Improved Generic Algorithms for Hard Knapsacks

  • Anja Becker
  • Jean-Sébastien Coron
  • Antoine Joux
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6632)


At Eurocrypt 2010, Howgrave-Graham and Joux described an algorithm for solving hard knapsacks of density close to 1 in time \({\mathcal{\tilde O}}(2^{0.337n})\) and memory \({\mathcal{\tilde O}}(2^{0.256n})\), thereby improving a 30-year old algorithm by Shamir and Schroeppel. In this paper we extend the Howgrave-Graham–Joux technique to get an algorithm with running time down to \({\mathcal{\tilde O}}(2^{0.291n})\). An implementation shows the practicability of the technique. Another challenge is to reduce the memory requirement. We describe a constant memory algorithm based on cycle finding with running time \({\mathcal{\tilde O}}(2^{0.72n})\); we also show a time-memory tradeoff.


  1. 1.
    Ajtai, M.: The shortest vector problem in \(\mbox{L}_2\) is NP-hard for randomized reductions (extended abstract). In: STOC 1998, pp. 10–19 (1998)Google Scholar
  2. 2.
    Becker, A., Coron, J.-S., Joux, A.: Improved generic algorithms for hard knapsacks. Eprint archive (2011)Google Scholar
  3. 3.
    Coster, M.J., Joux, A., LaMacchia, B.A., Odlyzko, A.M., Schnorr, C.-P., Stern, J.: Improved low-density subset sum algorithms. Computational Complexity 2, 111–128 (1992)MathSciNetzbMATHCrossRefGoogle Scholar
  4. 4.
    Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freeman, New York (1979)zbMATHGoogle Scholar
  5. 5.
    Howgrave-Graham, N., Joux, A.: New generic algorithms for hard knapsacks. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 235–256. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Knuth, D.E.: The Art of Computer Programming, 2nd edn. Seminumerical Algorithms, vol. II. Addison-Wesley, Reading (1981)zbMATHGoogle Scholar
  7. 7.
    Lagarias, J.C., Odlyzko, A.M.: Solving low-density subset sum problems. J. ACM 32(1), 229–246 (1985)MathSciNetzbMATHCrossRefGoogle Scholar
  8. 8.
    Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261, 515–534 (1982)MathSciNetzbMATHCrossRefGoogle Scholar
  9. 9.
    May, A., Meurer, A.: Personal communicationGoogle Scholar
  10. 10.
    Merkle, R.C., Hellman, M.E.: Hiding information and signatures in trapdoor knapsacks. IEEE Transactions on Information Theory 24, 525–530 (1978)CrossRefGoogle Scholar
  11. 11.
    Nguyen, P.Q., Shparlinski, I.E., Stern, J.: Distribution of modular sums and the security of the server aided exponentiation. In: Progress in Computer Science and Applied Logic, Final Proceedings of Cryptography and Computational Number Theory Workshop, Singapore, vol. 20, pp. 331–224 (2001)Google Scholar
  12. 12.
    Schnorr, C.-P.: A hierarchy of polynomial time lattice basis reduction algorithms. Theor. Comput. Sci. 53, 201–224 (1987)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Schroeppel, R., Shamir, A.: A T = O(2n/2), S = O(2n/4) algorithm for certain NP-complete problems. SIAM J. Comput. 10(3), 456–464 (1981)MathSciNetzbMATHCrossRefGoogle Scholar
  14. 14.
    Shamir, A.: A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem. In: CRYPTO 1982, pp. 279–288 (1982)Google Scholar
  15. 15.
    van Oorschot, P.C., Wiener, M.J.: Improving implementable meet-in-the-middle attacks by orders of magnitude. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 229–236. Springer, Heidelberg (1996)Google Scholar
  16. 16.
    Wagner, D.: A generalized birthday problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 288–303. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Anja Becker
    • 1
  • Jean-Sébastien Coron
    • 3
  • Antoine Joux
    • 1
    • 2
  1. 1.University of VersaillesSaint-Quentin-en-YvelinesFrance
  2. 2.DGAUSA
  3. 3.University of LuxembourgLuxembourg

Personalised recommendations