Knapsack Public Key Cryptosystems and Diophantine Approximation

Extended Abstract
  • J. C. Lagarias

Abstract

This paper presents and analyzes cryptanalytic attacks on knapsack public key cryptosystems that are based on ideas from Diophantine approximation. Shamir’s attack on the basic Merkle-Hellman knapsack cryptosystem is shown to depend on the existence of “unusually good” simultaneous Diophantine approximations to a vector constructed from the public key. This aspect of Shamir’s attack carries over to multiply iterated knapsack cryptosystems: there are “unusually good” simultaneous Diophantine approximations to an analogous vector constructed from the public key. These “unusually good” simultaneous Diophantine approximations can be used to break multiply iterated knapsaçk cryptosystems provided one can solve a certain nonlinear Diophantine approximation problem. This nonlinear problem is solved in the simplest case and then used to give a new cryptanalytic attack on doubly iterated knapsack cryptosystems.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    L. Adleman, On Breaking the Iterated Merkle-Hellman Public Key Cryptosystem, in: Advances in Cryptology, Proceedings of Crypto-82 (Eds: D. Chaum, R. Rivest, A. T. Sherman ), Plenum Press 1983, 303–308.Google Scholar
  2. [2]
    L. Adleman, On Breaking Generalized Knapsack Public Key Cryptosytems, Proc. 15th Annual ACM Symposium on Theory of Computing, 1983, 40 2412.Google Scholar
  3. [3]
    E. F. Brickell, Solving low-density knapsacks, these proceedings.Google Scholar
  4. [4]
    E. F. Brickell, J. C. Lagarias and A. M. Odlyzko, Evaluation of Adleman’s Attack on Multiply Iterated Knapsacks (Abstract), these proceedings.Google Scholar
  5. [5]
    E. F. Brickell and G. J. Simmons, A Status Report on Knapsack Based Public Key Cryptosystems, Congressus Numerantium 37 (1983), 3–72.Google Scholar
  6. [6]
    E. F. Brickell, J. A. Davis, and G. J. Simmons, A Preliminary Report on the Cryptanalysis of Merkle-Hellman Knapsack Cryptosystems, in: Advances in Cryptalogy, Proceedings of Crypto-82 (Eds: D. Chaum, R. Rivest, A. T. Sherman ), Plenum Press, New York 1983, 289–301.Google Scholar
  7. [7]
    Y. Desmedt, J. Vandewalle, R. Govaerts, A Critical Analysis of the Security of Knapsack Public Key Algorithms, preprint.Google Scholar
  8. [8]
    J. C. Lagarias, The Computational Complexity of Simultaneous Diophantine Approximation Problems, Proc. 23rd Annual IEEE Symposium on Foundations of Computer Science (1982), 32–39. (to appear: SIAM J. Computing. )Google Scholar
  9. [9]
    J. C. Lagarias, Performance Analysis of Shamir’s Attack on the Basic Merkle-Hellman Knapsack Public Key Cryptosystem, in preparation.Google Scholar
  10. [10]
    J. C. Lagarias, Simultaneous Diophantine Approximation of Rationals by Rationals, preprint.Google Scholar
  11. [11]
    J. C. Lagarias and A. M. Odlyzko, Solving Low-Density Subset Sum Problems, Proc. 24th Annual IEEE Symposium on Foundations of Computer Science (1983), 1–10.Google Scholar
  12. [12]
    A. K. Lenstra, H. W. Lenstra, Jr. and L. Lovasz, Factoring polynomials with rational coefficients, Math. Annalen. 261 (1982), 515–534.CrossRefGoogle Scholar
  13. [13]
    H. W. Lenstra, Jr., Integer programming with a fixed number of variables, Math. of Operations Research, to appear.Google Scholar
  14. [14]
    R. Merkle and M. Hellman, Hiding Information and Signatures in Trapdoor Knapsacks, IEEE Trans. Information Theory IT-24 (1978), 525–530.Google Scholar
  15. [15]
    A. M. Odlyzko, Cryptanalytic attacks on the multiplicative knapsack cryptosystem and on Shamir’s fast signature scheme, IEEE Trans. Information Theory, to appear.Google Scholar
  16. [16]
    A. Shamir, A polynomial time algorithm for breaking the basic MerkleHellman cryptosystem, Proc. 23rd Annual Symposium on Foundations of Computer Science (1982), 145–152.Google Scholar

Copyright information

© Plenum Press, New York 1984

Authors and Affiliations

  • J. C. Lagarias
    • 1
  1. 1.AT&T Bell LaboratoriesMurray HillUSA

Personalised recommendations