Cryptology ePrint Archive: Report 2014/788

Tuning GaussSieve for Speed

Robert Fitzpatrick and Christian Bischof and Johannes Buchmann and Ozgur Dagdelen and Florian Gopfert and Artur Mariano and Bo-Yin Yang

Abstract: The area of lattice-based cryptography is growing ever-more prominent as a paradigm for quantum-resistant cryptography. One of the most important hard problem underpinning the security of lattice- based cryptosystems is the shortest vector problem (SVP). At present, two approaches dominate methods for solving instances of this problem in practice: enumeration and sieving. In 2010, Micciancio and Voulgaris presented a heuristic member of the sieving family, known as GaussSieve, demonstrating it to be comparable to enumeration methods in practice. With contemporary lattice-based cryptographic proposals relying largely on the hardness of solving the shortest and closest vector problems in ideal lattices, examining possible improvements to sieving algorithms becomes highly pertinent since, at present, only sieving algorithms have been successfully adapted to solve such instances more efficiently than in the random lattice case. In this paper, we propose a number of heuristic improvements to GaussSieve, which can also be applied to other sieving algorithms for SVP.

Category / Keywords: public-key cryptography / Lattice-Based Cryptography, Sieving, SVP

Original Publication (in the same form): Latincrypt 2014

Date: received 3 Oct 2014

Contact author: rob at rfcrypto com

Available format(s): PDF | BibTeX Citation

Version: 20141007:040107 (All versions of this report)

Short URL: ia.cr/2014/788

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]