Towards Faster Polynomial-Time Lattice Reduction

The lll algorithm is a polynomial-time for reducing d-dimensional lattice with exponential approximation factor. Currently, the most efficient variant of lll, by Neumaier and Stehlé, has theoretical running time in $$d^4\cdot B^{1+o\left( 1\right) }$$ where B bitlength entries, but never been implemented. This work introduces new asymptotically fast, parallel, yet heuristic, reduction algorithms their optimized implementations. Our are recursive fully exploit fast matrix multiplication. We experimentally demonstrate that carefully controlling floating-point precision during recursion steps, we can reduce euclidean lattices rank d $$\tilde{O}(d^\omega \cdot C)$$ , i.e., almost constant number multiplications, $$\omega $$ exponent multiplication C log condition matrix. For cryptographic applications, close to B, while it be up times larger worst case. It improves running-time state-of-the-art implementation fplll multiplicative factor order $$d^2\cdot B$$ . Further, show structured lattices, so-called knapsack $$\tilde{O}(d^{\omega -1}\cdot progressive strategy. Besides allowing huge our break several instances Fully Homomorphic Encryption schemes based on large integers dimension 2,230 4 millions bits.