Solving the shortest vector problem in 2n time via discrete Gaussian sampling

Divesh Aggarwal, Daniel Dadush, Oded Regev, Noah Stephens-Davidowitz

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We give a randomized 2n+o(n) -time and space algorithm for solving the Shortest Vector Problem (SVP) on n-dimensional Euclidean lattices. This improves on the previous fastest algorithm: the deterministic Õ(4n)-time and Õ(2n)-space algorithm of Micciancio and Voulgaris (STOC 2010, SIAM J. Comp.2013). In fact, we give a conceptually simple algorithm that solves the (in our opinion, even more interesting) problem of discrete Gaussian sampling (DGS). More specifically, we show how to sample 2n/2 vectors from the discrete Gaussian distribution at any parameter in 2n+o(n) time and space. (Prior work only solved DGS for very large parameters.) Our SVP result then follows from a natural reduction from SVP to DGS. In addition, we give a more refined algorithm for DGS above the so-called smoothing parameter of the lattice, which can generate 2n/2 discrete Gaussian samples in just 2n/2+o(n) time and space. Among other things, this implies a 2n/2+o(n) -time and space algorithm for 1.93-approximate decision SVP.

Original languageEnglish (US)
Title of host publicationSTOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing
PublisherAssociation for Computing Machinery
Pages733-742
Number of pages10
Volume14-17-June-2015
ISBN (Print)9781450335362
DOIs
StatePublished - Jun 14 2015
Event47th Annual ACM Symposium on Theory of Computing, STOC 2015 - Portland, United States
Duration: Jun 14 2015Jun 17 2015

Other

Other47th Annual ACM Symposium on Theory of Computing, STOC 2015
CountryUnited States
CityPortland
Period6/14/156/17/15

Fingerprint

Sampling
Gaussian distribution

Keywords

  • Discrete Gaussian
  • Lattices
  • Shortest Vector Problem

ASJC Scopus subject areas

  • Software

Cite this

Aggarwal, D., Dadush, D., Regev, O., & Stephens-Davidowitz, N. (2015). Solving the shortest vector problem in 2n time via discrete Gaussian sampling. In STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing (Vol. 14-17-June-2015, pp. 733-742). Association for Computing Machinery. https://doi.org/10.1145/2746539.2746606

Solving the shortest vector problem in 2n time via discrete Gaussian sampling. / Aggarwal, Divesh; Dadush, Daniel; Regev, Oded; Stephens-Davidowitz, Noah.

STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing. Vol. 14-17-June-2015 Association for Computing Machinery, 2015. p. 733-742.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Aggarwal, D, Dadush, D, Regev, O & Stephens-Davidowitz, N 2015, Solving the shortest vector problem in 2n time via discrete Gaussian sampling. in STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing. vol. 14-17-June-2015, Association for Computing Machinery, pp. 733-742, 47th Annual ACM Symposium on Theory of Computing, STOC 2015, Portland, United States, 6/14/15. https://doi.org/10.1145/2746539.2746606
Aggarwal D, Dadush D, Regev O, Stephens-Davidowitz N. Solving the shortest vector problem in 2n time via discrete Gaussian sampling. In STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing. Vol. 14-17-June-2015. Association for Computing Machinery. 2015. p. 733-742 https://doi.org/10.1145/2746539.2746606
Aggarwal, Divesh ; Dadush, Daniel ; Regev, Oded ; Stephens-Davidowitz, Noah. / Solving the shortest vector problem in 2n time via discrete Gaussian sampling. STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing. Vol. 14-17-June-2015 Association for Computing Machinery, 2015. pp. 733-742
@inproceedings{2a5817c25e174cf39cacd915e563d677,
title = "Solving the shortest vector problem in 2n time via discrete Gaussian sampling",
abstract = "We give a randomized 2n+o(n) -time and space algorithm for solving the Shortest Vector Problem (SVP) on n-dimensional Euclidean lattices. This improves on the previous fastest algorithm: the deterministic {\~O}(4n)-time and {\~O}(2n)-space algorithm of Micciancio and Voulgaris (STOC 2010, SIAM J. Comp.2013). In fact, we give a conceptually simple algorithm that solves the (in our opinion, even more interesting) problem of discrete Gaussian sampling (DGS). More specifically, we show how to sample 2n/2 vectors from the discrete Gaussian distribution at any parameter in 2n+o(n) time and space. (Prior work only solved DGS for very large parameters.) Our SVP result then follows from a natural reduction from SVP to DGS. In addition, we give a more refined algorithm for DGS above the so-called smoothing parameter of the lattice, which can generate 2n/2 discrete Gaussian samples in just 2n/2+o(n) time and space. Among other things, this implies a 2n/2+o(n) -time and space algorithm for 1.93-approximate decision SVP.",
keywords = "Discrete Gaussian, Lattices, Shortest Vector Problem",
author = "Divesh Aggarwal and Daniel Dadush and Oded Regev and Noah Stephens-Davidowitz",
year = "2015",
month = "6",
day = "14",
doi = "10.1145/2746539.2746606",
language = "English (US)",
isbn = "9781450335362",
volume = "14-17-June-2015",
pages = "733--742",
booktitle = "STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing",
publisher = "Association for Computing Machinery",

}

TY - GEN

T1 - Solving the shortest vector problem in 2n time via discrete Gaussian sampling

AU - Aggarwal, Divesh

AU - Dadush, Daniel

AU - Regev, Oded

AU - Stephens-Davidowitz, Noah

PY - 2015/6/14

Y1 - 2015/6/14

N2 - We give a randomized 2n+o(n) -time and space algorithm for solving the Shortest Vector Problem (SVP) on n-dimensional Euclidean lattices. This improves on the previous fastest algorithm: the deterministic Õ(4n)-time and Õ(2n)-space algorithm of Micciancio and Voulgaris (STOC 2010, SIAM J. Comp.2013). In fact, we give a conceptually simple algorithm that solves the (in our opinion, even more interesting) problem of discrete Gaussian sampling (DGS). More specifically, we show how to sample 2n/2 vectors from the discrete Gaussian distribution at any parameter in 2n+o(n) time and space. (Prior work only solved DGS for very large parameters.) Our SVP result then follows from a natural reduction from SVP to DGS. In addition, we give a more refined algorithm for DGS above the so-called smoothing parameter of the lattice, which can generate 2n/2 discrete Gaussian samples in just 2n/2+o(n) time and space. Among other things, this implies a 2n/2+o(n) -time and space algorithm for 1.93-approximate decision SVP.

AB - We give a randomized 2n+o(n) -time and space algorithm for solving the Shortest Vector Problem (SVP) on n-dimensional Euclidean lattices. This improves on the previous fastest algorithm: the deterministic Õ(4n)-time and Õ(2n)-space algorithm of Micciancio and Voulgaris (STOC 2010, SIAM J. Comp.2013). In fact, we give a conceptually simple algorithm that solves the (in our opinion, even more interesting) problem of discrete Gaussian sampling (DGS). More specifically, we show how to sample 2n/2 vectors from the discrete Gaussian distribution at any parameter in 2n+o(n) time and space. (Prior work only solved DGS for very large parameters.) Our SVP result then follows from a natural reduction from SVP to DGS. In addition, we give a more refined algorithm for DGS above the so-called smoothing parameter of the lattice, which can generate 2n/2 discrete Gaussian samples in just 2n/2+o(n) time and space. Among other things, this implies a 2n/2+o(n) -time and space algorithm for 1.93-approximate decision SVP.

KW - Discrete Gaussian

KW - Lattices

KW - Shortest Vector Problem

UR - http://www.scopus.com/inward/record.url?scp=84958771669&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84958771669&partnerID=8YFLogxK

U2 - 10.1145/2746539.2746606

DO - 10.1145/2746539.2746606

M3 - Conference contribution

AN - SCOPUS:84958771669

SN - 9781450335362

VL - 14-17-June-2015

SP - 733

EP - 742

BT - STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing

PB - Association for Computing Machinery

ER -