Parameter Estimation for Lattice-Based Cryptosystems By Using Sieving Algorithms

Akleylek S., SATILMIŞ H.

4th International Conference on Computer Science and Engineering (UBMK), Samsun, Turkey, 11 - 15 September 2019, pp.372-377 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Doi Number: 10.1109/ubmk.2019.8907018
  • City: Samsun
  • Country: Turkey
  • Page Numbers: pp.372-377
  • Keywords: sieving algorithms, lattice-based cryptography, SVP, parameter selection
  • Ondokuz Mayıs University Affiliated: Yes


The security of quantum resistant lattice-based cryptosystems mainly depend on the shortest vector problem (SVP) or the closest vector problem (CVP). In this paper, sieving algorithms such as ListSieve, GaussSieve, ProGaussSieve and HashSieve are discussed and compared in terms of their complexity and capabilities. The algorithm of Becker et al., used in LIVE-Estimator software, is analyzed by considering HashSieve to generate reliable parameter sets. According to the experimental results, up to 81-bit security level, using HashSieve is comparable with other algorithms. It's shown that for low security levels small key sizes can be obtained.