14 research outputs found
Mixed-radix Naccache-Stern encryption
In this work we explore a combinatorial optimization problem stemming from the Naccache-Stern cryptosystem. We show that solving this problem results in bandwidth improvements, and suggest
a polynomial-time approximation algorithm to find an optimal solution.
Our work suggests that
using optimal radix encoding results in an asymptotic 50% increase in bandwidth
Self Masking for Hardering Inversions
The question whether one way functions (i.e., functions that are easy to compute but hard to invert) exist is arguably one of the central problems in complexity theory, both from theoretical and practical aspects. While proving that such functions exist could be hard, there were quite a few attempts to provide functions which are one way in practice , namely, they are easy to compute, but there are no known polynomial time algorithms that compute their (generalized) inverse (or that computing their inverse is as hard as notoriously difficult tasks, like factoring very large integers).
In this paper we study a different approach. We provide a simple heuristic, called self masking, which converts a given polynomial time computable function into a self masked version , which satisfies the following: for a random input , w.h.p., but a part of , which is essential for computing is masked in . Intuitively, this masking makes it hard to convert an efficient algorithm which computes to an efficient algorithm which computes , since the masked parts are available to but not to .
We apply this technique on variants of the subset sum problem which were studied in the context of one way functions, and obtain functions which, to the best of our knowledge, cannot be inverted in polynomial time by published techniques
Exploring Naccache-Stern Knapsack Encryption
The Naccache–Stern public-key cryptosystem (NS) relies on the conjectured hardness of the modular multiplicative knapsack problem: Given , find the .
Given this scheme\u27s algebraic structure it is interesting to systematically explore its variants and generalizations. In particular it might be useful to enhance NS with features such as semantic security, re-randomizability or an extension to higher-residues.
This paper addresses these questions and proposes several such variants
An Analysis of Modern Cryptosystems
Since the ancient Egyptian empire, man has searched for ways to protect information from getting into the wrong hands. Julius Caesar used a simple substitution cipher to protect secrets. During World War II, the Allies and the Axis had codes that they used to protect information. Now that we have computers at our disposal, the methods used to protect data in the past are ineffective. More recently, computer scientists and mathematicians have been working diligently to develop cryptosystems which will provide absolute security in a computing environment.
The three major cryptosystems in use today are DES, RSA, and the Knapsack Cryptosystem. These cryptosystems have been reviewed and the positive and negative aspects of each is discussed. A newcomer to the field of cryptology is the Random Spline Cryptosystem which is discussed in detail
Improved Classical and Quantum Algorithms for the Shortest Vector Problem via Bounded Distance Decoding
The most important computational problem on lattices is the Shortest Vector
Problem (SVP). In this paper, we present new algorithms that improve the
state-of-the-art for provable classical/quantum algorithms for SVP. We present
the following results. A new algorithm for SVP that provides a smooth
tradeoff between time complexity and memory requirement. For any positive
integer , our algorithm takes time and
requires memory. This tradeoff which ranges from
enumeration () to sieving ( constant), is a consequence of a new
time-memory tradeoff for Discrete Gaussian sampling above the smoothing
parameter.
A quantum algorithm for SVP that runs in time and
requires classical memory and poly(n) qubits. In Quantum Random
Access Memory (QRAM) model this algorithm takes only time and
requires a QRAM of size , poly(n) qubits and
classical space. This improves over the previously fastest classical (which is
also the fastest quantum) algorithm due to [ADRS15] that has a time and space
complexity .
A classical algorithm for SVP that runs in time
time and space. This improves over an algorithm of [CCL18] that
has the same space complexity.
The time complexity of our classical and quantum algorithms are obtained
using a known upper bound on a quantity related to the lattice kissing number
which is . We conjecture that for most lattices this quantity is a
. Assuming that this is the case, our classical algorithm runs in
time , our quantum algorithm runs in time
and our quantum algorithm in QRAM model runs in time .Comment: Faster Quantum Algorithm for SVP in QRAM, 43 pages, 4 figure
Faster Sieving Algorithm for Approximate SVP with Constant Approximation Factors
Abstract. There is a large gap between theory and practice in the complexities of sieving algorithms for solving the shortest vector problem in an arbitrary Euclidean lattice. In this paper, we work towards reducing this gap, providing theoretical refinements of the time and space complexity bounds in the context of the approximate shortest vector problem. This is achieved by relaxing the requirements on the AKS algorithm, rather than on the ListSieve, resulting in exponentially smaller bounds starting from , for constant values of . We also explain why these improvements carry over to also give the fastest quantum algorithms for the approximate shortest vector problem
Why we couldn't prove SETH hardness of the Closest Vector Problem for even norms, and of the Subset Sum Problem!
Recent work [BGS17,ABGS19] has shown SETH hardness of some constant factor
approximate CVP in the norm for any that is not an even integer.
This result was shown by giving a Karp reduction from -SAT on variables
to approximate CVP on a lattice of rank . In this work, we show a barrier
towards proving a similar result for CVP in the norm where is an
even integer. We show that for any , if for every , there
exists an efficient reduction that maps a -SAT instance on variables to
a -CVP instance for a lattice of rank at most in the
Euclidean norm, then . We prove a
similar result for -CVP for all even norms under a mild
additional promise that the ratio of the distance of the target from the
lattice and the shortest non-zero vector in the lattice is bounded by
.
Furthermore, we show that for any , and any even integer , if
for every , there exists an efficient reduction that maps a -SAT
instance on variables to a - instance for a lattice
of rank at most , then . The
result for SVP does not require any additional promise.
While prior results have indicated that lattice problems in the norm
(Euclidean norm) are easier than lattice problems in other norms, this is the
first result that shows a separation between these problems.
We achieve this by using a result by Dell and van Melkebeek [JACM, 2014] on
the impossibility of the existence of a reduction that compresses an arbitrary
-SAT instance into a string of length for any
. In addition to CVP, we also show that the same result holds for
the Subset-Sum problem using similar techniques.Comment: 32 pages, 3 figure