Faster provable sieving algorithms for the Shortest Vector Problem and the Closest Vector Problem on lattices in ℓ_p norm
share
In this paper we give provable sieving algorithms for the Shortest Vector Problem (SVP) and the Closest Vector Problem (CVP) on lattices in ℓ_p norm for 1≤ p≤∞. The running time we get is better than existing provable sieving algorithms, except the Discrete Gaussian based algorithm by Aggarwal et al.[2015], but this algorithm works only for the Euclidean norm. We build on the randomized sieving framework of Ajtai, Kumar and Sivakumar [2001,2002], where they used a sieving sub-routine that runs in time quadratic in the number of sampled vectors. We give a new sieving procedure that works for all ℓ_p norm and runs in time linear in the number of sampled vectors. The main idea is to divide the space (hypersphere) into regions (hypercubes) such that each vector can be mapped efficiently to a region. This is an extension of the sieving technique in Aggarwal and Mukhopadhyay[2018], where it has been used only for the ℓ_∞ norm. This improves the time complexity of the overall algorithm as compared to previous analyses of AKS algorithm in ℓ_p norm [Blomer and Naewe(2009),Arvind and Joglekar(2008)]. In the ℓ_2 norm, using the birthday paradox we achieve a time complexity of 2^2.49n+o(n), as compared to the time complexity of 2^2.571n+o(n) of AKS (using birthday paradox) [Hanrot et al.(2011)]. We further modify our linear sieving technique and introduce a mixed sieving procedure. At first a point is mapped to a hypercube within a sphere (as done in linear sieve) and then within each hypercube we perform a quadratic sieve like AKS. This helps us achieve a time complexity of 2^2.25n+o(n) in ℓ_2 norm, which is better than the time complexity of List Sieve Birthday (2^2.465n+o(n)) [Pujol and Stehle(2009),Hanrot et al.(2011)]. We also adopt our techniques for approximation algorithms of the above problems.
READ FULL TEXT