Public-Key Cryptographic Primitives Provably as Secure as Subset Sum

  • Vadim Lyubashevsky
  • Adriana Palacio
  • Gil Segev
Conference paper

DOI: 10.1007/978-3-642-11799-2_23

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5978)
Cite this paper as:
Lyubashevsky V., Palacio A., Segev G. (2010) Public-Key Cryptographic Primitives Provably as Secure as Subset Sum. In: Micciancio D. (eds) Theory of Cryptography. TCC 2010. Lecture Notes in Computer Science, vol 5978. Springer, Berlin, Heidelberg


We propose a semantically-secure public-key encryption scheme whose security is polynomial-time equivalent to the hardness of solving random instances of the subset sum problem. The subset sum assumption required for the security of our scheme is weaker than that of existing subset-sum based encryption schemes, namely the lattice-based schemes of Ajtai and Dwork (STOC’97), Regev (STOC’03, STOC’05), and Peikert (STOC’09). Additionally, our proof of security is simple and direct. We also present a natural variant of our scheme that is secure against key-leakage attacks, and an oblivious transfer protocol that is secure against semi-honest adversaries.

Copyright information

© IFIP International Federation for Information Processing 2010

Authors and Affiliations

  • Vadim Lyubashevsky
    • 1
  • Adriana Palacio
    • 2
  • Gil Segev
    • 3
  1. 1.Tel-Aviv UniversityTel-AvivIsrael
  2. 2.Bowdoin CollegeBrunswickUSA
  3. 3.Weizmann Institute of ScienceRehovotIsrael

Personalised recommendations