International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Lower Bounds on Lattice Enumeration with Extreme Pruning

Authors:
Yoshinori Aono
Phong Q. Nguyen
Takenobu Seito
Junji Shikata
Download:
DOI: 10.1007/978-3-319-96881-0_21 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2018
Abstract: At Eurocrypt ’10, Gama, Nguyen and Regev introduced lattice enumeration with extreme pruning: this algorithm is implemented in state-of-the-art lattice reduction software and used in challenge records. They showed that extreme pruning provided an exponential speed-up over full enumeration. However, no limit on its efficiency was known, which was problematic for long-term security estimates of lattice-based cryptosystems. We prove the first lower bounds on lattice enumeration with extreme pruning: if the success probability is lower bounded, we can lower bound the global running time taken by extreme pruning. Our results are based on geometric properties of cylinder intersections and some form of isoperimetry. We discuss their impact on lattice security estimates.
Video from CRYPTO 2018
BibTeX
@inproceedings{crypto-2018-28827,
  title={Lower Bounds on Lattice Enumeration with Extreme Pruning},
  booktitle={Advances in Cryptology – CRYPTO 2018},
  series={Lecture Notes in Computer Science},
  publisher={Springer},
  volume={10992},
  pages={608-637},
  doi={10.1007/978-3-319-96881-0_21},
  author={Yoshinori Aono and Phong Q. Nguyen and Takenobu Seito and Junji Shikata},
  year=2018
}