ABSTRACT

Lattice-based cryptanalysis uses lattice reduction algorithms in order to discover short linear relations between integer vectors that give a useful insight into various cryptographic systems. They can roughly be classified into two main classes: direct attacks, where the cryptanalytic problem at hand can directly be expressed as a lattice reduction problem and Coppersmith’s based attacks, which rely on several algorithms which can recover small roots of polynomial systems of equations using lattice reduction.

Registered in England & Wales No. 3099067
5 Howick Place | London | SW1P 1WG© 2024 Informa UK Limited