Solving the shortest vector problem in 2 n time using discrete gaussian sampling: Extended abstract, Proceedings of 47th ACM STOC, pp.733-742, 2015. ,
Generating hard instances of lattice problems, Proc. 28th ACM STOC, pp.99-108, 1996. ,
A sieve algorithm for the shortest lattice vector problem, Proc. of 33rd STOC, pp.601-610, 2001. ,
Messages on the NIST pqc mailing-list in May, 2018. ,
Estimate all the LWE, NTRU schemes! Posted on the pqc-forum on, 2018. ,
New records for lattice SVP challenges, 2018. ,
Revisiting TESLA in the quantum random oracle model, Proc. PQCrypto, vol.10346, pp.143-162, 2017. ,
Post-quantum key exchange-A new hope, Proc. 25th USENIX, pp.327-343, 2016. ,
Quantum algorithm for tree size estimation, with applications to backtracking and 2-player games, Proc. STOC '17, 2017. ,
Random sampling revisited: Lattice enumeration with discrete pruning, Advances in cryptology-EUROCRYPT 2017 Part II, vol.10211, pp.65-102, 2017. ,
URL : https://hal.archives-ouvertes.fr/hal-01502051
Lower bounds on lattice enumeration with extreme pruning, Proc. of 38th CRYPTO, Part II, vol.10992, 2018. ,
URL : https://hal.archives-ouvertes.fr/hal-01845023
Improved progressive BKZ algorithms and their precise cost estimation by sharp simulator, IACR Cryptology ePrint Archive, p.146, 2016. ,
On Lovász' lattice reduction and the nearest lattice point problem, Proc. STACS'85, vol.182, pp.13-20, 1985. ,
New directions in nearest neighbor searching with applications to lattice sieving, Proc. 27th ACM-SIAM Symposium on Discrete Algorithms (SODA), pp.10-24, 2016. ,
URL : https://hal.archives-ouvertes.fr/hal-02177623
Time/space trade-offs for reversible computation, SIAM J. Comput, vol.18, issue.4, pp.766-776, 1989. ,
,
Creating cryptographic challenges using multi-party computation: The lwe challenge, Proceedings of the 3rd ACM AsiaPKC, pp.11-20, 2016. ,
Réduction de réseau et sécurité concrète du chiffrementcompì etement homomorphe, 2013. ,
BKZ 2.0: better lattice security estimates, Proc. ASIACRYPT, vol.7073, pp.1-20, 2011. ,
URL : https://hal.archives-ouvertes.fr/hal-01109961
The whole is less than the sum of its parts: Constructing more efficient lattice-based AKEs, Proc. SCN 2016, vol.9841, pp.273-291, 2016. ,
URL : https://hal.archives-ouvertes.fr/hal-01378005
An accelerated algorithm for solving SVP based on statistical analysis, JIP, vol.23, issue.1, pp.67-80, 2015. ,
Predicting Lattice Reduction, Proc. of Eurocrypt'08, pp.31-51, 2008. ,
DOI : 10.1007/978-3-540-78967-3_3
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-78967-3_3.pdf
Lattice enumeration using extreme pruning, EUROCRYPT 2010, vol.6110, 2010. ,
DOI : 10.1007/978-3-642-13190-5_13
URL : https://hal.archives-ouvertes.fr/hal-01083526
Public-key cryptosystems from lattice reduction problems, Proc. CRYPTO, vol.1294, pp.112-131, 1997. ,
DOI : 10.1007/bfb0052231
URL : https://link.springer.com/content/pdf/10.1007%2FBFb0052231.pdf
Ntru-hrss-kem: Algorithm specifications and supporting documentation. NIST submission ,
Improved algorithms for integer programming and related lattice problems, Proc. 15th ACM STOC, pp.193-206, 1983. ,
DOI : 10.1145/800061.808749
Sieving for shortest vectors in lattices using angular locality-sensitive hashing, Proc. CRYPTO 2015-Part I, vol.9215, 2015. ,
DOI : 10.1007/978-3-662-47989-6_1
URL : http://eprint.iacr.org/2014/744.pdf
Finding shortest lattice vectors faster using quantum search, Des. Codes Cryptography, vol.77, issue.2-3, pp.375-400, 2015. ,
DOI : 10.1007/s10623-015-0067-5
URL : http://doi.org/10.1007/s10623-015-0067-5
Better key sizes (and attacks) for lwe-based encryption, CT-RSA, vol.6558, pp.319-339, 2011. ,
DOI : 10.1007/978-3-642-19074-2_21
URL : http://www.cc.gatech.edu/~cpeikert/pubs/lwe-analysis.pdf
,
Solving BDD by enumeration: An update, Topics in Cryptology-Proc. CT-RSA 2013, vol.7779, 2013. ,
DOI : 10.1007/978-3-642-36095-4_19
URL : https://hal.archives-ouvertes.fr/hal-00864361
A faster lattice reduction method using quantum search, Proceedings, volume 2906 of LNCS, pp.199-208, 2003. ,
DOI : 10.1007/978-3-540-24587-2_22
A deterministic single exponential time algorithm for most lattice problems based on Voronoi cell computations, Proc. 42nd ACM Symp. on Theory of Computing (STOC), 2010. ,
DOI : 10.1137/100811970
Faster exponential time algorithms for the shortest vector problem, Proc. ACM-SIAM SODA, pp.1468-1480, 2010. ,
DOI : 10.1137/1.9781611973075.119
URL : https://epubs.siam.org/doi/pdf/10.1137/1.9781611973075.119
Quantum walk speedup of backtracking algorithms, 2015. ,
The insecurity of the digital signature algorithm with partially known nonces, J. Cryptology, vol.15, issue.3, pp.151-176, 2002. ,
Sieve algorithms for the shortest vector problem are practical, J. of Mathematical Cryptology, vol.2, issue.2, pp.181-207, 2008. ,
DOI : 10.1515/jmc.2008.009
, Round 1 submissions for post-quantum cryptography standardization
On the computation of lattice vectors of minimal length, successive minima and reduced bases with applications, SIGSAM Bull, vol.15, issue.1, pp.37-44, 1981. ,
On lattices, learning with errors, random linear codes, and cryptography, Proc. 37th ACM STOC, pp.84-93, 2005. ,
DOI : 10.1145/1568318.1568324
, SVP challenge. Available at
Lattice reduction by random sampling and birthday methods, Proc. STACS, vol.2607, pp.145-156, 2003. ,
Lattice basis reduction: improved practical algorithms and solving subset sum problems, Math. Programming, vol.66, pp.181-199, 1994. ,
Attacking the Chor-Rivest cryptosystem by improved lattice reduction, Proc. of Eurocrypt '95, vol.921, p.44, 1995. ,
Second order statistical behavior of LLL and BKZ, Proc. SAC 2017, pp.3-22, 2017. ,