Abstract
Ajtai recently found a random class of lattices of integer points for which he could prove the following worst-case/average-case equivalence result: If there is a probabilistic polynomial time algorithm which finds a short vector in a random lattice from the class, then there is also a probabilistic polynomial time algorithm which solves several problems related to the shortest lattice vector problem (SVP) in any n-dimensional lattice. Ajtai and Dwork then designed a public-key cryptosystem which is provably secure unless the worst case of a version of the SVP can be solved in probabilistic polynomial time. However, their cryptosystem suffers from massive data expansion because it encrypts data bit-by-bit. Here we present a public-key cryptosystem based on similar ideas, but with much less data expansion.
Research supported in part by NSF grant CCR-9634665 and an Alfred P. Sloan Fellowship.
Chapter PDF
Similar content being viewed by others
References
M. Ajtai. Generating hard instances of lattice problems. In Proc. 28th Annual ACM Symposium on the Theory of Computing, 1996. Full version available from ECCC, Electronic Colloquium on Computational Complexity TR96-007, at http://www.eccc.uni-trier.de/eccc/.
M. Ajtai. The shortest vector problem in L2 is NP-hard for randomized reductions. Electronic Colloquium on Computational Complexity, TR97-047 at http://www.eccc.uni-trier.de/eccc/.
M. Ajtai and C. Dwork. A public-key cryptosystem with worst-case/average-case equivalence. 1996. Available from ECCC, Electronic Colloquium on Computational Complexity TR96-065, at http://www.eccc.uni-trier.de/eccc/.
S. Arora, L. Babai, J. Stern, and Z. Sweedyk. The hardness of approximate optima in lattices, codes, and systems of linear equations. In Proc. 34th IEEE Symposium on Foundations of Computer Science (FOCS), 1993, 724–733.
J-Y. Cai and A. Nerurkar. An Improved Worst-Case to Average-Case Connection for Lattice Problems. In Proc. 38th IEEE Symposium on Foundations of Computer Science (FOCS), 1997, 468–477.
J-Y. Cai and A. Nerurkar. Approximating the SVP to within a factor (1 + 1/dim∈) is NP-hard under randomized reductions. Available from ECCC, Electronic Colloquium on Computational Complexity TR97-059, at http://www.eccc.uni-trier.de/eccc/.
J-Y. Cai. A Primal-Dual Relation for Lattices and the Complexity of Shortest Lattice Vector Problem. To appear in Theoretical Computer Science.
J-Y. Cai. A new transference theorem and applications to Ajtai’s connection factor. Electronic Colloquium on Computational Complexity TR98-005, at http://www.eccc.uni-trier.de/eccc/.
O. Goldreich and S. Goldwasser. On the Limits of Non-Approximability of Lattice Problems. Electronic Colloquium on Computational Complexity TR97-031, at http://www.eccc.uni-trier.de/eccc/.
O. Goldreich, S. Goldwasser, and S. Halevi. Collision-free hashing from lattice problems. 1996. Available from ECCC, Electronic Colloquium on Computational Complexity TR96-042, at http://www.eccc.uni-trier.de/eccc/.
O. Goldreich, S. Goldwasser, and S. Halevi. Public-key cryptosystems from lattice reduction problems. 1996. Available from ECCC, Electronic Colloquium on Computational Complexity TR96-056, at http://www.eccc.uni-trier.de/eccc/.
J. C. Lagarias. The computational complexity of simultaneous diophantine approximation problems. SIAM Journal of Computing, Volume 14, page 196–209, 1985.
J. C. Lagarias, H. W. Lenstra, and C. P. Schnorr. Korkin-Zolotarev Bases and Successive Minima of a Lattice and its Reciprocal Lattice. Combinatorica, 10:(4), 1990, 333–348.
A. K. Lenstra, H. W. Lenstra, and L. Lovász. Factoring polynomials with rational coefficients. Mathematische Annalen, 261:515–534, 1982.
A.M. Odlyzko. The rise and fall of knapsack cryptosystems. in Cryptology and Computational Number Theory, American Mathematical Society, pp. 75–88, 1990.
C. P. Schnorr. A hierarchy of polynomial time basis reduction algorithms. Theory of Algorithms, pages 375–386, 1985.
P. van Emde Boas. Another NP-complete partition problem and the complexity of computing short vectors in lattices. Technical Report 81-04, Mathematics Department, University of Amsterdam, 1981.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cai, J.Y., Cusick, T.W. (1999). A Lattice- Based Public-Key Cryptosystem. In: Tavares, S., Meijer, H. (eds) Selected Areas in Cryptography. SAC 1998. Lecture Notes in Computer Science, vol 1556. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48892-8_18
Download citation
DOI: https://doi.org/10.1007/3-540-48892-8_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65894-8
Online ISBN: 978-3-540-48892-7
eBook Packages: Springer Book Archive