Finding short lattice vectors within mordell's inequality

The celebrated Lenstra-Lenstra-Lovász lattice basis reduction algorithm (LLL) can naturally be viewed as an algorithmic version of Hermite's inequality on Hermite's constant. We present a polynomial-time blockwise reduction algorithm based on duality which can similarly be viewed as an algorithmic version of Mordell's inequality on Hermite's constant. This achieves a better and more natural approximation factor for the shortest vector problem than Schnorr's algorithm and its transference variant by Gama, Howgrave-Graham, Koy and Nguyen. Furthermore, we show that this approximation factor is essentially tight in the worst case.

[1]  L. J. Mordell,et al.  Observation on the Minimum of a Positive Quadratic Form in Eight Variables , 1944 .

[2]  Oded Regev,et al.  On the Complexity of Lattice Problems with Polynomial Approximation Factors , 2010, The LLL Algorithm.

[3]  Ravi Kannan,et al.  Improved algorithms for integer programming and related lattice problems , 1983, STOC.

[4]  C. Hermite Extraits de lettres de M. Ch. Hermite à M. Jacobi sur différents objects de la théorie des nombres. , 1850 .

[5]  Nicolas Gama,et al.  Predicting Lattice Reduction , 2008, EUROCRYPT.

[6]  Damien Stehlé,et al.  Bases Hermite-Korkine-Zolotarev réduites “ pires cas ” , 2007 .

[7]  Claus-Peter Schnorr,et al.  Lattice Basis Reduction: Improved Practical Algorithms and Solving Subset Sum Problems , 1991, FCT.

[8]  A. Korkine,et al.  Sur les formes quadratiques , 1873 .

[9]  Nicolas Gama,et al.  Symplectic Lattice Reduction and NTRU , 2006, EUROCRYPT.

[10]  F. Thorne,et al.  Geometry of Numbers , 2017, Algebraic Number Theory.

[11]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[12]  Miklós Ajtai,et al.  The worst-case behavior of schnorr's algorithm approximating the shortest nonzero vector in a lattice , 2003, STOC '03.

[13]  Gilles Villard,et al.  Parallel lattice basis reduction , 1992, ISSAC '92.

[14]  Shafi Goldwasser,et al.  Complexity of lattice problems , 2002 .

[15]  Phong Q. Nguyen,et al.  Sieve algorithms for the shortest vector problem are practical , 2008, J. Math. Cryptol..

[16]  László Lovász,et al.  Algorithmic theory of numbers, graphs and convexity , 1986, CBMS-NSF regional conference series in applied mathematics.

[17]  J. Martinet Perfect Lattices in Euclidean Spaces , 2010 .

[18]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[19]  Nicolas Gama,et al.  Rankin's Constant and Blockwise Lattice Reduction , 2006, CRYPTO.

[20]  Henry Cohn,et al.  New upper bounds on sphere packings I , 2001, math/0110009.

[21]  N. J. A. Sloane,et al.  Sphere Packings, Lattices and Groups , 1987, Grundlehren der mathematischen Wissenschaften.

[22]  Ravi Kumar,et al.  A sieve algorithm for the shortest lattice vector problem , 2001, STOC '01.

[23]  Subhash Khot,et al.  Inapproximability Results for Computational Problems on Lattices , 2010, The LLL Algorithm.

[24]  C. P. Schnorr,et al.  A Hierarchy of Polynomial Time Lattice Basis Reduction Algorithms , 1987, Theor. Comput. Sci..

[25]  L. Lovász,et al.  Geometric Algorithms and Combinatorial Optimization , 1981 .

[26]  Jacques Stern,et al.  The Two Faces of Lattices in Cryptology , 2001, CaLC.

[27]  Chih-Han Sah,et al.  Symmetric bilinear forms and quadratic forms , 1972 .