Quantum Lattice Enumeration and Tweaking Discrete Pruning

Aono, Yoshinori; Nguyêñ, Phong Q.; Shen, Yixin

doi:10.1007/978-3-030-03326-2_14

Cited by 25 publications

(28 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…) can be increased up to after each round by (lines 24,25). The rounds of this step continue the evolutionary search (a Genetic Algorithm) until the termination criteria (line 10) be satisfied and break the loop of the generations.…”

Section: Notementioning

confidence: 99%

A Parallel Evolutionary Search for Shortest Vector Problem

Moghissi¹,

Payandeh²

2019

IJITCS

View full text Add to dashboard Cite

The hardness assumption of approximate shortest vector problem (SVP) within the polynomial factor in polynomial time reduced to the security of many lattice-based cryptographic primitives, so solving this problem, breaks these primitives. In this paper, we investigate the suitability of combining the best techniques in general search/optimization, lattice theory and parallelization technologies for solving the SVP into a single algorithm. Our proposed algorithm repeats three steps in a loop: an evolutionary search (a parallelized Genetic Algorithm), brute-force of tiny full enumeration (in role of too much local searches with random start points over the lattice vectors) and a single main enumeration. The test results showed that our proposed algorithm is better than LLL reduction and may be worse than the BKZ variants (except some so small block sizes). The main drawback for these test results is the notsufficient tuning of various parameters for showing the potential strength of our contribution. Therefore, we count the entire main problems and weaknesses in our work for clearer and better results in further studies. Also it is proposed a pure model of Genetic Algorithm with more solid/stable design for SVP problem which can be inspired by future works.

show abstract

Section: Notementioning

confidence: 99%

A Parallel Evolutionary Search for Shortest Vector Problem

Moghissi¹,

Payandeh²

2019

IJITCS

View full text Add to dashboard Cite

show abstract

“…Over time, the practical hardness of SVP and CVP has been quite well studied, with two classes of algorithms emerging as the most competitive: enumeration [5,6,15,16,19,27], running in superexponential time 2 Θ(d log d) in the lattice dimension d (the main security parameter), using a negligible amount of space; and sieving [3,4,13,18,20,26,28], running in only exponential time 2 Θ(d) , but also requiring an amount of memory scaling as 2 Θ(d) . The best asymptotic time complexities for enumeration (d d/2e+o (d) for SVP, d d/2+o(d) for CVP [17]) and sieving ((3/2) d/2+o (d) for both SVP and CVP [7,21]) have remained unchanged since 2007 and 2016 respectively,¹ and recent work has mainly focused on decreasing second-order terms in the time and space complexities [4,5,13,16,22].…”

Section: Introductionmentioning

confidence: 99%

“…*Corresponding Author: Thijs Laarhoven: Eindhoven University of Technology, Eindhoven, The Netherlands; Email: mail@thijs.com 1 This statement concerns classical complexities; for quantum complexities, see e.g. [6,23]. algorithms for SVP/CVP [12,16,21], faster approximate-SVP algorithms for ideal lattices [30,39], and even faster isogeny-based cryptography [9], a better understanding of the hardness of CVPP is needed.…”

Section: Introductionmentioning

confidence: 99%

Approximate Voronoi cells for lattices, revisited

Laarhoven

2020

Journal of Mathematical Cryptology

View full text Add to dashboard Cite

We revisit the approximate Voronoi cells approach for solving the closest vector problem with preprocessing (CVPP) on high-dimensional lattices, and settle the open problem of Doulgerakis–Laarhoven–De Weger [PQCrypto, 2019] of determining exact asymptotics on the volume of these Voronoi cells under the Gaussian heuristic. As a result, we obtain improved upper bounds on the time complexity of the randomized iterative slicer when using less than $2^{0.076d + o(d)}$ memory, and we show how to obtain time–memory trade-offs even when using less than $2^{0.048d + o(d)}$ memory. We also settle the open problem of obtaining a continuous trade-off between the size of the advice and the query time complexity, as the time complexity with subexponential advice in our approach scales as $d^{d/2 + o(d)}$ matching worst-case enumeration bounds, and achieving the same asymptotic scaling as average-case enumeration algorithms for the closest vector problem.

show abstract

“…Quantum backtracking. In 2017, Ambainis and Kokainis [3] have dealt with Montanaro's algorithm in depth and in 2018, Aono, Nguyen and Shen [4] used these works to speed up the two most efficient forms of enumeration (a lattice algorithm) known. They claim that it affects the security estimates of several lattice-based submissions to the NIST post-quantum standardization process [8].…”

Section: Introductionmentioning

confidence: 99%

Practical Implementation of a Quantum Backtracking Algorithm

Martiel

Remaud

2020

SOFSEM 2020: Theory and Practice of Computer Science

View full text Add to dashboard Cite

In previous work, Montanaro presented a method to obtain quantum speedups for backtracking algorithms, a general meta-algorithm to solve constraint satisfaction problems (CSPs). In this work, we derive a space efficient implementation of this method. Assume that we want to solve a CSP with m constraints on n variables and that the union of the domains in which these variables take their value is of cardinality d. Then, we show that the implementation of Montanaro's backtracking algorithm can be done by using O(n log d) data qubits. We detail an implementation of the predicate associated to the CSP with an additional register of O(log m) qubits. We explicit our implementation for graph coloring and SAT problems, and present simulation results. Finally, we discuss the impact of the usage of static and dynamic variable ordering heuristics in the quantum setting.

show abstract

Quantum Lattice Enumeration and Tweaking Discrete Pruning

Cited by 25 publications

References 37 publications

A Parallel Evolutionary Search for Shortest Vector Problem

A Parallel Evolutionary Search for Shortest Vector Problem

Approximate Voronoi cells for lattices, revisited

Practical Implementation of a Quantum Backtracking Algorithm

Contact Info

Product

Resources

About