Lattice Reductions over Euclidean Rings with Applications to Cryptanalysis

Abstract

Lattices over number fields arise from various fascinating applications in cryptography. In this paper, we present two algorithms that find a nice, short basis of lattices over arbitrary Euclidean domains. One of the algorithms finds a reduced basis of lattices over biquadratic Euclidean rings with overwhelming probability. We prove that its output is bounded by a constant that depends only on the lattices. The second algorithm applies to arbitrary norm-Euclidean domain. It is given without the proof of the output quality, nevertheless, we experimentally verify that the algorithm outputs a reasonably good basis and it conjecturally supports the quality of our algorithm. We also show that the proposed algorithms can be used in various cryptanalytic applications. As a concrete example, we discuss how our algorithm improves special-q descent step in tower number field sieve method, which is one of the best known algorithms to solve the discrete logarithm problem over finite fields.