Floating-Point LLL Revisited

14 years 5 months ago

Download www.csie.nuk.edu.tw

The Lenstra-Lenstra-Lov´asz lattice basis reduction algorithm (LLL or L3 ) is a very popular tool in public-key cryptanalysis and in many other ﬁelds. Given an integer d-dimensional lattice basis with vectors of norm less than B in an n-dimensional space, L3 outputs a socalled L3 -reduced basis in polynomial time O(d5 n log3 B), using arithmetic operations on integers of bit-length O(d log B). This worst-case complexity is problematic for lattices arising in cryptanalysis where d or/and log B are often large. As a result, the original L3 is almost never used in practice. Instead, one applies ﬂoating-point variants of L3 , where the long-integer arithmetic required by Gram-Schmidt orthogonalisation (central in L3 ) is replaced by ﬂoating-point arithmetic. Unfortunately, this is known to be unstable in the worst-case: the usual ﬂoating-point L3 is not even guaranteed to terminate, and the output basis may not be L3 -reduced at all. In this article, we introduce the L2 algorithm,...

Phong Q. Nguyen, Damien Stehlé

Real-time Traffic

Cryptography | EUROCRYPT 2005 | Lattice Basis | Log B | Original L3 |

claim paper

Post Info
More Details (n/a)

Added	27 Jun 2010
Updated	27 Jun 2010
Type	Conference
Year	2005
Where	EUROCRYPT
Authors	Phong Q. Nguyen, Damien Stehlé

Comments (0)

Sciweavers

Floating-Point LLL Revisited

Cryptography | EUROCRYPT 2005 | Lattice Basis | Log B | Original L3 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers