[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Accelerating Lattice Reduction with FPGAs

  • Conference paper
Progress in Cryptology – LATINCRYPT 2010 (LATINCRYPT 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6212))

  • 701 Accesses

Abstract

We describe an FPGA accelerator for the Kannan–Fincke–Pohst enumeration algorithm (KFP) solving the Shortest Lattice Vector Problem (SVP). This is the first FPGA implementation of KFP specifically targeting cryptographically relevant dimensions. In order to optimize this implementation, we theoretically and experimentally study several facets of KFP, including its efficient parallelization and its underlying arithmetic. Our FPGA accelerator can be used for both solving stand-alone instances of SVP (within a hybrid CPU–FPGA compound) or myriads of smaller dimensional SVP instances arising in a BKZ-type algorithm. For devices of comparable costs, our FPGA implementation is faster than a multi-core CPU implementation by a factor around 2.12.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (H)IBE in the standard model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 553–572. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  2. Ajtai, M.: The shortest vector problem in L 2 is NP-hard for randomized reductions (extended abstract). In: Proc. of STOC, pp. 284–293. ACM, New York (1998)

    Google Scholar 

  3. Ajtai, M., Dwork, C.: A public-key cryptosystem with worst-case/average-case equivalence. In: Proc. of STOC, pp. 284–293. ACM, New York (1997)

    Google Scholar 

  4. Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Proc. of STOC, pp. 601–610. ACM, New York (2001)

    Google Scholar 

  5. Arbitman, Y., Dogon, G., Lyubashevsky, V., Micciancio, D., Peikert, C., Rosen, A.: SWIFFTX: a proposal for the SHA-3 standard. Submission to NIST (2008), http://www.eecs.harvard.edu/~alon/PAPERS/lattices/swifftx.pdf

  6. Cadé, D., Pujol, X., Stehlé, D.: fplll - a floating-point LLL implementation, http://perso.ens-lyon.fr/damien.stehle

  7. Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 523–552. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  8. Conway, J.H., Sloane, N.J.A.: Sphere Packings, Lattices and Groups. Springer, Heidelberg (1988)

    MATH  Google Scholar 

  9. Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptology 10(4), 233–260 (1997)

    Article  MATH  MathSciNet  Google Scholar 

  10. van Dijk, Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers. In: Gilbert, H. (ed.) Advances in Cryptology – EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  11. Fincke, U., Pohst, M.: A procedure for determining algebraic integers of given norm. In: van Hulzen, J.A. (ed.) ISSAC 1983 and EUROCAL 1983. LNCS, vol. 162, pp. 194–202. Springer, Heidelberg (1983)

    Google Scholar 

  12. Gama, N., Nguyen, P.Q.: Finding short lattice vectors within Mordell’s inequality. In: Proc. of STOC, pp. 207–216. ACM, New York (2008)

    Google Scholar 

  13. Gama, N., Nguyen, P.Q., Regev, O.: Lattice enumeration using extreme pruning. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 257–278. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proc. of STOC, pp. 169–178. ACM, New York (2009)

    Google Scholar 

  15. Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proc. of STOC, pp. 197–206. ACM, New York (2008)

    Google Scholar 

  16. Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 112–131. Springer, Heidelberg (1997)

    Google Scholar 

  17. Goldstein, D., Mayer, A.: On the equidistribution of Hecke points. Forum Mathematicum 15, 165–189 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  18. Guo, Z., Nilsson, P.: VLSI architecture of the soft-output sphere decoder for MIMO systems. In: Proc. of MWSCAS, vol. 2, pp. 1195–1198. IEEE, Los Alamitos (2005)

    Google Scholar 

  19. Hanrot, G., Stehlé, D.: Improved analysis of Kannan’s shortest lattice vector algorithm. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 170–186. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  20. Hermans, J., Schneider, M., Buchmann, J., Vercauteren, F., Preneel, B.: Parallel shortest lattice vector enumeration on graphics cards. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 52–68. Springer, Heidelberg (2010)

    Google Scholar 

  21. Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: A ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  22. Howgrave-Graham, N.: A hybrid lattice-reduction and meet-in-the-middle attack against NTRU. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 150–169. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  23. Kannan, R.: Improved algorithms for integer programming and related lattice problems. In: Proc. of STOC, pp. 99–108. ACM, New York (1983)

    Google Scholar 

  24. Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 515–534 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  25. Lovász, L.: An Algorithmic Theory of Numbers, Graphs and Convexity. SIAM, cBMS-NSF Regional Conference Series in Applied Mathematics (1986)

    Google Scholar 

  26. Magma: The Magma computational algebra system, http://magma.maths.usyd.edu.au/magma/

  27. May, A.: Using LLL-reduction for solving RSA and factorization problems: A survey. In: [32] (2009)

    Google Scholar 

  28. Micciancio, D., Regev, O.: Lattice-based cryptography. In: Bernstein, D.J., Buchmann, J., Dahmen, E. (eds.) Post-Quantum Cryptography, pp. 147–191. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  29. Micciancio, D., Voulgaris, P.: A deterministic single exponential time algorithm for most lattice problems based on Voronoi cell computations. To appear in the proceedings of STOC 2010 (2010)

    Google Scholar 

  30. Micciancio, D., Voulgaris, P.: Faster exponential time algorithms for the shortest vector problem. In: Proc. of SODA, pp. 1468–1480. SIAM, Philadelphia (2010)

    Google Scholar 

  31. Mow, W.H.: Maximum likelihood sequence estimation from the lattice viewpoint. IEEE TIT 40, 1591–1600 (1994)

    MATH  Google Scholar 

  32. Nguyen, P.Q., Vallée, B.: The LLL algorithm, survey and applications. Information Security and Cryptography. Springer, Heidelberg (2010)

    Google Scholar 

  33. Nguyen, P.Q., Stehlé, D.: Floating-point LLL revisited. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 215–233. Springer, Heidelberg (2005)

    Google Scholar 

  34. Nguyen, P.Q., Stehlé, D.: LLL on the average. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 238–256. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  35. Nguyen, P.Q., Stern, J.: Cryptanalysis of the Ajtai-Dwork cryptosystem. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 223–242. Springer, Heidelberg (1998)

    Google Scholar 

  36. Nguyen, P.Q., Stern, J.: The two faces of lattices in cryptology. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 146–180. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  37. Nguyen, P.Q., Vidick, T.: Sieve algorithms for the shortest vector problem are practical. J. Mathematical Cryptology 2(2) (2008)

    Google Scholar 

  38. Odlyzko, A.M.: The rise and fall of knapsack cryptosystems. In: Proceedings of Cryptology and Computational Number Theory. Proceedings of Symposia in Applied Mathematics, vol. 42, pp. 75–88. AMS (1989)

    Google Scholar 

  39. Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem. In: Proc. of STOC, pp. 333–342. ACM, New York (2009)

    Google Scholar 

  40. Pujol, X., Stehlé, D.: Rigorous and efficient short lattice vectors enumeration. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 390–405. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  41. Pujol, X., Stehlé, D.: Solving the shortest lattice vector problem in time 22.465n. Cryptology ePrint Archive, Report 2009/605 (2009), http://eprint.iacr.org/2009/605

  42. Regev, O.: Lattices in computer science (2004). lecture notes of a course given at the Tel. Aviv. University, http://www.cs.tau.ac.il/~odedr/teaching/lattices_fall_2004/

  43. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proc. of STOC, pp. 84–93. ACM, New York (2005)

    Google Scholar 

  44. Schnorr, C.P.: A hierarchy of polynomial lattice basis reduction algorithms. Theor. Comput. Sci. 53, 201–224 (1987)

    Article  MATH  MathSciNet  Google Scholar 

  45. Schnorr, C.P., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Math. Programming 66, 181–199 (1994)

    Article  MathSciNet  Google Scholar 

  46. Schnorr, C.P., Hörner, H.H.: Attacking the Chor-Rivest cryptosystem by improved lattice reduction. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 1–12. Springer, Heidelberg (1995)

    Google Scholar 

  47. Shoup, V.: NTL, Number Theory C++ Library, http://www.shoup.net/ntl/

  48. Smart, N.P., Vercauteren, F.: Fully homomorphic encryption with relatively small key and ciphertext sizes. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 420–443. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  49. Stehlé, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617–635. Springer, Heidelberg (2009)

    Google Scholar 

  50. Studer, C., Burg, A., Bölcskei, H.: Soft-output sphere decoding: Algorithms and VLSI implementation. IEEE Journal on Selected Areas in Communications 26(2), 290–300 (2008)

    Article  Google Scholar 

  51. Viterbo, E., Boutros, J.: A universal lattice code decoder for fading channels. IEEE TIT 45, 1639–1642 (1999)

    MATH  MathSciNet  Google Scholar 

  52. Xilinx: Virtex-5 family overview, http://www.xilinx.com/support/documentation/virtex-5.htm

Download references

Author information

Authors and Affiliations

  1. CARAMEL project-team, LORIA, INRIA / CNRS / Nancy Université, Campus Scientifique, BP 239, F-54506, Vandœuvre-lès-Nancy Cedex, France

    Jérémie Detrey

  2. Laboratoire LIP, CNRS-ENSL-INRIA-UCBL, ÉNS Lyon, Université de Lyon, 46 Allée d’Italie, 69364, Lyon Cedex 07, France

    Guillaume Hanrot & Xavier Pujol

  3. CNRS, Macquarie University and University of Sydney, Dpt. of Mathematics and Statistics, University of Sydney, NSW, 2006, Australia

    Damien Stehlé

Authors
  1. Jérémie Detrey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guillaume Hanrot
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xavier Pujol
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Damien Stehlé
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, École Normale Supérieure, 45 Rue d’Ulm, 75230, Paris Cedex 05, France

    Michel Abdalla

  2. Computer Architecture and Networking Laboratory (LARC), Universidade de Sáo Paulo, Av. Prof. Luciano Gualberto, trav.3, n.158, 05508-900, Sáo Paulo (SP), Brazil

    Paulo S. L. M. Barreto

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Detrey, J., Hanrot, G., Pujol, X., Stehlé, D. (2010). Accelerating Lattice Reduction with FPGAs. In: Abdalla, M., Barreto, P.S.L.M. (eds) Progress in Cryptology – LATINCRYPT 2010. LATINCRYPT 2010. Lecture Notes in Computer Science, vol 6212. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14712-8_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14712-8_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14711-1

  • Online ISBN: 978-3-642-14712-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics