Abstract
By introducing an easy knapsack-type problem, a probabilistic knapsack-type public key cryptosystem (PKCHD) is proposed. It uses a Chinese remainder theorem to disguise the easy knapsack sequence. Thence, to recover the trapdoor information, the implicit attacker has to solve at least two hard number-theoretic problems, namely integer factorization and simultaneous Diophantine approximation problems. In PKCHD, the encryption function is nonlinear about the message vector. Under the re-linearization attack model, PKCHD obtains a high density and is secure against the low-density subset sum attacks, and the success probability for an attacker to recover the message vector with a single call to a lattice oracle is negligible. The infeasibilities of other attacks on the proposed PKCHD are also investigated. Meanwhile, it can use the hardest knapsack vector as the public key if its density evaluates the hardness of a knapsack instance. Furthermore, PKCHD only performs quadratic bit operations which confirms the efficiency of encrypting a message and deciphering a given cipher-text.
Highlights
A public key cryptosystem (PKC), a concept introduced by Diffie and Hellman in their landmark paper [1], is a critical cryptographic primitive in the area of network and information security
PKCs such as RSA [2] and ElGamal [3] suffer from the same drawback of relatively low speed, which hampers the further applications of public-key cryptography and motivates the cryptographers to design faster PKCs
To design a secure knapsack-type PKC, we must ensure that in the system, the encryption function is nonlinear about the message vector; to disguise the easy knapsack problem, the size conditions should be excluded; the encryption function must be non-injective
Summary
A public key cryptosystem (PKC), a concept introduced by Diffie and Hellman in their landmark paper [1], is a critical cryptographic primitive in the area of network and information security. A cipher-text must have so many preimages that it is computationally infeasible for the attacker to list all the preimages It is believed in [23] that, if someone invents a knapsack cryptosystem that fully exploits the difficulty of the knapsack problem, with a high density and a difficult-to-discover trapdoor, it will be a system better than those based on integer factorization and discrete logarithms. Can such a knapsack-type PKC satisfying the requirements above be developed, or, in other words, may any efficient yet straightforward constructions have been overlooked?
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
