#### Filter Results:

#### Publication Year

1975

2014

#### Publication Type

#### Co-author

#### Key Phrase

#### Publication Venue

Learn More

We report on improved practical algorithms for lattice basis reduction. We propose a practical oating point v e r s i o n o f t h e L 3 {algorithm of Lenstra, Lenstra, Lovv asz (1982). We present a v ariant o f t h e L 3 { algorithm with \deep insertions" and a practical algorithm for block Korkin{Zolotarev reduction, a concept introduced by S c hnorr… (More)

The general subset sum problem is NP-complete. However, there are two algorithms, one due to Brickell and the other to Lagarias and Odlyzko, which in polynomial time solve almost all subset sum problems of suuciently low density. Both methods rely on basis reduction algorithms to nd short non-zero vectors in special lattices. The Lagarias-Odlyzko algorithm… (More)

Let Ai(L), Ai(L*) denote the successive minima of a lattice L and its reciprocal lattice L*, and let [bl,..., bn] be a basis of L that is reduced in the sense of Korkin and Zolotarev. We prove that [4/(/+ 3)]),i(L) 2 _< [bi[ 2 < [(i + 3)/4])~i(L) 2 and Ibil2An_i+l(L*) 2 <_ [(i + 3)/4][(n-i + 4)/417~ 2, where "y~ =-min(Tj : 1 < j _< n} and 7j denotes… (More)

We exploit the fact that the set of all polynomials Pε@@@@[x<subscrpt>1</subscrpt>,..,x<subscrpt>n</subscrpt>] of degree ≤d which can be evaluated with ≤v nonscalar steps can be embedded into a Zariski-closed affine set W(d,n,v),dim W(d,n,v)≤(v+1 +n)<supscrpt>2</supscrpt> and deg… (More)

We introduce algorithms for lattice basis reduction that are improvements of the famous L 3-algorithm. If a random L 3 {reduced lattice basis b1; : : : ; bn is given such that the vector of reduced Gram{ Schmidt coeecients (fi;jg 1 j < i n) is uniformly distributed in 0; 1) (n 2) , then the pruned enumeration nds with positive probability a shortest lattice… (More)

Assuming a cryptographically strong cyclic group G of prime order q and a random hash function H, we show that ElGamal encryption with an added Schnorr signature is secure against the adaptive chosen ciphertext attack, in which an attacker can freely use a decryption oracle except for the target ciphertext. We also prove security against the novel… (More)