Improved Analysis of Kannan's Shortest Lattice Vector Algorithm (0705.0965v2)

Abstract: The security of lattice-based cryptosystems such as NTRU, GGH and Ajtai-Dwork essentially relies upon the intractability of computing a shortest non-zero lattice vector and a closest lattice vector to a given target vector in high dimensions. The best algorithms for these tasks are due to Kannan, and, though remarkably simple, their complexity estimates have not been improved since more than twenty years. Kannan's algorithm for solving the shortest vector problem is in particular crucial in Schnorr's celebrated block reduction algorithm, on which are based the best known attacks against the lattice-based encryption schemes mentioned above. Understanding precisely Kannan's algorithm is of prime importance for providing meaningful key-sizes. In this paper we improve the complexity analyses of Kannan's algorithms and discuss the possibility of improving the underlying enumeration strategy.

• The paper provides improved complexity estimates for Kannan’s algorithm, refining its role in solving the shortest lattice vector problem.
• It examines enhancements to the enumeration strategy, potentially boosting the efficiency of cryptographic computations.
• This work offers actionable insights for determining secure key sizes in lattice-based systems and inspires further algorithmic research.

The paper "Improved Analysis of Kannan's Shortest Lattice Vector Algorithm" (0705.0965), published in May 2007, provides an in-depth examination and enhancement of the complexity analyses related to Kannan's algorithm for solving the shortest vector problem (SVP) in lattice-based cryptography.

Background and Importance

Lattice-based cryptosystems, such as NTRU, GGH, and Ajtai-Dwork, fundamentally rely on the hardness of problems like computing the shortest non-zero lattice vector and the closest lattice vector to a given target in high-dimensional spaces. The difficulty of these problems underpins the security of these cryptosystems, making precise and detailed analyses of the algorithms solving these problems essential for determining secure key sizes.

Contributions

1. Improved Complexity Analyses: The paper revisits Kannan's algorithm, which has long been recognized for its simplicity and effectiveness since its inception over two decades ago. It offers refined complexity estimates that hadn't seen advancements despite the algorithm's central role in lattice-based cryptography, particularly in Schnorr's block reduction algorithm. This block reduction algorithm is instrumental in the most effective attacks against lattice-based encryption schemes.
2. Enumeration Strategy: Besides improving the complexity analyses, the authors delve into possibilities for enhancing the underlying enumeration strategy used in Kannan's algorithm. By exploring these enhancements, the paper suggests pathways to potentially increase the efficiency of this critical cryptographic task.

Significance

The improved analysis provided in this paper is pivotal for the cryptographic community for several reasons:

• Key Size Determination: By offering a more precise understanding of Kannan's algorithm, the paper aids in making informed decisions about key sizes, which is essential for ensuring security without unnecessarily inflating the computational and storage overhead.
• Algorithmic Insights: The discussion on potential enhancements to the enumeration strategy opens avenues for future research to further optimize the algorithm, which could have significant implications for both theoretical and applied cryptography.

In summary, this paper makes substantial contributions to the field of lattice-based cryptography by refining the understanding of a crucial algorithm and suggesting potential improvements. These advancements help solidify the theoretical foundations required to ensure the robustness and efficiency of cryptographic schemes reliant on lattice hardness assumptions.