Skip to main content

New Attacks for Knapsack Based Cryptosystems

  • Conference paper
Security and Cryptography for Networks (SCN 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7485))

Included in the following conference series:

Abstract

In this paper, we revisit Shamir’s well-known attack (and a variant due to Lagarias) on the basic Merkle-Hellman Knapsack cryptosystem (MH scheme). The main observation is that the superincreasing property of the secret key sequence \(\boldsymbol{\mathfrak{a}}\) used in the original MH construction is not necessary for the attack. More precisely, the attack is applicable as long as there are sufficiently many secret key elements \(\mathfrak{a}_i\) whose size is much smaller than the size of the secret modulus M.

We then exploit this observation to give practical attacks on two recently introduced MH-like cryptosystems. Both schemes are particularly designed to avoid superincreasing sequences but still provide enough structure to allow for complete recovery of (equivalent) decryption keys. Similarly to Shamir’s attack, our algorithms run in two stages and we need to solve different fixed-dimensional simultaneous Diophantine approximation problems (SDA). We implemented the attacks in Sage and heuristically solved the SDA by lattice reduction. We recovered secret keys for both schemes and various security levels in a matter of seconds.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  2. Merkle, R.C., Hellman, M.E.: Hiding Information and Signatures in Trapdoor Knapsacks. IEEE Transactions on Information Theory IT-24(5) (September 1978)

    Google Scholar 

  3. Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness

    Google Scholar 

  4. Brickell, E.F.: Solving Low Density Knapsacks. In: Chaum, D. (ed.) Advances in Cryptology, Proceedings of CRYPTO 1983, pp. 25–37. Plenum Press, New York (1983)

    Google Scholar 

  5. Brickell, E.F., Lagarias, J.C., Odlyzko, A.M.: Evaluation of the Adleman Attack on Multiply Iterated Knapsack Cryptosystems. In: Chaum, D. (ed.) Advances in Cryptology, Proceedings of CRYPTO 1983, pp. 39–42. Plenum Press, New York (1983)

    Google Scholar 

  6. Lagarias, J.C.: Knapsack Public Key Cryptosystems and Diophantine Approximation. In: Chaum, D. (ed.) Advances in Cryptology, Proceedings of CRYPTO 1983, pp. 3–23. Plenum Press, New York (1983)

    Google Scholar 

  7. Lenstra, H.W.: Integer Programming with a Fixed Number of Variables. Mathematics of Operations Research 8(4) (November 1983)

    Google Scholar 

  8. Brickell, E.F.: Breaking Iterated Knapsacks. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 342–358. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  9. Lagarias, J.C.: Performance Analysis of Shamir’s Attack on the Basic Merkle-Hellman Knapsack Cryptosystem. In: Paredaens, J. (ed.) ICALP 1984. LNCS, vol. 172, pp. 312–323. Springer, Heidelberg (1984)

    Chapter  Google Scholar 

  10. Shamir, A.: A Polynomial-Time Algorithm for Breaking the Basic Merkle-Hellman Cryptosystem. IEEE Transactions on Information Theory IT-30(5) (September 1984)

    Google Scholar 

  11. Lagarias, J.C., Odlyzko, A.M.: Solving Low-Density Subset Sum Problems. Journal of the ACM 32(1), 229–246 (1985)

    Article  MathSciNet  MATH  Google Scholar 

  12. Brickel, E.F., Odlyzko, M.: Cryptanalysis: A Survey of Recent Results. Proceedings of the IEEE 76(5), 578–593 (1988)

    Article  Google Scholar 

  13. Odlyzko, A.M.: The rise and fall of knapsack cryptosystems. In: Cryptology and Computational Number Theory. Proc. Symp. Appl. Math., vol. 42, pp. 75–88. Am. Math. Soc. (1990)

    Google Scholar 

  14. Joux, A., Stern, J.: Improving the Critical Density of the Lagarias-Odlyzko Attack Against Subset Sum Problems. In: Budach, L. (ed.) FCT 1991. LNCS, vol. 529, pp. 258–264. Springer, Heidelberg (1991)

    Chapter  Google Scholar 

  15. Coster, M.J., Joux, A., LaMacchia, B.A., Odlyzko, A.M., Schnorr, C.-P., Stern, J.: Improved Low-Density Subset Sum Algorithms. In: Computational Complexity, vol. 2, pp. 111–128 (1992)

    Google Scholar 

  16. Ajtai, M., Dwork, C.: A Public-Key Cryptosystem with Worst-Case/Average-Case Equivalence. In: Proceedings of the Twenty-Ninth Annual ACM Symposium on the Theory of Computing, STOC, pp. 284–293 (1997)

    Google Scholar 

  17. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the 37th Annual ACM Symposium on Theory of Computing, STOC, pp. 84–93 (2005)

    Google Scholar 

  18. Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC, pp. 333–342 (2009)

    Google Scholar 

  19. Zhang, W., Wang, B., Hu, Y.: A New Knapsack Public-Key Cryptosystem. In: 2009 International Conference on Information Assurance and Security (IAS), vol. 2, pp. 53–56 (2009)

    Google Scholar 

  20. Kobayashi, K., Tadaki, K., Kasahara, M., Tsujii, S.: A knapsack cryptosystem based on multiple knapsacks. In: 2010 International Symposium on Information Theory and its Applications (ISITA), pp. 428–432 (October 2010)

    Google Scholar 

  21. Lyubashevsky, V., Palacio, A., Segev, G.: Public-Key Cryptographic Primitives Provably as Secure as Subset Sum. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 382–400. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  22. Herold, G., Meurer, A.: New Attacks for Knapsack Based Cryptosystems. Full Version, http://eprint.iacr.org

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Herold, G., Meurer, A. (2012). New Attacks for Knapsack Based Cryptosystems. In: Visconti, I., De Prisco, R. (eds) Security and Cryptography for Networks. SCN 2012. Lecture Notes in Computer Science, vol 7485. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32928-9_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-32928-9_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32927-2

  • Online ISBN: 978-3-642-32928-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics