Abstract
Finding the shortest vector of a lattice is one of the most important problems in computational lattice theory. For a random lattice, one can estimate the length of the shortest vector using the Gaussian heuristic. However, no rigorous proof can be provided for some classes of lattices, as the Gaussian heuristic may not hold for them. In this paper, we propose a general method to estimate lower bounds of the shortest vector lengths for random integral lattices in certain classes, which is based on the incompressibility method from the theory of Kolmogorov complexity. As an application, we can prove that for a random NTRU lattice, with an overwhelming probability, the ratio between the length of the shortest vector and the length of the target vector, which corresponds to the secret key, is at least a constant, independent of the rank of the lattice.
Partially supported by NSF of China Projects (No.61133013 and No.60931160442), GIIFSDU Project (No. 11140070613184) and Tsinghua University Initiative Scientific Research Program (No.2009THZ01002).
Partially supported by NSF under grants CCF-0830522 and CCF-0830524.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Ajtai, M.: The shortest vector problem in l2 is NP-hard for randomized reductions (extended abstract) In: Proc. 30th ACM Symp. on Theory of Computing (STOC), pp. 10–19. ACM (1998)
Ajtai, M.: Random lattices and a conjectured 0-1 law about their polynomial time computable properties. In: Proc. of FOCS 2002, pp. 13–39. IEEE (2002)
Coster, M.J., Joux, A., La Macchia, B.A., Odlyzko, A.M., Schnorr, C.P., Stern, J.: An improved lowdensity subset sum algorithm. Computational Complexity 2, 111–128 (1992)
Cai, J.-Y., Nerurkar, A.: Approximating the SVP to within a factor (1 + 1/ dim) is NP-hard under randomized reductions. J. Comput. System Sci. 59(2), 221–239 (1999)
Consortium for Efficient Embedded Security. Efficient embedded security standards \(\sharp 1\): Implementation aspects of NTRUEncrypt and NTRUSign, version (June 2, 2003)
Coppersmith, D., Shamir, A.: Lattice Attacks on NTRU. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 52–61. Springer, Heidelberg (1997)
Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: A Ring-Based Public Key Cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998); First presented at the rump session of Crypto 1996
Haviv, I., Regev, O.: Tensor-based hardness of the shortest vector problem to within almost polynomial factors. In: Proc. 39th ACM Symp. on Theory of Computing (STOC), pp. 469–477 (2007)
Howgrave-Graham, N., Silverman, J.H., Whyte, W.: Choosing Parameter Sets for NTRUEncrypt with NAEP and SVES-3. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 118–135. Springer, Heidelberg (2005)
Ingleton, A.W.: The Rank of Circulant Matrices. J. London Math. Soc. s1-31, 445–460 (1956)
Khot, S.: Hardness of approximating the shortest vector problem in lattices. In: Proc. 45th Annual IEEE Symp. on Foundations of Computer Science (FOCS), pp. 126–135 (2004)
Lidl, R., Niederreiter, H.: Finite fields. Encyclopedia of Mathematics and its Applications, vol. 20. Addison-Wesley, Reading (1983)
Lagarias, J.C., Odlyzko, A.M.: Solving low-density subset sum problems. Journal of the Association for Computing Machinery (January 1985)
Li, M., Vitányi, P.: An introduction to Kolmogorov complexity and its applications, 2nd edn. Springer (1997)
Micciancio, D.: The shortest vector problem is NP-hard to approximate to within some constant. SIAM J. on Computing 30(6), 2008–2035 (2001); Preliminary version in FOCS (1998)
Mazo, J.E., Odlyzko, A.M.: Lattice points in high-dimensional spheres. Monatsh. Math. 110, 47–61 (1990)
Nguyen, P.Q., Stehlé, D.: LLL on the Average. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 238–256. Springer, Heidelberg (2006)
Siegel, C.L.: A mean Value theorem in geometry of numbers. Annals of Mathematics 46(2), 340–347 (1945)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bi, J., Cheng, Q. (2012). Lower Bounds of Shortest Vector Lengths in Random NTRU Lattices. In: Agrawal, M., Cooper, S.B., Li, A. (eds) Theory and Applications of Models of Computation. TAMC 2012. Lecture Notes in Computer Science, vol 7287. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29952-0_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-29952-0_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29951-3
Online ISBN: 978-3-642-29952-0
eBook Packages: Computer ScienceComputer Science (R0)