eng
Schloss Dagstuhl – Leibniz-Zentrum für Informatik
Dagstuhl Seminar Proceedings
1862-4405
2009-08-20
1
6
10.4230/DagSemProc.09221.4
article
Probabilistic Analysis of LLL Reduced Bases
Schneider, Michael
LLL reduction, originally founded in 1982 to factor certain polynomials, is a useful tool in public key cryptanalysis. The search for short lattice vectors helps determining the practical hardness of lattice problems, which are supposed to be secure against quantum computer attacks.
It is a fact that in practice, the LLL algorithm finds much shorter vectors than its theoretic analysis guarantees. Therefore one can see that the guaranteed worst case bounds are not helpful for practical purposes. We use a probabilistic approach to give an estimate for the length of the shortest vector in an LLL-reduced bases that is tighter than the worst case bounds.
https://drops.dagstuhl.de/storage/16dagstuhl-seminar-proceedings/dsp-vol09221/DagSemProc.09221.4/DagSemProc.09221.4.pdf
Lattice reduction
LLL algorithm