Paper 2021/1295

Improved Quantum Hypercone Locality Sensitive Filtering in Lattice Sieving

Max Heiser

Abstract

The asymptotically fastest known method for solving SVP is via lattice sieving, an algorithm whose computational bottleneck is solving the Nearest Neighbor Search problem. The best known algorithm for solving this problem is Hypercone Locality Sensitive Filtering (LSF). The classical time complexity of a sieve using Hypercone LSF is 20.2925d+o(d). The quantum time complexity is 20.2653d+o(d), which is acquired by using Grover's algorithm to speed up part of the enumeration. We present an improvement to the quantum algorithm, which improves the time complexity to 20.2571d+o(d). Essentially, we provide a way to use Grover's algorithm to speed up another part of the process, providing a better tradeoff. This improvement affects the security of lattice-based encryption schemes, including NIST PQC Round 3 finalists.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
lattice-based cryptographySVPsieving algorithmscryptanalysislattice techniques
Contact author(s)
heisermax @ protonmail com
History
2021-09-27: received
Short URL
https://ia.cr/2021/1295
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2021/1295,
      author = {Max Heiser},
      title = {Improved Quantum Hypercone Locality Sensitive Filtering in Lattice Sieving},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1295},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1295}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.