

  92. Nguyen, P., Stern, J.: Cryptanalysis of a fast public key cryptosystem presented at SAC 1997. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, p. 213. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  93. Nguyen, P., Stern, J.: Cryptanalysis of the Ajtai-Dwork cryptosystem. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 223–242. Springer, Heidelberg (1998)

    Google Scholar 

  94. Nguyen, P., Stern, J.: The Béguin-Quisquater server-aided RSA protocol from Crypto 1995 is not secure. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 372–379. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  95. Nguyen, P., Stern, J.: The hardness of the hidden subset sum problem and its cryptographic implications. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 31–46. Springer, Heidelberg (1999)

    Google Scholar 

  96. Nguyen, P., Stern, J.: The orthogonal lattice: A new tool for the cryptanalyst. Manuscript submitted to J. of Cryptology (2000)

    Google Scholar 

  97. Nguyen, P.Q.: La Géométrie des Nombres en Cryptologie. PhD thesis, Université Paris 7 (November 1999), Available at http://www.di.ens.fr/~pnguyen/

  98. Nguyen, P.Q.: The dark side of the hidden number problem: Lattice attacks on DSA. In: Lam, K.-Y., Shparlinski, I.E., Wang, H., Xing, C. (eds.) Proc. Workshop on Cryptography and Comp. Number Theory (CCNT 1999), Birkhauser (2000)

    Google Scholar 

  99. Odlyzko, A.M.: The rise and fall of knapsack cryptosystems. In: Cryptology and Computational Number Theory. Proc. of Symposia in Applied Mathematics, vol. 42, pp. 75–88. A.M.S (1990)

    Google Scholar 

  100. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Comm. of the ACM 21(2), 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  101. Schnorr, C.P.: A hierarchy of polynomial lattice basis reduction algorithms. Theoretical Computer Science 53, 201–224 (1987)

    Article  MATH  MathSciNet  Google Scholar 

  102. Schnorr, C.P.: A more efficient algorithm for lattice basis reduction. J. of algo- rithms 62, 47–62 (1988)

    Article  MathSciNet  Google Scholar 

  103. Schnorr, C.P.: Factoring integers and computing discrete logarithms via diophantine approximation. In: Davies, D.W. (ed.) EUROCRYPT 1991. C. P. Schnorr, vol. 547, pp. 171–181. Springer, Heidelberg (1991)

    Google Scholar 

  104. Schnorr, C.P., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Math. Programming 66, 181–199 (1994)

    Article  MATH  MathSciNet  Google Scholar 

  105. Schnorr, C.P., Hörner, H.H.: Attacking the Chor-Rivest cryptosystem by improved lattice reduction. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 1–12. Springer, Heidelberg (1995)

    Google Scholar 

  106. Shamir, A.: A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem. In: Proc. of 23rd FOCS, pp. 145–152. IEEE, Los Alamitos (1982)

    Google Scholar 

  107. Shoup, V.: Number Theory C++ Library (NTL) version 3.9., Available at http://www.shoup.net/ntl/

  108. Siegel, C.L.: Lectures on the Geometry of Numbers. Springer, Heidelberg (1989)

    MATH  Google Scholar 

  109. Vallée, B.: La réduction des réseaux: autour de l’algorithme de Lenstra, Lenstra, Lovász. RAIRO Inform. Théor. Appl. 23(3), 345–376 (1989); English translation in CWI Quaterly 3(2), 95–120 (1990)

    MATH  MathSciNet  Google Scholar 

  110. Vallée, B., Girault, M., Toffin, P.: How to guess ℓ-th roots modulo n by reducing lattice bases. In: Mora, T. (ed.) AAECC 1988. LNCS, vol. 357, pp. 427–442. Springer, Heidelberg (1989)

    Google Scholar 

  111. Vanstone, S.A., Zuccherato, R.J.: Short RSA keys and their generation. J. of Cryptology 8(2), 101–114 (1995)

    MATH  Google Scholar 

  112. Vaudenay, S.: Cryptanalysis of the Chor-Rivest cryptosystem. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, p. 243. Springer, Heidelberg (1998); Appeared first at the rump session of Crypto 1997

    Google Scholar 

  113. Verheul, E.R.: Certificates of recoverability with scalable recovery agent security. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 258–275. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  114. Wiener, M.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inform. Theory 36(3), 553–558 (1990)

    Article  MATH  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. École Normale Supérieure, Département d’Informatique, 45 rue d’Ulm, 75005, Paris, France

    Phong Q. Nguyen & Jacques Stern

Authors
  1. Phong Q. Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jacques Stern
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Mathematisch Instituut, Universiteit Nijmegen, Postbus 9010, 6500 GL, Nijmegen, The Netherlands

    Wieb Bosma

Rights and permissions

Reprints and permissions

Copyright information

© 2000 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Nguyen, P.Q., Stern, J. (2000). Lattice Reduction in Cryptology: An Update. In: Bosma, W. (eds) Algorithmic Number Theory. ANTS 2000. Lecture Notes in Computer Science, vol 1838. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10722028_4

Download citation

  • DOI: https://doi.org/10.1007/10722028_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-67695-9

  • Online ISBN: 978-3-540-44994-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation