Cryptocomplexity and NP-completeness

  • S. Even
  • Y. Yacobi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 85)


In view of the known difficulty in solving NP-hard problems, a natural question is whether there exist cryptosystems which are NP-hard to crack. In Section I we display two such systems which are based on the knapsack problem. However, the first one, which is highly "linear" has been shown by Lempel to be almost always easy to crack. This shows that NP-hardness of a cryptosystem is not enough. Also, it provides the only natural problem we know of, which is NP-hard and yet almost always easy to solve. The second system is a form of a "double knapsack" and so far has resisted the cryptanalysis efforts.

In Section 2 a Public-Key Crypto-System (PKCS) is defined, and evidence is given that no such system can be NP-hard to break. This relates to the work of Brassard, et al. [2, 11], but the definition of PKCS leads us to a different cracking problem, to which Brassard's technique still applies, after proper modification.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    Diffie, W. and Hellman, M.E., "New Directions in Cryptography", IEEE Transactions on Information Theory, Vol. 22, 1976, pp. 644–654.Google Scholar
  2. [2]
    Brassard, G., Fortune, S., and Hopcroft, J., "A Note on Cryptography and NP ∩ CoNP-P", TR78-338, Dept. of Comp. Sci., Cornell University.Google Scholar
  3. [3]
    Karp, R.M., "Reducibility Among Combinatorial Problems", in R.E. Miller and J.W. Thatcher (eds.), Complexity of Computer Computations, Plenum Press, 1972, pp. 85–104.Google Scholar
  4. [4]
    Garey, M.R., and Johnson, D.S., Computers and Intractability: A Guide to the Theory of NP-Completeness, W.H. Freeman, 1979.Google Scholar
  5. [5]
    Aho, A.V., Hopcroft, J.E. and Ullman, J.D., The Design and Analysis of Computer Algorithms, Addison-Wesley, 1974.Google Scholar
  6. [6]
    Even, S., Graph Algorithms, Computer Science Press, 1979.Google Scholar
  7. [7]
    Lempel, A., "Cryptology in Transition", Computing Surveys, December 1979.Google Scholar
  8. [8]
    Cook, S.A., "The Complexity of Theorem Proving Procedures", Proceedings 3rd Am. ACM Symposium on Theory of Computing, ACM, 1971, pp. 151–158.Google Scholar
  9. [9]
    Rivest, R.L., Shamir, A., and Adleman, L., "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", Comm. ACM 21, February 1978, pp. 120–126.Google Scholar
  10. [10]
    Merkle, R., and Hellman, M., "Hiding Information and Signatures in Trapdoor Knapsack", IEEE Transactions on Information Theory. Vol. IT-24, September 1978, pp. 525–530.Google Scholar
  11. [11]
    Brassard, G., "A Note on the Complexity of Cryptography", IEEE Transactions on Information Theory. Vol. IT-25, March 1979, pp. 232–233.Google Scholar
  12. [12]
    Ginsburg, S., private communication.Google Scholar
  13. [13]
    Ullian, J.S., "Partial Algorithm Problems for Context Free Languages". Information and Control, Vol. 11, 1967, pp. 80–101.Google Scholar
  14. [14]
    Brassard, G., "Relativized Cryptography". Proceedings of 20th FOCS, Puerto Rico 1979.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1980

Authors and Affiliations

  • S. Even
    • 1
  • Y. Yacobi
    • 2
  1. 1.Computer Science Department, TechnionHaifaIsrael
  2. 2.Electrical Engineering Department, TechnionGraduate studentHaifaIsrael

Personalised recommendations