The shortest vector problem (SVP) over ideal lattices is closely related to the Ring-LWE problem, which is widely used to build post-quantum cryptosystems. Power-of-two cyclotomic fields are frequently adopted to instantiate Ring-LWE. Pan et al. (EUROCRYPT~2021) explored the SVP over ideal lattices via the decomposition fields and, in particular determined the length of the shortest vector in prime ideals lying over rational primes $p\equiv3,5\pmod{8}$ in power-of-two cyclotomic fields via explicit construction of reduced lattice bases. In this work, we first provide a new method (different from analyzing lattice bases) to analyze the length of the shortest vector in prime ideals in $\mathbb{Z}[ζ_{2^{n+1}}]$ when $p\equiv3,5\pmod{8}$. Then we precisely characterize the length of the shortest vector in the cases of $p\equiv7,9\pmod{16}$. Furthermore, we derive a new upper bound $\sqrt[4]{2^{2n+1}p}$ for this length, which is tighter than the bound $2^n\sqrt[4]{p}$ obtained from Minkowski's theorem. Our key technique is to investigate whether a generator of a principal ideal can achieve the shortest length after embedding as a vector. If this holds for the ideal, finding the shortest vector in this ideal can be reduced to finding its shortest generator.

翻译：理想格上的最短向量问题与Ring-LWE问题密切相关，后者被广泛用于构建后量子密码系统。幂次分圆域常被用于实例化Ring-LWE。Pan等人（EUROCRYPT~2021）通过分解域研究了理想格上的最短向量问题，特别是通过显式构造约化格基，确定了幂次分圆域中位于有理素数$p\equiv3,5\pmod{8}$上的素理想中最短向量的长度。在本工作中，我们首先提出了一种新方法（不同于分析格基）来分析当$p\equiv3,5\pmod{8}$时，$\mathbb{Z}[ζ_{2^{n+1}}]$中素理想的最短向量长度。随后，我们精确刻画了$p\equiv7,9\pmod{16}$情形下的最短向量长度。此外，我们推导了该长度的一个新上界$\sqrt[4]{2^{2n+1}p}$，该上界比由Minkowski定理得到的上界$2^n\sqrt[4]{p}$更紧。我们的关键技术在于研究一个主理想的生成元在嵌入为向量后能否达到最短长度。若该理想满足此条件，则寻找该理想中最短向量的问题可归约为寻找其最短生成元。