Solving the Shortest Vector Problem in Lattices Faster Using Quantum Search
Abstract
By applying Grover's quantum search algorithm to the lattice algorithms of Micciancio and Voulgaris, Nguyen and Vidick, Wang et al., and Pujol and Stehlé, we obtain improved asymptotic quantum results for solving the shortest vector problem. With quantum computers we can provably find a shortest vector in time $2^{1.799n + o(n)}$, improving upon the classical time complexity of $2^{2.465n + o(n)}$ of Pujol and Stehlé and the $2^{2n + o(n)}$ of Micciancio and Voulgaris, while heuristically we expect to find a shortest vector in time $2^{0.312n + o(n)}$, improving upon the classical time complexity of $2^{0.384n + o(n)}$ of Wang et al. These quantum complexities will be an important guide for the selection of parameters for post-quantum cryptosystems based on the hardness of the shortest vector problem.
- Publication:
-
arXiv e-prints
- Pub Date:
- January 2013
- DOI:
- 10.48550/arXiv.1301.6176
- arXiv:
- arXiv:1301.6176
- Bibcode:
- 2013arXiv1301.6176L
- Keywords:
-
- Computer Science - Cryptography and Security;
- Quantum Physics
- E-Print:
- 19 pages