Document Open Access Logo

A Time-Distance Trade-Off for GDD with Preprocessing - Instantiating the DLW Heuristic

Author Noah Stephens-Davidowitz

PDF
Thumbnail PDF

File

LIPIcs.CCC.2019.11.pdf
  • Filesize: 445 kB
  • 8 pages

Document Identifiers

Author Details

Noah Stephens-Davidowitz
  • Massachusetts Institute of Technology, Cambridge, MA, USA

Acknowledgements

I thank Guillaume Hanrot, Thijs Laarhoven, Alice Pellet - Mary, Oded Regev, and Damien Stehlé for helpful discussions. I also thank Alice Pellet - Mary, Guillaume Hanrot, and Damien Stehlé for sharing early versions of their work with me. I am also grateful to the CCC 2019 reviewers for their very helpful comments, and Daniel Dadush for showing me how to obtain the stronger results to be written up in the full version.

Cite AsGet BibTex

Noah Stephens-Davidowitz. A Time-Distance Trade-Off for GDD with Preprocessing - Instantiating the DLW Heuristic. In 34th Computational Complexity Conference (CCC 2019). Leibniz International Proceedings in Informatics (LIPIcs), Volume 137, pp. 11:1-11:8, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2019)
https://doi.org/10.4230/LIPIcs.CCC.2019.11

Abstract

For 0 <= alpha <= 1/2, we show an algorithm that does the following. Given appropriate preprocessing P(L) consisting of N_alpha := 2^{O(n^{1-2 alpha} + log n)} vectors in some lattice L subset {R}^n and a target vector t in R^n, the algorithm finds y in L such that ||y-t|| <= n^{1/2 + alpha} eta(L) in time poly(n) * N_alpha, where eta(L) is the smoothing parameter of the lattice. The algorithm itself is very simple and was originally studied by Doulgerakis, Laarhoven, and de Weger (to appear in PQCrypto, 2019), who proved its correctness under certain reasonable heuristic assumptions on the preprocessing P(L) and target t. Our primary contribution is a choice of preprocessing that allows us to prove correctness without any heuristic assumptions. Our main motivation for studying this is the recent breakthrough algorithm for IdealSVP due to Hanrot, Pellet - Mary, and Stehlé (to appear in Eurocrypt, 2019), which uses the DLW algorithm as a key subprocedure. In particular, our result implies that the HPS IdealSVP algorithm can be made to work with fewer heuristic assumptions. Our only technical tool is the discrete Gaussian distribution over L, and in particular, a lemma showing that the one-dimensional projections of this distribution behave very similarly to the continuous Gaussian. This lemma might be of independent interest.

Subject Classification

ACM Subject Classification
  • Theory of computation → Design and analysis of algorithms
Keywords
  • Lattices
  • guaranteed distance decoding
  • GDD
  • GDDP

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Related Versions

References

  1. Divesh Aggarwal, Daniel Dadush, Oded Regev, and Noah Stephens-Davidowitz. Solving the Shortest Vector Problem in 2ⁿ time via Discrete Gaussian Sampling. In STOC, 2015. URL: http://arxiv.org/abs/abs/1412.7994.
  2. Divesh Aggarwal, Daniel Dadush, and Noah Stephens-Davidowitz. Solving the Closest Vector Problem in 2ⁿ time-The discrete Gaussian strikes again! In FOCS, 2015. URL: http://arxiv.org/abs/1504.01995.
  3. L. Babai. On Lovász' lattice reduction and the nearest lattice point problem. Combinatorica, 6(1), 1986. Google Scholar
  4. Wojciech Banaszczyk. New bounds in some transference theorems in the geometry of numbers. Mathematische Annalen, 296(4), 1993. Google Scholar
  5. Wojciech Banaszczyk. Inequalites for convex bodies and polar reciprocal lattices in ℝⁿ. Discrete & Computational Geometry, 13, 1995. Google Scholar
  6. Daniel Dadush, Oded Regev, and Noah Stephens-Davidowitz. On the Closest Vector Problem with a distance guarantee. In CCC, 2014. URL: http://arxiv.org/abs/1409.8063.
  7. Emmanouil Doulgerakis, Thijs Laarhoven, and Benne de de Weger. Finding closest lattice vectors using approximate Voronoi cells. In PQCrypto, 2019. (To appear.) URL: https://eprint.iacr.org/2016/888.
  8. Nicolas Gama and Phong Q. Nguyen. Finding Short Lattice Vectors Within Mordell’s Inequality. In STOC, 2008. Google Scholar
  9. Ishay Haviv, Vadim Lyubashevsky, and Oded Regev. A Note on the Distribution of the Distance from a Lattice. Discrete & Computational Geometry, 41(1), 2009. Google Scholar
  10. Thijs Laarhoven. Finding closest lattice vectors using approximate Voronoi cells, 2016. URL: https://eprint.iacr.org/2016/888/20161219:141310.
  11. Thijs Laarhoven. Sieving for Closest Lattice Vectors (with Preprocessing). In SAC, 2016. Google Scholar
  12. Yi-Kai Liu, Vadim Lyubashevsky, and Daniele Micciancio. On Bounded Distance Decoding for general lattices. In RANDOM, 2006. Google Scholar
  13. J. E. Mazo and A. M. Odlyzko. Lattice points in high-dimensional spheres. Monatshefte für Mathematik, 110(1), 1990. Google Scholar
  14. Daniele Micciancio and Chris Peikert. Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller. In EUROCRYPT, 2012. URL: https://eprint.iacr.org/2011/501.
  15. Daniele Micciancio and Oded Regev. Worst-case to average-case reductions based on Gaussian measures. SIAM Journal of Computing, 37(1), 2007. Google Scholar
  16. Daniele Micciancio and Panagiotis Voulgaris. A deterministic single exponential time algorithm for most lattice problems based on Voronoi cell computations. SIAM Journal on Computing, 42(3), 2013. Google Scholar
  17. Chris Peikert. Limits on the Hardness of Lattice Problems in 𝓁_p Norms. Computational Complexity, 17(2), 2008. Google Scholar
  18. Alice Pellet-Mary, Guillaume Hanrot, and Damien Stehlé. Approx-SVP in Ideal Lattices with Pre-processing. In Eurocrypt, 2019. (to appear). Google Scholar
  19. Claus-Peter Schnorr. A Hierarchy of Polynomial Time Lattice Basis Reduction Algorithms. Theor. Comput. Sci., 53(23), 1987. Google Scholar
  20. Noah Stephens-Davidowitz. On the Gaussian measure over lattices. Ph.D. thesis, New York University, 2017. Google Scholar
  21. Noah Stephens-Davidowitz. A time-distance trade-off for GDD with preprocessing - Instantiating the DLW heuristic, 2019. URL: http://arxiv.org/abs/1902.08340.
  22. Roman Vershynin. Introduction to the non-asymptotic analysis of random matrices. In Compressed Sensing: Theory and Applications. Cambridge University Press, 2012. Google Scholar
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2024 Schloss Dagstuhl – LZI GmbH Imprint Privacy Contact