The nearest-colattice algorithm

06/10/2020
by   Thomas Espitau, et al.
0

In this work, we exhibit a hierarchy of polynomial time algorithms solving approximate variants of the Closest Vector Problem (CVP). Our first contribution is a heuristic algorithm achieving the same distance tradeoff as HSVP algorithms, namely ≈β^n/2βcovol(Λ)^1/n for a random lattice Λ of rank n. Compared to the so-called Kannan's embedding technique, our algorithm allows using precomputations and can be used for efficient batch CVP instances. This implies that some attacks on lattice-based signatures lead to very cheap forgeries, after a precomputation. Our second contribution is a proven reduction from approximating the closest vector with a factor ≈ n^3/2β^3n/2β to the Shortest Vector Problem (SVP) in dimension β.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset