Under the threat of quantum computers’ expected powerful computational capacity, the study on post-quantum cryptography is becoming urgent nowadays. Lattice-based cryptography is one of the most promising candidates of post-quantum cryptography. To give a secure instantiation for practical applications, it is necessary to understand the complexity of the best-known attacks. Most of the attacks to lattice-based cryptography use basis reduction algorithms. For instance, the most commonly used practical basis reduction algorithms are variants of the block Korkin–Zolotarev (BKZ) algorithm. In this paper, we study the effect of applying the quick reordering technique (QRT) to lattice algorithms, mainly the enumeration algorithm and the BKZ algorithm. We show that QRT is a simple method to improve these two algorithms with respect to cutting down the number of search nodes and thus reducing the total runtime. For improving on the LLL algorithm with dimensions smaller than 30, the success rate is larger than 10%, and for the BKZ algorithm with blocksize smaller than 30, the success rate is larger than 40%. At first, we observe that reordering the LLL-reduced basis vectors by increasing norm orders will change the distribution of search nodes in the enumeration tree, which gives a chance to reduce the enumeration search nodes with a certain probability. The experimental results show that the runtime of the enumeration algorithm can be accelerated approximately by a factor of two. We further explain this phenomenon from a theoretical point of view, which follows Gama–Nguyen–Regev’s analysis (Gama et al., in: Advances in cryptology—EUROCRYPT 2010, proceedings of 29th annual international conference on the theory and applications of cryptographic techniques, pp 257–278, 2010). Then we apply this reordering technique to the implementation of the BKZ algorithm in the open-source library NTL. Our experimental results in dimensions 100–120 with blocksize 15–30 show that on the LLL-reduced bases, our modified NTL-BKZ outputs a vector shorter than the original NTL-BKZ with rate 40.91%-45.73% by setting the LLL approximation factor by \(\delta _{LLL}=0.99\). Furthermore, in the instances where the improved BKZ found one same or shorter vector, the runtime is up to 2.02 times faster than the original NTL-BKZ when setting the blocksize \(\beta =25\) with \(\delta _{LLL}=0.99\).

在量子计算机预期强大的计算能力的威胁下，后量子密码学的研究如今变得迫在眉睫。基于晶格的密码学是后量子密码学最有前途的候选者之一。为了为实际应用提供安全的实例，有必要了解最著名的攻击的复杂性。对基于格的密码学的大多数攻击都使用基减少算法。例如，最常用的实用基础减少算法是块Korkin–Zolotarev（BKZ）算法的变体。在本文中，我们研究了将快速重排序技术（QRT）应用于点阵算法的效果，主要是枚举算法和BKZ算法。我们展示了QRT是一种相对于减少搜索节点数量从而减少总运行时间的改进这两种算法的简单方法。为了改进尺寸小于30的LLL算法，成功率大于10％；对于块尺寸小于30的BKZ算法，成功率大于40％。首先，我们观察到通过增加范数顺序对LLL减少后的基向量进行重新排序将改变枚举树中搜索节点的分布，从而有机会以一定的概率减少枚举搜索节点。实验结果表明，枚举算法的运行时间可以加快大约两倍。我们从理论上进一步解释这种现象，紧接着Gama–Nguyen–Regev的分析（Gama等人，于：2010年EUROCRYPT密码学进展，第29届年度密码技术理论与应用国际会议论文集，第257–278页，2010年）。然后，我们将此重新排序技术应用于开源库NTL中BKZ算法的实现。我们在尺寸为100–120，块大小为15–30的实验中的结果表明，在经过LLL缩减的基数上，通过设置LLL近似因子，我们改进的NTL-BKZ输出的矢量比原始NTL-BKZ短，比率为40.91％-45.73％通过 然后，我们将此重新排序技术应用于开源库NTL中BKZ算法的实现。我们在尺寸为100–120，块大小为15–30的实验中的结果表明，在经过LLL缩减的基数上，通过设置LLL近似因子，我们改进的NTL-BKZ输出的矢量比原始NTL-BKZ短，比率为40.91％-45.73％通过 然后，我们将此重新排序技术应用于开源库NTL中BKZ算法的实现。我们在尺寸为100–120，块大小为15–30的实验中的结果表明，在经过LLL缩减的基数上，通过设置LLL近似因子，我们改进的NTL-BKZ输出的矢量比原始NTL-BKZ短，比率为40.91％-45.73％通过\（\ delta _ {LLL} = 0.99 \）。此外，在改进的BKZ找到一个相同或更短的向量的情况下，将块大小\（\ beta = 25 \）设置为\（\ delta _ {LLL ）时，运行时间比原始NTL-BKZ快2.02倍。} = 0.99 \）。