, Solving the shortest vector problem in 2 n time using discrete gaussian sampling: Extended abstract, Proceedings of 47th ACM STOC, pp.733-742, 2015.
, Generating hard instances of lattice problems, Proc. 28th ACM STOC, pp.99-108, 1996.
, A sieve algorithm for the shortest lattice vector problem, Proc. of 33rd STOC, pp.601-610, 2001.
, Messages on the NIST pqc mailing-list in May, 2018.
, Estimate all the LWE, NTRU schemes! Posted on the pqc-forum on, 2018.
, New records for lattice SVP challenges, 2018.
, Revisiting TESLA in the quantum random oracle model, Proc. PQCrypto, vol.10346, pp.143-162, 2017.
, Post-quantum key exchange-A new hope, Proc. 25th USENIX, pp.327-343, 2016.
, Quantum algorithm for tree size estimation, with applications to backtracking and 2-player games, Proc. STOC '17, 2017.
, Random sampling revisited: Lattice enumeration with discrete pruning, Advances in cryptology-EUROCRYPT 2017 Part II, vol.10211, pp.65-102, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01502051
, Lower bounds on lattice enumeration with extreme pruning, Proc. of 38th CRYPTO, Part II, vol.10992, 2018.
URL : https://hal.archives-ouvertes.fr/hal-01845023
, Improved progressive BKZ algorithms and their precise cost estimation by sharp simulator, IACR Cryptology ePrint Archive, p.146, 2016.
, On Lovász' lattice reduction and the nearest lattice point problem, Proc. STACS'85, vol.182, pp.13-20, 1985.
, New directions in nearest neighbor searching with applications to lattice sieving, Proc. 27th ACM-SIAM Symposium on Discrete Algorithms (SODA), pp.10-24, 2016.
URL : https://hal.archives-ouvertes.fr/hal-02177623
, Time/space trade-offs for reversible computation, SIAM J. Comput, vol.18, issue.4, pp.766-776, 1989.
,
, Creating cryptographic challenges using multi-party computation: The lwe challenge, Proceedings of the 3rd ACM AsiaPKC, pp.11-20, 2016.
, Réduction de réseau et sécurité concrète du chiffrementcompì etement homomorphe, 2013.
, BKZ 2.0: better lattice security estimates, Proc. ASIACRYPT, vol.7073, pp.1-20, 2011.
URL : https://hal.archives-ouvertes.fr/hal-01109961
, The whole is less than the sum of its parts: Constructing more efficient lattice-based AKEs, Proc. SCN 2016, vol.9841, pp.273-291, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01378005
, An accelerated algorithm for solving SVP based on statistical analysis, JIP, vol.23, issue.1, pp.67-80, 2015.
, Predicting Lattice Reduction, Proc. of Eurocrypt'08, pp.31-51, 2008.
DOI : 10.1007/978-3-540-78967-3_3
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-78967-3_3.pdf
, Lattice enumeration using extreme pruning, EUROCRYPT 2010, vol.6110, 2010.
DOI : 10.1007/978-3-642-13190-5_13
URL : https://hal.archives-ouvertes.fr/hal-01083526
, Public-key cryptosystems from lattice reduction problems, Proc. CRYPTO, vol.1294, pp.112-131, 1997.
DOI : 10.1007/bfb0052231
URL : https://link.springer.com/content/pdf/10.1007%2FBFb0052231.pdf
, Ntru-hrss-kem: Algorithm specifications and supporting documentation. NIST submission
, Improved algorithms for integer programming and related lattice problems, Proc. 15th ACM STOC, pp.193-206, 1983.
DOI : 10.1145/800061.808749
, Sieving for shortest vectors in lattices using angular locality-sensitive hashing, Proc. CRYPTO 2015-Part I, vol.9215, 2015.
DOI : 10.1007/978-3-662-47989-6_1
URL : http://eprint.iacr.org/2014/744.pdf
, Finding shortest lattice vectors faster using quantum search, Des. Codes Cryptography, vol.77, issue.2-3, pp.375-400, 2015.
DOI : 10.1007/s10623-015-0067-5
URL : http://doi.org/10.1007/s10623-015-0067-5
, Better key sizes (and attacks) for lwe-based encryption, CT-RSA, vol.6558, pp.319-339, 2011.
DOI : 10.1007/978-3-642-19074-2_21
URL : http://www.cc.gatech.edu/~cpeikert/pubs/lwe-analysis.pdf
,
, Solving BDD by enumeration: An update, Topics in Cryptology-Proc. CT-RSA 2013, vol.7779, 2013.
DOI : 10.1007/978-3-642-36095-4_19
URL : https://hal.archives-ouvertes.fr/hal-00864361
, A faster lattice reduction method using quantum search, Proceedings, volume 2906 of LNCS, pp.199-208, 2003.
DOI : 10.1007/978-3-540-24587-2_22
, A deterministic single exponential time algorithm for most lattice problems based on Voronoi cell computations, Proc. 42nd ACM Symp. on Theory of Computing (STOC), 2010.
DOI : 10.1137/100811970
, Faster exponential time algorithms for the shortest vector problem, Proc. ACM-SIAM SODA, pp.1468-1480, 2010.
DOI : 10.1137/1.9781611973075.119
URL : https://epubs.siam.org/doi/pdf/10.1137/1.9781611973075.119
, Quantum walk speedup of backtracking algorithms, 2015.
, The insecurity of the digital signature algorithm with partially known nonces, J. Cryptology, vol.15, issue.3, pp.151-176, 2002.
, Sieve algorithms for the shortest vector problem are practical, J. of Mathematical Cryptology, vol.2, issue.2, pp.181-207, 2008.
DOI : 10.1515/jmc.2008.009
, Round 1 submissions for post-quantum cryptography standardization
, On the computation of lattice vectors of minimal length, successive minima and reduced bases with applications, SIGSAM Bull, vol.15, issue.1, pp.37-44, 1981.
, On lattices, learning with errors, random linear codes, and cryptography, Proc. 37th ACM STOC, pp.84-93, 2005.
DOI : 10.1145/1568318.1568324
, SVP challenge. Available at
, Lattice reduction by random sampling and birthday methods, Proc. STACS, vol.2607, pp.145-156, 2003.
, Lattice basis reduction: improved practical algorithms and solving subset sum problems, Math. Programming, vol.66, pp.181-199, 1994.
, Attacking the Chor-Rivest cryptosystem by improved lattice reduction, Proc. of Eurocrypt '95, vol.921, p.44, 1995.
, Second order statistical behavior of LLL and BKZ, Proc. SAC 2017, pp.3-22, 2017.