. Le-modèle-dit-d-tas-"........, Ajtai : Les entrées " grands, p.125

. Nombre-d-'itérations-de-la-réduction-des-cfg-"-uni-tas-"..............., 129 6.2.3 Structure générale des réseaux uni-tas cryptographiques

L. Modèles-de-coppersmith-tas-À-trous and ". , 133 6.3.1 Réseaux de Coppermith à une variable, p.134

.. Modèle-général-de-coppersmith and .. De-coppersmith, 135 6.3.4 Indépendance des blocs des cfg 137 6.3.5 Nombre d'itérations dans le cas des réseaux de Coppersmith vérifiant la condition d'indépendance, p.138

D. Aharonov, R. , and O. , Lattice problems in NP ??? coNP, Journal of the ACM, vol.52, issue.5, pp.749-765, 2005.
DOI : 10.1145/1089023.1089025

M. Ajtai, Generating hard instances of lattice problems (extended abstract), Proceedings of the twenty-eighth annual ACM symposium on Theory of computing , STOC '96, pp.99-108, 1996.
DOI : 10.1145/237814.237838

M. Ajtai, -hard for randomized reductions (extended abstract), Proceedings of the thirtieth annual ACM symposium on Theory of computing , STOC '98, pp.10-19, 1998.
DOI : 10.1145/276698.276705

M. Ajtai and C. Dwork, A public-key cryptosystem with worst-case/average-case equivalence, Proceedings of the twenty-ninth annual ACM symposium on Theory of computing , STOC '97, pp.284-293, 1997.
DOI : 10.1145/258533.258604

M. Ajtai, R. Kumar, and D. Sivakumar, Sampling short lattice vectors and the closest lattice vector problem, Proceedings 17th IEEE Annual Conference on Computational Complexity, pp.53-76, 2002.
DOI : 10.1109/CCC.2002.1004339

A. Akhavi, Random lattices, threshold phenomena and efficient reduction algorithms, Theoretical Computer Science, vol.287, issue.2, pp.359-385, 2002.
DOI : 10.1016/S0304-3975(01)00251-1

A. Akhavi, The optimal LLL algorithm is still polynomial in fixed dimension, Theoretical Computer Science, vol.297, issue.1-3, pp.1-3, 2003.
DOI : 10.1016/S0304-3975(02)00616-3

A. Akhavi, J. Marckert, and A. Rouault, On the reduction of a random basis, ANALCO, pp.265-270, 2007.
URL : https://hal.archives-ouvertes.fr/hal-00022848

A. Akhavi and B. Vallée, Average Bit-Complexity of Euclidean Algorithms, ICALP (2000), pp.373-387
DOI : 10.1007/3-540-45022-X_32

. Bak and W. Tang, noise, Physical Review Letters, vol.59, issue.4, pp.381-384, 1987.
DOI : 10.1103/PhysRevLett.59.381

V. Baladi and B. Vallée, Euclidean algorithms are gaussian. CoRR cs, p.307062, 2003.
DOI : 10.1016/j.jnt.2004.08.008

URL : https://hal.archives-ouvertes.fr/hal-00012771

D. Boneh and G. Durfee, Cryptanalysis of RSA with Private Key d Less than N 0.292, IEEE Transactions on Information Theory, vol.46, issue.66, pp.1339-1349, 2000.
DOI : 10.1007/3-540-48910-X_1

J. Bourdon, B. Daireaux, and B. Vallée, Dynamical analysis of ??-Euclidean algorithms, Journal of Algorithms, vol.44, issue.1, pp.246-285, 2002.
DOI : 10.1016/S0196-6774(02)00218-3

URL : https://hal.archives-ouvertes.fr/hal-00442421

Z. Brakerski, C. Gentry, and V. Vaikuntanathan, Fully homomorphic encryption without bootstrapping, Electronic Colloquium on Computational Complexity (ECCC), vol.18, pp.111-54, 2011.
DOI : 10.1145/2090236.2090262

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

Z. Brakerski, A. Langlois, C. Peikert, O. Regev, and D. Stehlé, Classical hardness of learning with errors, Proceedings of the 45th annual ACM symposium on Symposium on theory of computing, STOC '13, pp.575-584
DOI : 10.1145/2488608.2488680

URL : https://hal.archives-ouvertes.fr/hal-00922194

Z. Brakerski and V. Vaikuntanathan, Ecient fully homomorphic encryption from (standard) LWE, FOCS (2011), pp.97-106
DOI : 10.1109/focs.2011.12

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

Z. Brakerski and V. Vaikuntanathan, Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages, CRYPTO (2011), pp.505-524
DOI : 10.1007/978-3-642-22792-9_29

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

H. Cohn and A. Kumar, The densest lattice in twenty-four dimensions, Electron. Res. Announc. Am. Math. Soc, vol.10, pp.408174-58, 2004.

D. Coppersmith, Finding a Small Root of a Univariate Modular Equation, pp.155-165, 1996.
DOI : 10.1007/3-540-68339-9_14

D. Coppersmith, Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities, Journal of Cryptology, vol.10, issue.4, pp.233-260, 1997.
DOI : 10.1007/s001459900030

D. Coppersmith and A. Shamir, Lattice Attacks on NTRU, EUROCRYPT, pp.52-61, 1997.
DOI : 10.1007/3-540-69053-0_5

M. J. Coster, A. Joux, B. A. Lamacchia, A. M. Odlyzko, C. Schnorr et al., Improved low-density subset sum algorithms, Computational Complexity, vol.9, issue.1, pp.111-128, 1992.
DOI : 10.1007/BF01201999

J. Daemen and V. And-rijmen, The Design of Rijndael : AES -The Advanced Encryption Standard, 2002.
DOI : 10.1007/978-3-662-04722-4

B. Daireaux, V. Maume-deschamps, and B. Vallée, The Lyapunov tortoise and the dyadic hare, AD of DMTCS Proceedings, Discrete Mathematics and Theoretical Computer Science, pp.71-94, 2005.
URL : https://hal.archives-ouvertes.fr/hal-01184044

B. Daireaux and B. Vallée, Dynamical Analysis of the Parametrized Lehmer???Euclid Algorithm, Combinatorics, Probability and Computing, vol.13, issue.4-5, pp.4-5, 2004.
DOI : 10.1017/S0963548304006261

H. Daudé, P. Flajolet, and B. Vallée, An Average-Case Analysis of the Gaussian Algorithm for Lattice Reduction, Combinatorics, Probability and Computing, vol.6, issue.4, pp.397-433, 1997.
DOI : 10.1017/S0963548397003258

H. Daudé and B. Vallée, An upper bound on the average number of iterations of the LLL algorithm, Theoretical Computer Science, vol.123, issue.1, pp.95-115, 1994.
DOI : 10.1016/0304-3975(94)90071-X

W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, vol.22, issue.6, pp.644-654, 1976.
DOI : 10.1109/TIT.1976.1055638

A. Dupré, Sur le nombre de divisions à eectuer pour obtenir le plus grand commun diviseur entre deux nombres entiers, Journal de Mathématiques Pures et Appliquées, vol.11, pp.41-74, 1846.

M. Ernst, E. Jochemsz, A. May, E. May, and B. De-weger, Partial Key Exposure Attacks on RSA up to Full Size Exponents, CRYPTO 2005, pp.371-386, 2005.
DOI : 10.1007/11426639_22

U. Fincke and M. Pohst, A procedure for determining algebraic integers of given norm, In EUROCAL, pp.194-202, 1983.
DOI : 10.1007/3-540-12868-9_103

N. Gama and P. Nguyen, Finding short lattice vectors within mordell's inequality Predicting lattice reduction, STOCCité pages 10 et 24.) [34] Gama EUROCRYPT, pp.207-216, 2008.
DOI : 10.1145/1374376.1374408

T. E. Gamal, A public key cryptosystem and a signature scheme based on discrete logarithms, IEEE Transactions on Information Theory, vol.31, issue.52, pp.469-472, 1985.

C. Gentry, Fully homomorphic encryption using ideal lattices, Proceedings of the 41st annual ACM symposium on Symposium on theory of computing, STOC '09, pp.169-178, 2009.
DOI : 10.1145/1536414.1536440

C. Gentry and S. Halevi, Fully Homomorphic Encryption without Squashing Using Depth-3 Arithmetic Circuits, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, pp.107-109
DOI : 10.1109/FOCS.2011.94

C. Gentry, S. Halevi, and N. P. Smart, Fully Homomorphic Encryption with Polylog Overhead, EUROCRYPT (2012), pp.465-482
DOI : 10.1007/978-3-642-29011-4_28

C. Gentry, C. Peikert, and V. Vaikuntanathan, Trapdoors for hard lattices and new cryptographic constructions, Proceedings of the fourtieth annual ACM symposium on Theory of computing, STOC 08, pp.197-206, 2008.
DOI : 10.1145/1374376.1374407

O. Goldreich and S. Goldwasser, On the Limits of Nonapproximability of Lattice Problems, Journal of Computer and System Sciences, vol.60, issue.3, pp.540-563, 2000.
DOI : 10.1006/jcss.1999.1686

O. Goldreich, S. Goldwasser, and S. Halevi, Eliminating decryption errors in the Ajtai-Dwork Cryptosystem, Advances in Cryptology -CRYPTO 97 17th Annual International Cryptology Conference, pp.105-111, 1997.
DOI : 10.1007/BFb0052230

O. Goldreich, S. Goldwasser, and S. Halevi, Public-key cryptosystems from lattice reduction problems, CRYPTO, pp.112-131, 1997.
DOI : 10.1007/BFb0052231

E. C. Goles and M. A. Kiwi, Games on line graphs and sand piles, Theoretical Computer Science, vol.115, issue.2
DOI : 10.1016/0304-3975(93)90122-A

URL : http://doi.org/10.1016/0304-3975(93)90122-a

G. Hanrot and D. Stehlé, Improved Analysis of Kannan???s Shortest Lattice Vector Algorithm, Proceedings of the 27th annual international cryptology conference on Advances in cryptology CRYPTO'07, pp.170-186, 2007.
DOI : 10.1007/978-3-540-74143-5_10

J. Håstad, Solving Simultaneous Modular Equations of Low Degree, SIAM Journal on Computing, vol.17, issue.2, pp.336-341, 1988.
DOI : 10.1137/0217019

D. Hensley, The Number of Steps in the Euclidean Algorithm, Journal of Number Theory, vol.49, issue.2, pp.49-149, 1994.
DOI : 10.1006/jnth.1994.1088

C. Hermite and E. Picard, OEuvres : Publiées sous les auspices de l, Académie des Sciences, vol.1, issue.27, p.9, 1905.

J. Hoffstein, J. Pipher, and J. H. Silverman, NTRU: A ring-based public key cryptosystem, ANTS, pp.267-288, 1998.
DOI : 10.1007/BFb0054868

N. Howgrave-graham, Finding small roots of univariate modular equations revisited, 1997.
DOI : 10.1007/BFb0024458

H. J. Jensen, Self-organized criticality. Cambridge Lecture Notes in Physics Emergent complex behavior in physical and biological systems, 1998.

R. Kannan, Improved algorithms for integer programming and related lattice problems, Proceedings of the fifteenth annual ACM symposium on Theory of computing , STOC '83, pp.193-206, 1983.
DOI : 10.1145/800061.808749

R. M. Karp, Reducibility among combinatorial problems, In Complexity of Computer Computations, pp.85-103, 1972.
DOI : 10.1007/978-3-540-68279-0_8

T. Kato, Perturbation Theory for Linear Operators, 1980.

A. Katok and B. Hasselblatt, Introduction to the Modern Theory of Dynamical Systems, 1995.
DOI : 10.1017/CBO9780511809187

S. Khot, Hardness of approximating the shortest vector problem in lattices, FOCS, pp.126-135, 2004.

N. Koblitz, Elliptic curve cryptosystems, Mathematics of Computation, vol.48, issue.177, pp.203-209, 1987.
DOI : 10.1090/S0025-5718-1987-0866109-5

A. Korkine and G. Zolotarev, Sur les formes quandratiques, Mathematishe Annalen, vol.6, issue.26, pp.336-389, 1873.
DOI : 10.1007/bf01442795

J. C. Lagarias, Worst-case complexity bounds for algorithms in the theory of integral quadratic forms, Journal of Algorithms, vol.1, issue.2, pp.142-186, 1980.
DOI : 10.1016/0196-6774(80)90021-8

J. C. Lagarias, The computational complexity of simultaneous diophantine approximation problems, FOCS, pp.32-39, 1982.

J. C. Lagarias, H. W. Jr, and C. Schnorr, Korkin-Zolotarev bases and successive minima of a lattice and its reciprocal lattice, Combinatorica, vol.96, issue.4 (208), pp.4-333, 1990.
DOI : 10.1007/BF02128669

J. C. Lagarias and A. M. Odlyzko, Solving low-density subset sum problems, Journal of the ACM, vol.32, issue.1, pp.229-246, 1985.
DOI : 10.1145/2455.2461

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

J. L. Lagrange, Recherches d'arithmétiques. In Nouveaux mémoires de l'Académie royale des sciences et des belles-lettres de Berlin, pp.1773-1775

H. Laville and B. Vallée, Distribution de la constante d'Hermite et du plus court vecteur dans les r??seaux de dimension deux, Journal de Th??orie des Nombres de Bordeaux, vol.6, issue.1, pp.135-159, 1994.
DOI : 10.5802/jtnb.110

A. Lenstra, H. Lenstra, and L. Lovász, Factoring polynomials with rational coefficients, Mathematische Annalen, vol.32, issue.4, pp.515-534, 1982.
DOI : 10.1007/BF01457454

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

H. W. Lenstra, Integer Programming with a Fixed Number of Variables, Mathematics of Operations Research, vol.8, issue.4, pp.538-548, 1983.
DOI : 10.1287/moor.8.4.538

L. Jr and H. W. , Flags and lattice basis reduction, pp.37-52, 2001.

L. Lhote and B. Vallée, Gaussian Laws for the Main Parameters of the Euclid Algorithms, Algorithmica, vol.15, issue.1, pp.497-554, 2008.
DOI : 10.1007/s00453-007-9009-6

URL : https://hal.archives-ouvertes.fr/hal-00207680

L. Lovász, An algorithmic theory of numbers, graphs and convexity, CBMS-NSF Regional Conference Series in Applied Mathematics. Society for Industrial and Applied Mathematics (SIAM), vol.50, pp.10-23, 1986.
DOI : 10.1137/1.9781611970203

V. Lyubashevsky, C. Peikert, R. , and O. , On Ideal lattices and Learning with Errors over Rings, EUROCRYPT (2010), pp.1-23
DOI : 10.1007/978-3-642-13190-5_1

URL : https://hal.archives-ouvertes.fr/hal-00921792

M. Madritsch and B. Vallée, Modelling the LLL Algorithm by Sandpiles, Proceedings of the 9th Latin American conference on Theoretical Informatics et 126.) [72] Mahler, K. A theorem on inhomogeneous diophantine inequalities. Nederl. Akad. Wetensch ., Proc, pp.267-281, 1938.
DOI : 10.1007/978-3-642-12200-2_25

URL : https://hal.archives-ouvertes.fr/hal-01082028

J. Martinet, Perfect lattices in Euclidean spaces Grundlehren der mathematischen Wissenschaften = A series of comprehensive studies in mathematics, 2003.

A. May, Using LLL-Reduction for Solving RSA and Factorization Problems, The LLL Algorithm, pp.315-348, 2010.
DOI : 10.1007/978-3-642-02295-1_10

R. Mceliece, A public-key cryptosystem based on algebraic number theory, Tech. rep, 1978.

A. J. Menezes, S. A. Vanstone, and P. C. Oorschot, Handbook of Applied Cryptography, 1996.
DOI : 10.1201/9781439821916

R. Merkle and M. Hellman, Hiding information and signatures in trapdoor knapsacks, IEEE Transactions on Information Theory, vol.24, issue.5, pp.525-530, 1978.
DOI : 10.1109/TIT.1978.1055927

D. Micciancio, Improving Lattice Based Cryptosystems Using the Hermite Normal Form, CaLC, pp.126-145, 2001.
DOI : 10.1007/3-540-44670-2_11

D. Micciancio, The Shortest Vector in a Lattice is Hard to Approximate to within Some Constant, SIAM Journal on Computing, vol.30, issue.6, pp.2008-2035, 2001.
DOI : 10.1137/S0097539700373039

D. Micciancio, Cryptographic Functions from Worst-Case Complexity Assumptions, The LLL Algorithm, pp.427-452, 2010.
DOI : 10.1007/978-3-642-02295-1_13

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

D. Micciancio, Lattice-based cryptography, Encyclopedia of Cryptography and Security, pp.713-715

D. Micciancio and S. Goldwasser, Complexity of Lattice Problems : a cryptographic perspective of The Kluwer International Series in Engineering and Computer Science, 2002.
DOI : 10.1007/978-1-4615-0897-7

D. Micciancio, R. , and O. , Worst???Case to Average???Case Reductions Based on Gaussian Measures, SIAM Journal on Computing, vol.37, issue.1, pp.267-302, 2007.
DOI : 10.1137/S0097539705447360

D. Micciancio, R. , and O. , Lattice-based cryptography, 2008.

V. S. Miller, Use of elliptic curves in cryptography In Lecture notes in computer sciences ; 218 on Advances in cryptology?CRYPTO 85, pp.417-426, 1986.

J. W. Milnor and D. Husemoller, Symmetric bilinear forms, 1973.
DOI : 10.1007/978-3-642-88330-9

P. Q. Nguyen and D. Stehlé, LLL on the Average, ANTS, pp.238-256, 2006.
DOI : 10.1007/11792086_18

URL : https://hal.archives-ouvertes.fr/hal-00107309

P. Q. Nguyen and J. Stern, Cryptanalysis of the Ajtai-Dwork cryptosystem, Advances in Cryptology -CRYPTO 98, 18th Annual International Cryptology Conference, pp.223-242, 1998.
DOI : 10.1007/BFb0055731

P. Q. Nguyen and J. Stern, The two faces of lattices in cryptology, CaLC, pp.146-180, 2001.

P. Q. Nguyen and J. Stern, Adapting Density Attacks to Low-Weight Knapsacks, Advances in Cryptology -ASIACRYPT 2005, 11th International Conference on the Theory and Application of Cryptology and Information Security, pp.41-58, 2005.
DOI : 10.1007/11593447_3

P. Q. Nguyen and B. Vallée, The LLL Algorithm : Survey and Applications, 2009.
DOI : 10.1007/978-3-642-02295-1

URL : https://hal.archives-ouvertes.fr/hal-01141414

C. Peikert, Public-key cryptosystems from the worst-case shortest vector problem, Proceedings of the 41st annual ACM symposium on Symposium on theory of computing, STOC '09, pp.333-342, 2009.
DOI : 10.1145/1536414.1536461

C. Peikert, An ecient and parallel Gaussian sampler for lattices, CRYPTO (2010), pp.80-97

M. Pohst, On the computation of lattice vectors of minimal length, successive minima and reduced bases with applications, ACM SIGSAM Bulletin, vol.15, issue.1, pp.37-44, 1981.
DOI : 10.1145/1089242.1089247

O. Regev, On lattices, learning with errors, random linear codes, and cryptography, Proceedings of the thirty-seventh annual ACM symposium on Theory of computing STOC '05, pp.84-93, 2005.

O. Regev, Lattice-Based Cryptography, CRYPTO, pp.131-141, 2006.
DOI : 10.1007/11818175_8

R. L. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol.26, issue.1, pp.96-99, 1983.
DOI : 10.1145/357980.358017

C. P. Schnorr, A hierarchy of polynomial time lattice basis reduction algorithms, Theoretical Computer Science, vol.53, issue.2-3, pp.2-3, 1987.
DOI : 10.1016/0304-3975(87)90064-8

C. P. Schnorr, Factoring Integers and Computing Discrete Logarithms via Diophantine Approximation, Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques EUROCRYPT'91, pp.281-293, 1991.
DOI : 10.1007/3-540-46416-6_24

C. P. Schnorr and M. Euchner, Lattice basis reduction: Improved practical algorithms and solving subset sum problems, Mathematical Programming, vol.13, issue.1, pp.181-199, 1994.
DOI : 10.1007/BF01581144

C. P. Schnorr and H. H. Hörner, Attacking the Chor-Rivest Cryptosystem by Improved Lattice Reduction, Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques EUROCRYPT'95, pp.1-12, 1995.
DOI : 10.1007/3-540-49264-X_1

A. Shamir, A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem, FOCS, pp.145-152, 1982.

P. W. Shor, Algorithms for quantum computation: discrete logarithms and factoring, Proceedings 35th Annual Symposium on Foundations of Computer Science, pp.124-134, 1994.
DOI : 10.1109/SFCS.1994.365700

C. L. Siegel, Lectures on the Geometry of Numbers, 1989.
DOI : 10.1007/978-3-662-08287-4

D. Stehlé and R. Steinfeld, Making NTRU as Secure as Worst-Case Problems over Ideal Lattices, Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques : advances in cryptologyCité pages 54 et 60.) [107] Vallée, B. Opérateurs de Ruelle-Mayer généralisés et analyse en moyenne des algorithmes d'Euclide et de Gauss, pp.27-47, 1997.
DOI : 10.1007/978-3-642-20465-4_4

B. Vallée, Gauss' algorithm revisited, Journal of Algorithms, vol.12, issue.4, pp.556-572, 1991.
DOI : 10.1016/0196-6774(91)90033-U

B. Vallée, Dynamics of the Binary Euclidean Algorithm: Functional Analysis and Operators, Algorithmica, vol.22, issue.4, pp.660-685, 1998.
DOI : 10.1007/PL00009246

B. Vallée and P. Flajolet, The lattice reduction algorithm of Gauss: an average case analysis, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science, pp.830-839, 1990.
DOI : 10.1109/FSCS.1990.89606

B. Vallée, M. Girault, and P. Toffin, How to guess ???-th roots modulo n by reducing lattice bases, Lectures Notes in Computer Science, vol.357, pp.427-442, 1988.
DOI : 10.1007/3-540-51083-4_78

B. Vallée and A. Vera, Lattice reduction in two dimensions : analyses under realistic probabilistic models, DMTCS Proceedings, vol.0, issue.146, pp.66-126, 2008.

B. Vallée and A. Vera, Probabilistic Analyses of Lattice Reduction Algorithms
DOI : 10.1007/978-3-642-02295-1_3

P. Van-emde-boas, Another NP-complete partition problem and the complexity of computing short vectors in a lattice Available at author's home page, 1981.

E. R. Verheul and H. C. Van-tilborg, Cryptanalysis of 'Less Short' RSA Secret Exponents, Applicable Algebra in Engineering, Communication and Computing, vol.8, issue.5, pp.425-435, 1997.
DOI : 10.1007/s002000050082

M. J. Wiener, Cryptanalysis of short RSA secret exponents, IEEE Transactions on Information Theory, vol.36, issue.3, pp.553-558, 1990.
DOI : 10.1109/18.54902