# On the concrete security of the unique Shortest Vector Problem

## Speaker:

## Speaker Link:

## Institution:

## Time:

## Host:

## Location:

We study experimentally the Hermite factor of BKZ2.0 on uSVP lattices, with the motivation of understanding the concrete security of LWE in the setting of homomorphic encryption. We run experiments by generating instances of LWE in small dimensions, where we consider secrets sampled from binary, ternary or discrete Gaussian distributions. We convert each LWE instance into a uSVP instance and run the BKZ2.0 algorithm to find an approximation to the shortest vector. When the attack is successful, we can deduce a bound on the Hermite factor achieved for the given blocksize. This allows us to give concrete values for the Hermite factor of the lattice generated for the uSVP instance. We compare the values of the Hermite factors we find for these lattices with estimates from the literature and find that the Hermite factor may be smaller than expected for blocksizes 30, 35, 40, 45. Our work also demonstrates that the experimental and estimated values of the Hermite factor trend differently as we increase the dimension of the lattice, highlighting the importance of a better theoretical understanding of the performance of BKZ2.0 on uSVP lattices.