Faster Provable Sieving Algorithms for the Shortest Vector Problem and the Closest Vector Problem on Lattices in ℓp Norm

In this work, we give provable sieving algorithms for the Shortest Vector Problem (SVP) and the Closest Vector Problem (CVP) on lattices in ℓp norm (1≤p≤∞). The running time we obtain is better than existing provable sieving algorithms. We give a new linear sieving procedure that works for all ℓp norm (1≤p≤∞). The main idea is to divide the space into hypercubes such that each vector can be mapped efficiently to a sub-region. We achieve a time complexity of 22.751n+o(n), which is much less than the 23.849n+o(n) complexity of the previous best algorithm. We also introduce a mixed sieving procedure, where a point is mapped to a hypercube within a ball and then a quadratic sieve is performed within each hypercube. This improves the running time, especially in the ℓ2 norm, where we achieve a time complexity of 22.25n+o(n), while the List Sieve Birthday algorithm has a running time of 22.465n+o(n). We adopt our sieving techniques to approximation algorithms for SVP and CVP in ℓp norm (1≤p≤∞) and show that our algorithm has a running time of 22.001n+o(n), while previous algorithms have a time complexity of 23.169n+o(n).

Efficient Implementations of Sieving and Enumeration Algorithms for Lattice-Based Cryptography

The security of lattice-based cryptosystems is based on solving hard lattice problems such as the shortest vector problem (SVP) and the closest vector problem (CVP). Various cryptanalysis algorithms such as (Pro)GaussSieve, HashSieve, ENUM, and BKZ have been proposed to solve these hard problems. Several implementations of these algorithms have been developed. On the other hand, the implementations of these algorithms are expected to be efficient in terms of run time and memory space. In this paper, a modular software package/library containing efficient implementations of GaussSieve, ProGaussSieve, HashSieve, and BKZ algorithms is developed. These implementations are considered efficient in terms of run time. While constructing this software library, some modifications to the algorithms are made to increase the performance. Then, the run times of these implementations are compared with the others. According to the experimental results, the proposed GaussSieve, ProGaussSieve, and HashSieve implementations are at least 70%, 75%, and 49% more efficient than previous ones, respectively.

Parameterized Intractability of Even Set and Shortest Vector Problem

The -Even Set problem is a parameterized variant of the Minimum Distance Problem of linear codes over , which can be stated as follows: given a generator matrix and an integer , determine whether the code generated by has distance at most , or, in other words, whether there is a nonzero vector such that has at most nonzero coordinates. The question of whether -Even Set is fixed parameter tractable (FPT) parameterized by the distance has been repeatedly raised in the literature; in fact, it is one of the few remaining open questions from the seminal book of Downey and Fellows [1999]. In this work, we show that -Even Set is W [1]-hard under randomized reductions. We also consider the parameterized -Shortest Vector Problem (SVP) , in which we are given a lattice whose basis vectors are integral and an integer , and the goal is to determine whether the norm of the shortest vector (in the norm for some fixed ) is at most . Similar to -Even Set, understanding the complexity of this problem is also a long-standing open question in the field of Parameterized Complexity. We show that, for any , -SVP is W [1]-hard to approximate (under randomized reductions) to some constant factor.

Three Strategies for Improving Shortest Vector Enumeration Using GPUs

Hard Lattice problems are assumed to be one of the most promising problems for generating cryptosystems that are secure in quantum computing. The shortest vector problem (SVP) is one of the most famous lattice problems. In this paper, we present three improvements on GPU-based parallel algorithms for solving SVP using the classical enumeration and pruned enumeration. There are two improvements for preprocessing: we use a combination of randomization and the Gaussian heuristic to expect a better basis that leads rapidly to a shortest vector and we expect the level on which the exchanging data between CPU and GPU is optimized. In the third improvement, we improve GPU-based implementation by generating some points in GPU rather than in CPU. We used NVIDIA GeForce GPUs of type GTX 1060 6G. We achieved a significant improvement upon Hermans’s improvement. The improvements speed up the pruned enumeration by a factor of almost 2.5 using a single GPU. Additionally, we provided an implementation for multi-GPUs by using two GPUs. The results showed that our algorithm of enumeration is scalable since the speedups achieved using two GPUs are almost faster than Hermans’s improvement by a factor of almost 5. The improvements also provided a high speedup for the classical enumeration. The speedup achieved using our improvements and two GPUs on a challenge of dimension 60 is almost faster by factor 2 than Correia’s parallel implementation using a dual-socket machine with 16 physical cores and simultaneous multithreading technology.

Directional radiation properties of two impedance monopoles mounted on a perfectly conducting rectangular screen

Subject and Purpose. Two impedance resonant monopoles of electric length 0.2 £ l / l £ 0.3 are mounted on a rectangular screen perpendicularly to the screen surface and studied for the directional radiation properties (directive gain and radiation patterns) depending on the monopole separation and the side length and aspect ratio of the screen. Methods and Methodology. A three-dimensional diffraction vector problem of two impedance monopoles mounted on a perfectly conducting rectangular screen is solved in terms of the uniform geometric theory of diffraction. Allowances are made for the diffracted field asymptotics of the secondary diffraction at the screen edges and for the electric current distribution asymptotics of a thin impedance dipole in the free space. Results. For a lattice of two impedance monopoles mounted on a rectangular screen, 3-D programs have been developed for calculating its radiation patterns, directive gain Dmax at a radiation maximum, and radiation resistance in view of the secondary diffraction at the screen edges. The radiation pattern shaping for the diffraction and total fields and the directive gain Dmax have been analyzed depending on the monopole separation x / l  0.1...1, the screen side length x / l  1.2…4, and the screen aspect ratio W / L  0.5…3. It has been shown that the so obtained optimum separation x opt  0.65, optimum length Lopt and optimum ratio (W / L) opt make Dopt three times greater than the lowest Dmax value. Conclusions. The three-dimensional vector problem of field diffraction of two impedance monopoles mounted on an ideally conducting rectangular screen has been solved. It is of interest that given an optimum monopole separation xopt and an optimum side length Lopt of the square screen, a lattice of two monopoles offers a greater radiation resistance and a two times larger Dopt than a single monopole on the same screen does. The developed computational programs and the obtained numerical results enable efficient actual wireless communication systems to be modelled for both ideally conducting and impedance resonant monopoles.