Hardness of Approximating the Shortest Vector Problem in Lattices

Let p > 1 be any fixed real. We show that assuming NP /spl nsube/ RP, it is hard to approximate the shortest vector problem (SVP) in l/sub p/ norm within an arbitrarily large constant factor. Under the stronger assumption NP /spl nsube/ RTIME(2/sup poly(log n)/), we show that the problem is hard to approximate within factor 2/sup log n1/2 - /spl epsi// where n is the dimension of the lattice and /spl epsi/> 0 is an arbitrarily small constant. This greatly improves all previous results in l/sub p/ norms with 1 < p < /spl infin/. The best results so far gave only a constant factor hardness, namely, 2/sup 1/p/ - /spl epsi/ by Micciancio and p/sup 1 - /spl epsi// in high l/sub p/ norms by Khot. We first give a new (randomized) reduction from closest vector problem (CVP) to SVP that achieves some constant factor hardness. The reduction is based on BCH codes. Its advantage is that the SVP instances produced by the reduction behave well under the augmented tensor product, a new variant of tensor product that we introduce. This enables us to boost the hardness factor to 2/sup log n1/2-/spl epsi//.

[1]  Jin-Yi Cai,et al.  Approximating the SVP to within a Factor (1+1/dimxi) Is NP-Hard under Randomized Reductions , 1999, J. Comput. Syst. Sci..

[2]  H. Minkowski,et al.  Geometrie der Zahlen , 1896 .

[3]  Gary L. Miller,et al.  Solvability by Radicals is in Polynomial Time , 1985, J. Comput. Syst. Sci..

[4]  Lane A. Hemaspaandra Complexity theory , 2001, SIGA.

[5]  Johan Håstad,et al.  Dual vectors and lower bounds for the nearest lattice point problem , 1988, Comb..

[6]  Jin-Yi Cai,et al.  An improved worst-case to average-case connection for lattice problems , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[7]  Jeffrey C. Lagarias,et al.  Korkin-Zolotarev bases and successive minima of a lattice and its reciprocal lattice , 1990, Comb..

[8]  Oded Goldreich,et al.  On the Limits of Nonapproximability of Lattice Problems , 2000, J. Comput. Syst. Sci..

[9]  M. Ajtai The shortest vector problem in L2 is NP-hard for randomized reductions (extended abstract) , 1998, STOC '98.

[10]  W. Banaszczyk New bounds in some transference theorems in the geometry of numbers , 1993 .

[11]  Jin-Yi Cai,et al.  Applications of a new transference theorem to Ajtai's connection factor , 1999, Proceedings. Fourteenth Annual IEEE Conference on Computational Complexity (Formerly: Structure in Complexity Theory Conference) (Cat.No.99CB36317).

[12]  Jin-Yi Cai,et al.  Approximating the SVP to within a Factor is NP-Hard under Randomized Reductions , 1998 .

[13]  Hendrik W. Lenstra,et al.  Integer Programming with a Fixed Number of Variables , 1983, Math. Oper. Res..

[14]  Noga Alon,et al.  The Probabilistic Method , 2015, Fundamentals of Ramsey Theory.

[15]  Jacques Stern,et al.  The hardness of approximate optima in lattices, codes, and systems of linear equations , 1993, Proceedings of 1993 IEEE 34th Annual Foundations of Computer Science.

[16]  Subhash Khot,et al.  Hardness of approximating the shortest vector problem in high L/sub p/ norms , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[17]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[18]  Cynthia Dwork,et al.  A public-key cryptosystem with worst-case/average-case equivalence , 1997, STOC '97.

[19]  Ravi Kannan,et al.  Improved algorithms for integer programming and related lattice problems , 1983, STOC.

[20]  Dorit Aharonov,et al.  Lattice problems in NP ∩ coNP , 2005, JACM.

[21]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[22]  Oded Goldreich,et al.  On the limits of non-approximability of lattice problems , 1998, STOC '98.

[23]  Madhu Sudan,et al.  Hardness of approximating the minimum distance of a linear code , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[24]  Irit Dinur Approximating SVPinfty to within Almost-Polynomial Factors Is NP-Hard , 2000, CIAC.

[25]  C. P. Schnorr,et al.  A Hierarchy of Polynomial Time Lattice Basis Reduction Algorithms , 1987, Theor. Comput. Sci..

[26]  Jeffrey C. Lagarias,et al.  Solving low density subset sum problems , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[27]  Ravi Kumar,et al.  A sieve algorithm for the shortest lattice vector problem , 2001, STOC '01.

[28]  Ravi Kannan,et al.  Minkowski's Convex Body Theorem and Integer Programming , 1987, Math. Oper. Res..

[29]  Shafi Goldwasser,et al.  Complexity of lattice problems - a cryptographic perspective , 2002, The Kluwer international series in engineering and computer science.