Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Indefiniteness makes lattice reduction easier

Antoine Joux

TL;DR

The paper extends lattice reduction to indefinite quadratic forms by introducing a general, non-restrictive definition of indefinite lattices and a new polynomial-time algorithm (IndefLLL) that leverages the lattice–quadratic form correspondence. It replaces standard Gram-Schmidt with a generalized GSO, accounts for hyperbolic planes, and reduces 2×2 blocks via indefinite binary quadratic forms, actively promoting sign alternation to tighten reduction while avoiding isotropic vectors unless they form hyperbolic planes. Theoretical results bound the resulting basis in terms of the non-degenerate Gram determinant and the lattice’s signature, and the algorithm’s complexity is handled via a potential framework. Experimental evidence from Magma suggests substantial gains over prior indefinite reductions, especially for higher-signature lattices, indicating that indefiniteness can make lattice reduction easier and that the performance depends strongly on the signature rather than dimension.

Abstract

Since the invention of the famous LLL algorithm, lattice reduction has been an extremely useful tool in computational number theory. By construction, the LLL algorithm deals with lattices living in a vector space endowed with a positive definite scalar product. However, it seems quite nature to ask about the indefinite case, where the scalar product is replaced by an arbitrary quadratic form, possibily indefinite. This question was considered independently in two lines of work. One by G{á}bor Ivanyos and {Á}gnes Sz{á}nt{ó} and one by Denis Simon. Both lead to an algorithm that generalizes LLL and whose performance is very similar to LLL, i.e. a polynomial-time algorithm that approximates the shortest vector within an approximation factor exponential in the dimension. Denis Simon achieves an approximation factor close to that of LLL under the assumption that no isotropic vectors arise during reduction. G{á}bor Ivanyos and {Á}gnes Sz{á}nt{ó} show that it is possible to avoid isotropic vectors altogether, at the cost of a somewhat worse approximation factor. In this paper, we revisit the reduction of indefinite lattices and conclude that it can lead to much better reduced representations that previously thought. We also conclude that the approximation factor depends on the signature of the indefinite lattice rather than on its dimension.

Indefiniteness makes lattice reduction easier

TL;DR

The paper extends lattice reduction to indefinite quadratic forms by introducing a general, non-restrictive definition of indefinite lattices and a new polynomial-time algorithm (IndefLLL) that leverages the lattice–quadratic form correspondence. It replaces standard Gram-Schmidt with a generalized GSO, accounts for hyperbolic planes, and reduces 2×2 blocks via indefinite binary quadratic forms, actively promoting sign alternation to tighten reduction while avoiding isotropic vectors unless they form hyperbolic planes. Theoretical results bound the resulting basis in terms of the non-degenerate Gram determinant and the lattice’s signature, and the algorithm’s complexity is handled via a potential framework. Experimental evidence from Magma suggests substantial gains over prior indefinite reductions, especially for higher-signature lattices, indicating that indefiniteness can make lattice reduction easier and that the performance depends strongly on the signature rather than dimension.

Abstract

Since the invention of the famous LLL algorithm, lattice reduction has been an extremely useful tool in computational number theory. By construction, the LLL algorithm deals with lattices living in a vector space endowed with a positive definite scalar product. However, it seems quite nature to ask about the indefinite case, where the scalar product is replaced by an arbitrary quadratic form, possibily indefinite. This question was considered independently in two lines of work. One by G{á}bor Ivanyos and {Á}gnes Sz{á}nt{ó} and one by Denis Simon. Both lead to an algorithm that generalizes LLL and whose performance is very similar to LLL, i.e. a polynomial-time algorithm that approximates the shortest vector within an approximation factor exponential in the dimension. Denis Simon achieves an approximation factor close to that of LLL under the assumption that no isotropic vectors arise during reduction. G{á}bor Ivanyos and {Á}gnes Sz{á}nt{ó} show that it is possible to avoid isotropic vectors altogether, at the cost of a somewhat worse approximation factor. In this paper, we revisit the reduction of indefinite lattices and conclude that it can lead to much better reduced representations that previously thought. We also conclude that the approximation factor depends on the signature of the indefinite lattice rather than on its dimension.

Paper Structure

This paper contains 37 sections, 13 theorems, 113 equations, 5 algorithms.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Standard lattices and the notion of reduction
  4. Symmetric bilinear forms on real vector spaces
  5. Indefinite lattices
  6. Extension to Hermitian lattices
  7. Binary quadratic forms
  8. Definite forms
  9. Indefinite forms
  10. The missing cases
  11. Theoretical results about indefinite lattices
  12. A bird's eye presentation of LLL and necessary adaptations
  13. Generalized Gram-Schmidt Orthogonalization
  14. Hyperbolic planes
  15. Admissible Lattice Gram matrices and local zeroes
  16. ...and 22 more sections

Key Result

Theorem 1

If $V_0$, $V_{+}$ and $V_{-}$ are as above, then: Furthermore, $\mathfrak{b}_{|V_0}$ is the constant zero form, $\mathfrak{b}_{|V_+}$ is positive definite and $\mathfrak{b}_{|V_-}$ is negative definite.

Theorems & Definitions (26)

  • Theorem 1
  • Lemma 2
  • Remark 3
  • Definition 4
  • Remark 5
  • Theorem 6
  • proof
  • Remark 7
  • Theorem 8: Proposition 1.6 of lenstra1982factoring
  • proof
  • ...and 16 more