Skip to Main content Skip to Navigation
New interface
Conference papers

Improved Analysis of Kannan's Shortest Lattice Vector Algorithm

Guillaume Hanrot 1 Damien Stehlé 2 
1 CACAO - Curves, Algebra, Computer Arithmetic, and so On
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
2 ARENAIRE - Computer arithmetic
Inria Grenoble - Rhône-Alpes, LIP - Laboratoire de l'Informatique du Parallélisme
Abstract : The security of lattice-based cryptosystems such as NTRU, GGH and Ajtai-Dwork essentially relies upon the intractability of computing a shortest non-zero lattice vector and a closest lattice vector to a given target vector in high dimensions. The best algorithms for these tasks are due to Kannan, and, though remarkably simple, their complexity estimates have not been improved since more than twenty years. Kannan's algorithm for solving the shortest vector problem is in particular crucial in Schnorr's celebrated block reduction algorithm, on which are based the best known attacks against the lattice-based encryption schemes mentioned above. Understanding precisely Kannan's algorithm is of prime importance for providing meaningful key-sizes. In this paper we improve the complexity analyses of Kannan's algorithms and discuss the possibility of improving the underlying enumeration strategy.
Complete list of metadata

Cited literature [27 references]  Display  Hide  Download
Contributor : Rapport De Recherche Inria Connect in order to contact the contributor
Submitted on : Wednesday, May 9, 2007 - 5:32:32 PM
Last modification on : Tuesday, October 25, 2022 - 4:24:39 PM
Long-term archiving on: : Tuesday, September 21, 2010 - 1:40:35 PM


Files produced by the author(s)



Guillaume Hanrot, Damien Stehlé. Improved Analysis of Kannan's Shortest Lattice Vector Algorithm. Advances in Cryptology - Crypto'07, Aug 2007, Santa Barbara, United States. pp.170-186, ⟨10.1007/978-3-540-74143-5_10⟩. ⟨inria-00145049v2⟩



Record views


Files downloads