Yasuyuki Murakami
ABSTRACT
The density is a very important parameter in knapsack public-key cryptosystems. It is known that the knapsack cryptosystem is broken with the low-density attack when the density is low. In 2005, Nguyen and Stern introduced the pseudo-density instead of the conventional density in order to evaluate CR and OTU cryptosystems. In 2008, Kunihiro introduced a new density in order to unify the conventional density and the pseudo-density. From Kunihiro's result, we can guess that the plaintext is disclosed with the low-density attack when the weight of the plaintext is low even in the conventional knapsack PKC. In this paper, we investigate the relationship between the weight of plaintext and successful attacks in conventional knapsack cryptosystems.
- W. P. Shor, "Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer," Proc. the 35th Annual Symposium on Foundations of Computer Science, pp.124--134, 1994. Google Scholar
Digital Library
- R. C. Merkle and M. E. Hellman, "Hiding information and signatures in trapdoor knapsacks," IEEE Trans. Inf. Theory, IT-24(5), pp.525--530, 1978.Google ScholarCross Ref
- A. Shamir, "A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystems," Proc. Crypto'82, LNCS, pp.279--288, Springer-Verlag, Berlin, 1982.Google Scholar
- L. M. Adleman, "On breaking the titrated Merkle-Hellman public-key cryptosystem," Plenum Press. Crypto'82, pp.303--308. 1982.Google Scholar
- J. C. Lagarias and A. M. Odlyzko, "Solving low density subset sum problems," J. Assoc. Comp. Math., vol.32, pp.229--246, Preliminary version in Proc. 24th IEEE, 1985. Google ScholarDigital Library
- M. J. Coster, B. A. LaMacchia, A. M. Odlyzko and C. P. Schnorr, "An improved low-density subset sum algorithm," In Advances in Cryptology Proc. EUROCRYPTO'91, LNCS, pp. 54--67. Springer-Verlag, Berlin, 1991.Google Scholar
- M. Kasahara and Y. Murakami, "New public key cryptosystems and the application," Technical Report of IEICE, ISEC99-55(1999--11), pp.21--28, 1999.Google Scholar
- T. Hattori, Y. Murakami and M. Kasahara, "Notes on security of SHP cryptosystems," The 24th Symposium on Information Theory and Its Applications, pp.351--354, 2001.Google Scholar
- B. Chor and R. L. Rivest, "A knapsack-type public key cryptosystem based on arithmetic in finite fields," Proc. of CRYPTO'84, LNCS196, pp.54--65, 1984. Google ScholarDigital Library
- T. Okamoto, K. Tanaka and S. Uchiyama, "Quantum publickey cryptosystems," Proc. of CRYPTO2000, LNCS1880, pp.147--165, 2000. Google ScholarDigital Library
- P. Q. Nguyen and J. Stern, "Adapting density attacks to low-weight knapsacks," Proc. Asiacrypt2005, pp.41--58, 2005. Google ScholarDigital Library
- N. Kunihiro, "New definition of density on knapsack cryptosystems," Proc. Africacrypt2008, pp.156--173, 2008. Google ScholarDigital Library
- A. K. Lenstra, H. W. Lenstra and L. L. ovasz, "Factoring polynomials with integer coefficients," Mathematische Annalen 261, pp.515--534, 1982.Google ScholarCross Ref
- Victor Shoup, "NTL: A library for doing number theory," http://www.shoup.net/ntl/Google Scholar
Index Terms
- Relationship between weight of plaintext and successful attacks in knapsack cryptosystems
Recommendations
Security of Knapsack PKC with Plaintext Encoding against Low-Density Attack
ICCIT '09: Proceedings of the 2009 Fourth International Conference on Computer Sciences and Convergence Information TechnologyMerkle and Hellman proposed the first knapsack cryptosystem. However, it was broken because the density is not sufficiently high. The knapsack scheme is expected to be one of the post quantum cryptosystems. In this paper, we describe the high-density ...
Security of Double-Sequence Knapsack PKC and Single-Sequence Knapsack PKC against Low-Density Attack
ICCIT '09: Proceedings of the 2009 Fourth International Conference on Computer Sciences and Convergence Information TechnologyThe study of the knapsack PKC is important from both practical and theoretical standpoints. We proposed a double-sequence knapsack PKC on the basis of MH PKC. We also proposed a single-sequence knapsack PKC using the Chinese remainder theorem on the ...
A New Knapsack Public-Key Cryptosystem
IAS '09: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 02A new knapsack-type public key cryptosystem is proposed by constructing an easy knapsack problem. The cryptosystem is shown to be secure against Shamir's key-recovery attack in that it does not use a super-increasing knapsack sequence in the ...
Comments