—The LLL algorithm is strong algorithm that de-crypts the additional type Knapsack cryptosystem. However, the LLL algorithm is not applicable in the addition in the group that rational points of elliptic curves on finite fields do. Therefore, we think the Knapsack cryptosystem constructed on elliptic curves. By using the pairing for the decryption, it is shown to be able to make the computation...

In [6] Zassenhaus gave an algorithm for factoring polynomials f ∈ Q[x]. In this algorithm one has to solve a combinatorial problem of size r, where r is the number of local factors of f at some suitably chosen prime p. This combinatorial problem consists of selecting the right subsets of the set of local factors. In the worst case, the algorithm [6] ends up trying 2r−1 such subsets (if a subset...

In this paper, we give an attack against a public key cryptosystem based on Diophantine equations of degree increasing type (DEC) proposed by the third author ([Oku15]). We show that the security of DEC depends on the difficulty of finding special (relatively) short vectors in some lattices obtained from a public key and a ciphertext. The most important target vector in our attack is not necess...

The Lovász Local Lemma (LLL) is a cornerstone principle in the probabilistic method of combinatorics, and a seminal algorithm of Moser & Tardos (2010) provided an efficient randomized algorithm to implement it. This algorithm could be parallelized to give an algorithm that uses polynomially many processors and O(log n) time, stemming from O(log n) adaptive computations of a maximal independent ...

Coppersmith described at Eurocrypt 96 a polynomial-time algorithm for finding small roots of univariate modular equations, based on lattice reduction. In this paper we describe the first improvement of the asymptotic complexity of Coppersmith’s algorithm. Our method consists in taking advantage of Coppersmith’s matrix structure, in order to apply LLL algorithm on a matrix whose elements are sma...

The Lenstra-Lenstra-Lovasz (LLL) reduction has wide applications in digital communications. It can greatly improve the speed of the sphere decoding (SD) algorithms for solving an integer least squares (ILS) problem and the performance of the Babai integer point, a suboptimal solution to the ILS problem. Recently Ling and Howgrave-Graham proposed the so-called effective LLL (ELLL) reduction. It ...

Lattice reduction (LR) aided multiple-inputmultiple-out (MIMO) linear detection can achieve the maximum receive diversity of the maximum likelihood detection (MLD). By emloying the most commonly used Lenstra, Lenstra, and L. Lov ́asz (LLL) algorithm, an equivalent channel matrix which is shorter and nearly orthogonal is obtained. And thus the noise enhancement is greatly reduced by employing the...

The text-book LLL algorithm can be sped up considerably by replacing the underlying rational arithmetic used for the Gram-Schmidt orthogonalisation by floating-point approximations. We review how this modification has been and is currently implemented, both in theory and in practice. Using floating-point approximations seems to be natural for LLL even from the theoretical point of view: it is t...

In this paper, we consider the open problem of the complexity of the LLL algorithm in the case when the approximation parameter t of the algorithm has its extreme value 1. This case is of interest because the output is then the strongest Lovász–reduced basis. Experiments reported by Lagarias and Odlyzko [LO83] seem to show that the algorithm remain polynomial in average. However no bound better...