Using the Inhomogeneous Simultaneous Approximation Problem for Cryptographic Design

  • Frederik Armknecht
  • Carsten Elsner
  • Martin Schmidt
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6737)


We introduce the Inhomogeneous Simultaneous Approximation Problem (ISAP), an old problem from the field of analytic number theory. Although the Simultaneous Approximation Problem (SAP) is already known in cryptography, it has mainly been considered in its homogeneous instantiation for attacking schemes. We take a look at the hardness and applicability of ISAP, i.e., the inhomogeneous variant, for designing schemes.

More precisely, we define a decisional problem related to ISAP, called DISAP, and show that it is NP-complete. With respect to its hardness, we review existing approaches for solving related problems and give suggestions for the efficient generation of hard instances. Regarding the applicability, we describe as a proof of concept a bit commitment scheme where the hiding property is directly reducible to DISAP. An implementation confirms its usability in principle (e.g., size of one commitment is 6273 bits and execution time is in the milliseconds).


Approximation Quality Commitment Scheme Analytic Number Theory Hard Instance Partial Quotient 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Baldwin, P.R.: A convergence exponent for multidimensional continued-fraction algorithms. Journal of Statistical Physics 66(5/6), 1507–1526 (1992)MathSciNetCrossRefMATHGoogle Scholar
  2. 2.
    Bernstein, L.: The Jacobi-Perron algorithm, it’s theory and application. Lecture Notes in Mathematics, vol. 207. Springer, Heidelberg (1971)CrossRefMATHGoogle Scholar
  3. 3.
    Brentjes, A.J.: Multi-dimensional continued fraction algorithms. Mathematical Centre Tracts 145 (1981)Google Scholar
  4. 4.
    Elsner, C., Schmidt, M.: KronCrypt - a new symmetric cryptosystem based on Kronecker’s approximation theorem. Cryptology ePrint Archive, Report 2009/416 (2009),
  5. 5.
    Fousse, L., Hanrot, G., Lefèvre, V., Pélissier, P., Zimmermann, P.: MPFR: A multiple-precision binary floating-point library with correct rounding. ACM Trans. Math. Softw. 33(2), 13 (2007)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Gärtner, R.: Zur Geometrie des Jacobi-Perron Algorithmus. Arch. Math. 39, 134–146 (1982)MathSciNetCrossRefMATHGoogle Scholar
  7. 7.
    Goldreich, O., Micciancio, D., Safra, S., Seifert, J.-P.: Approximating shortest lattice vectors is not harder than approximating closest lattice vectors. Information Processing Letters 71(2), 55–61 (1999)MathSciNetCrossRefMATHGoogle Scholar
  8. 8.
    Hardy, G.H., Wright, E.M.: An introduction to the theory of numbers, 3rd edn. Clarendon Press, Oxford (1954)MATHGoogle Scholar
  9. 9.
    Isselhorst, H.: The use of fractions in public-key cryptosystems. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 47–55. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  10. 10.
    Jacobi, C.G.J.: Allgemeine Theorie der kettenbruchähnlichen Algorithmen, in welchen jede Zahl aus drei vorhergehenden gebildet wird. Journal Für Die Reine und Angewandte Mathematik (Crelle’s Journal) 69, 29–64 (1868)MathSciNetCrossRefGoogle Scholar
  11. 11.
    Just, B.: Generalizing the continued fraction algorithm to arbitrary dimensions. SIAM Journal on Computing 21, 909–926 (1992)MathSciNetCrossRefMATHGoogle Scholar
  12. 12.
    Estes, D., Adleman, L.M., Kompella, K., McCurley, K.S., Miller, G.L.: Breaking the Ong-Schnorr-Shamir signature scheme for quadratic number fields. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 3–13. Springer, Heidelberg (1986)Google Scholar
  13. 13.
    Lagarias, J.C.: The computational complexity of simultaneous diophantine approximation problems. SIAM J. Comput. 14(1), 196–209 (1985)MathSciNetCrossRefMATHGoogle Scholar
  14. 14.
    Lenstra, A.K., Lenstra Jr., H.W., Lovasz, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261, 515–534 (1982)MathSciNetCrossRefMATHGoogle Scholar
  15. 15.
    Lenstra Jr., H.W.: Integer programming with a fixed number of variables. Mathematics of Operations Research 8(4), 538–548 (1983)MathSciNetCrossRefMATHGoogle Scholar
  16. 16.
    Keng, H.L.: Introduction to number theory, 5th edn. Springer, Heidelberg (1982)CrossRefMATHGoogle Scholar
  17. 17.
    Nguyen, P.Q., Valle, B.: The LLL Algorithm. Survey and Applications. In: Information Security and Cryptography, Springer, Heidelberg (2010)Google Scholar
  18. 18.
    Perron, O.: Grundlagen für eine Theorie des Jacobischen Kettenbruchalgorithmus. Math. Ann. 64, 1–76 (1907)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Regev, O.: New lattice-based cryptographic constructions. J. ACM 51(6), 899–942 (2004)MathSciNetCrossRefMATHGoogle Scholar
  20. 20.
    Rieger, G.J.: Zahlentheorie. Vandenhoeck & Ruprecht, Göttingen (1976)MATHGoogle Scholar
  21. 21.
    Rössner, C., Seifert, J.-P.: Approximating good simultaneous diophantine approximations is almost NP-hard. In: Penczek, W., Szałas, A. (eds.) MFCS 1996. LNCS, vol. 1113, pp. 494–505. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  22. 22.
    Schmidt, W.: Diophantine approximations. Springer, Berlin (1980)Google Scholar
  23. 23.
    Schnorr, C.-P.: Factoring integers and computing discrete logarithms via diophantine approximation. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 281–293. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  24. 24.
    Schweiger, F.: The metrical theory of Jacobi-Perron algorithm. Lecture Notes in Mathematics, vol. 334. Springer, Heidelberg (1973)MATHGoogle Scholar
  25. 25.
    Schweiger, F.: Multidimensional continued fractions. Oxford University Press, Oxford (2000)MATHGoogle Scholar
  26. 26.
    Schweiger, F.: Was leisten mehrdimensionale Kettenbrüche? Mathematische Semesterberichte 53, 231–244 (2006)MathSciNetCrossRefGoogle Scholar
  27. 27.
    Seifert, J.-P.: Using fewer qubits in Shor’s factorization algorithm via simultaneous diophantine approximation. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 319–327. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  28. 28.
    Shamir, A.: A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem. In: SFCS 1982: Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, pp. 145–152. IEEE Computer Society, Washington, DC, USA (1982)Google Scholar
  29. 29.
    Stern, J., Toffin, P.: Cryptanalysis of a public-key cryptosystem based on approximations by rational numbers. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 313–317. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  30. 30.
    Szekeres, C.: Multidimensional continued fractions. Ann. Univ. Sci. Budap. Eötös, Sect. Math. 13, 113–140 (1980)MathSciNetMATHGoogle Scholar
  31. 31.
    van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  32. 32.
    Wiener, M.J.: Cryptanalysis of short RSA secret exponents. IEEE Transactions on Information Theory 36, 553–558 (1990)MathSciNetCrossRefMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Frederik Armknecht
    • 1
  • Carsten Elsner
    • 2
  • Martin Schmidt
    • 3
  1. 1.Group for Theoretical Computer Science and Data SecurityUniversität MannheimGermany
  2. 2.FHDW HannoverGermany
  3. 3.Institute of Applied MathematicsLeibniz Universität HannoverGermany

Personalised recommendations