Abstract
Recently, Wang and Hu have proposed a high-density quadratic compact knapsack public-key cryptosystem using the Chinese remainder theorem to disguise two secret cargo vectors. The system is claimed to be secure against certain known attacks; however, it has not been demonstrated to fulfill any provable security goals. In this work, we show that this system is not secure. Exploiting the special structure of system parameters, we first show that a candidate list for the secret modulus can be obtained by solving linear equations with small solutions. Next, we show that with this candidate list, all other secrets can be recovered in succession with lattice-based methods by solving certain modular linear equations with small solutions. As a result, recovering a private key can be done in about 11 h for the proposed system parameter n = 100 . We also discuss a method to thwart the proposed attack.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
