Underlying each popular public-key cryptosystem is a difficult mathematical problem for which no tractable computational algorithm is known. For many of these problems, however, no proof is known that a tractable computational algorithm does not exist. Accordingly, it is wise to develop alternative cryptographic procedures based on other apparently intractable problems. Some computational problems that have to do with lattices or codes provide alternative apparently intractable problems. Lattices were first introduced into the theory of cryptography, especially public-key cryptography, for the contrary purpose of demonstrating or exploiting weaknesses in some cryptosystems. This, in turn, soon was turned to the study of lattices for the positive purpose of developing alternative forms of public-key cryptography.

A lattice can be used to formulate a kind of public-key cryptosystem that is not based on biprime factorization and is not based on a discrete-log problem. The primary problem of interest for these purposes is the so-called shortest-vector problem in lattices of very large dimension. In contrast to the biprime factoring and the discrete-log problems, the shortened-vector problem in a lattice is formally intractable in the sense that definite statements within the formalism of complexity theory can be made about the general case of the shortest vector problem.

An n-dimensional lattice is a periodic arrangement of points in an n-dimensional space, typically euclidean space Rn. The most familiar example of a lattice is Zn, the n-dimensional integer lattice, which can be embedded in Rn.