H-LLL: using householder inside LLL

We describe a new LLL-type algorithm, H-LLL, that relies on Householder transformations to approximate the underlying Gram-Schmidt orthogonalizations. The latter computations are performed with floating-point arithmetic. We prove that a precision essentially equal to the dimension suffices to ensure that the output basis is reduced. H-LLL resembles the L2 algorithm of Nguyen and Stehlé that relies on a floating-point Cholesky algorithm. However, replacing Cholesky's algorithm by Householder's is not benign, as their numerical behaviors differ significantly. Broadly speaking, our correctness proof is more involved, whereas our complexity analysis is more direct. Thanks to the new orthogonalization strategy, H-LLL is the first LLL-type algorithm that admits a natural vectorial description, which leads to a complexity upper bound that is proportional to the progress performed on the basis (for fixed dimensions).

[1]  Damien Stehlé,et al.  Floating-Point LLL: Theoretical and Practical Aspects , 2010, The LLL Algorithm.

[2]  Claus-Peter Schnorr,et al.  Fast LLL-type lattice reduction , 2006, Inf. Comput..

[3]  Claus-Peter Schnorr,et al.  Progress on LLL and Lattice Reduction , 2010, The LLL Algorithm.

[4]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[5]  Claus-Peter Schnorr,et al.  Segment LLL-Reduction with Floating Point Orthogonalization , 2001, CaLC.

[6]  Andrew Odlyzko,et al.  The Rise and Fall of Knapsack Cryptosystems , 1998 .

[7]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[8]  Damien Stehlé,et al.  Floating-Point LLL Revisited , 2005, EUROCRYPT.

[9]  Erich Kaltofen,et al.  On the complexity of finding short vectors in integer lattices , 1983, EUROCAL.

[10]  A. Storjohann Faster algorithms for integer lattice basis reduction , 1996 .

[11]  C. Hermite Extraits de lettres de M. Ch. Hermite à M. Jacobi sur différents objects de la théorie des nombres. (Continuation). , .

[12]  Nicholas J. Higham,et al.  INVERSE PROBLEMS NEWSLETTER , 1991 .

[13]  Claus-Peter Schnorr,et al.  Segment LLL-Reduction of Lattice Bases , 2001, CaLC.

[14]  Gilles Villard,et al.  Certification of the QR factor R and of lattice basis reducedness , 2007, ISSAC '07.

[15]  László Lovász,et al.  Algorithmic theory of numbers, graphs and convexity , 1986, CBMS-NSF regional conference series in applied mathematics.

[16]  Claus-Peter Schnorr,et al.  A More Efficient Algorithm for Lattice Basis Reduction , 1988, J. Algorithms.

[17]  Damien Stehlé,et al.  Rigorous and Efficient Short Lattice Vectors Enumeration , 2008, ASIACRYPT.

[18]  Claus-Peter Schnorr,et al.  Lattice basis reduction: Improved practical algorithms and solving subset sum problems , 1991, FCT.