|
Korkine–Zolotarev Lattice Basis Reduction Algorithm
The Korkine–Zolotarev (KZ) lattice basis reduction algorithm or Hermite-Korkine–Zolotarev (HKZ) algorithm is a lattice reduction algorithm. For lattices in \mathbb^n it yields a lattice basis with orthogonality defect at most n^n, unlike the 2^ bound of the LLL reduction. KZ has exponential complexity versus the polynomial complexity of the LLL reduction algorithm, however it may still be preferred for solving sequences of Closest Vector Problems (CVPs) in a lattice, where it can be more efficient. History The definition of a KZ-reduced basis was given by A. Korkine and G. Zolotareff in 1877, a strengthened version of Hermite reduction. The first algorithm for constructing a KZ-reduced basis was given in 1983 by Kannan. The Block Korkine-Zolotarev (BKZ) algorithm was introduced in 1987. Definition A KZ-reduced basis for a lattice is defined as follows:Micciancio & Goldwasser, p.133, definition 7.8 Given a basis :\mathbf=\, define its Gram–Schmidt process In mathe ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Lattice Reduction
In mathematics, the goal of lattice basis reduction is to find a basis with short, nearly orthogonal vectors when given an integer lattice basis as input. This is realized using different algorithms, whose running time is usually at least exponential in the dimension of the lattice. Nearly orthogonal One measure of ''nearly orthogonal'' is the orthogonality defect. This compares the product of the lengths of the basis vectors with the volume of the parallelepiped they define. For perfectly orthogonal basis vectors, these quantities would be the same. Any particular basis of n vectors may be represented by a matrix B, whose columns are the basis vectors b_i, i = 1, \ldots, n. In the fully dimensional case where the number of basis vectors is equal to the dimension of the space they occupy, this matrix is square, and the volume of the fundamental parallelepiped is simply the absolute value of the determinant of this matrix \det(B). If the number of vectors is less than the dimension ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Algorithm
In mathematics and computer science, an algorithm () is a finite sequence of rigorous instructions, typically used to solve a class of specific Computational problem, problems or to perform a computation. Algorithms are used as specifications for performing calculations and data processing. More advanced algorithms can perform automated deductions (referred to as automated reasoning) and use mathematical and logical tests to divert the code execution through various routes (referred to as automated decision-making). Using human characteristics as descriptors of machines in metaphorical ways was already practiced by Alan Turing with terms such as "memory", "search" and "stimulus". In contrast, a Heuristic (computer science), heuristic is an approach to problem solving that may not be fully specified or may not guarantee correct or optimal results, especially in problem domains where there is no well-defined correct or optimal result. As an effective method, an algorithm ca ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Lenstra–Lenstra–Lovász Lattice Basis Reduction Algorithm
The Lenstra–Lenstra–Lovász (LLL) lattice basis reduction algorithm is a polynomial time lattice reduction algorithm invented by Arjen Lenstra, Hendrik Lenstra and László Lovász in 1982. Given a basis \mathbf = \ with ''n''-dimensional integer coordinates, for a lattice L (a discrete subgroup of R''n'') with d \leq n , the LLL algorithm calculates an ''LLL-reduced'' (short, nearly orthogonal) lattice basis in time \mathcal O(d^5n\log^3 B) where B is the largest length of \mathbf_i under the Euclidean norm, that is, B = \max\left(\, \mathbf_1\, _2, \, \mathbf_2\, _2, \dots, \, \mathbf_d\, _2\right). The original applications were to give polynomial-time algorithms for factorizing polynomials with rational coefficients, for finding simultaneous rational approximations to real numbers, and for solving the integer linear programming problem in fixed dimensions. LLL reduction The precise definition of LLL-reduced is as follows: Given a basis \mathbf=\, define its Gram–Sc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Lattice Problem
In computer science, lattice problems are a class of Mathematical optimization, optimization problems related to mathematical objects called Lattice (group), lattices. The conjectured intractability of such problems is central to the construction of secure Lattice-based cryptography, lattice-based cryptosystems: Lattice problems are an example of NP-hardness, NP-hard problems which have been shown to be Computational hardness assumption, average-case hard, providing a test case for the security of cryptographic algorithms. In addition, some lattice problems which are worst-case hard can be used as a basis for extremely secure cryptographic schemes. The use of worst-case hardness in such schemes makes them among the very few schemes that are very likely secure even against quantum computers. For applications in such cryptosystems, lattices over vector space (often \mathbb^n) or free modules (often \mathbb^n) are generally considered. For all the problems below, assume that we are g ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Basis (linear Algebra)
In mathematics, a set of vectors in a vector space is called a basis if every element of may be written in a unique way as a finite linear combination of elements of . The coefficients of this linear combination are referred to as components or coordinates of the vector with respect to . The elements of a basis are called . Equivalently, a set is a basis if its elements are linearly independent and every element of is a linear combination of elements of . In other words, a basis is a linearly independent spanning set. A vector space can have several bases; however all the bases have the same number of elements, called the ''dimension'' of the vector space. This article deals mainly with finite-dimensional vector spaces. However, many of the principles are also valid for infinite-dimensional vector spaces. Definition A basis of a vector space over a field (such as the real numbers or the complex numbers ) is a linearly independent subset of that spans . This me ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Gram–Schmidt Process
In mathematics, particularly linear algebra and numerical analysis, the Gram–Schmidt process is a method for orthonormalizing a set of vectors in an inner product space, most commonly the Euclidean space equipped with the standard inner product. The Gram–Schmidt process takes a finite, linearly independent set of vectors for and generates an orthogonal set that spans the same ''k''-dimensional subspace of R''n'' as ''S''. The method is named after Jørgen Pedersen Gram and Erhard Schmidt, but Pierre-Simon Laplace had been familiar with it before Gram and Schmidt. In the theory of Lie group decompositions it is generalized by the Iwasawa decomposition. The application of the Gram–Schmidt process to the column vectors of a full column rank matrix yields the QR decomposition (it is decomposed into an orthogonal and a triangular matrix). The Gram–Schmidt process We define the projection operator by \operatorname_ (\mathbf) = \frac , where \langle \mathbf, \mat ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Theory Of Cryptography
A theory is a rational type of abstract thinking about a phenomenon, or the results of such thinking. The process of contemplative and rational thinking is often associated with such processes as observational study or research. Theories may be scientific, belong to a non-scientific discipline, or no discipline at all. Depending on the context, a theory's assertions might, for example, include generalized explanations of how nature works. The word has its roots in ancient Greek, but in modern use it has taken on several related meanings. In modern science, the term "theory" refers to scientific theories, a well-confirmed type of explanation of nature, made in a way consistent with the scientific method, and fulfilling the criteria required by modern science. Such theories are described in such a way that scientific tests should be able to provide empirical support for it, or empirical contradiction ("falsify") of it. Scientific theories are the most reliable, rigorous, and compre ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computational Number Theory
In mathematics and computer science, computational number theory, also known as algorithmic number theory, is the study of computational methods for investigating and solving problems in number theory and arithmetic geometry, including algorithms for primality testing and integer factorization, finding solutions to diophantine equations, and explicit methods in arithmetic geometry. Computational number theory has applications to cryptography, including RSA, elliptic curve cryptography and post-quantum cryptography, and is used to investigate conjectures and open problems in number theory, including the Riemann hypothesis, the Birch and Swinnerton-Dyer conjecture, the ABC conjecture, the modularity conjecture, the Sato-Tate conjecture, and explicit aspects of the Langlands program. Software packages * Magma computer algebra system * SageMath * Number Theory Library * PARI/GP * Fast Library for Number Theory Further reading * * * * * * * * * * * References ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
