An Implementation of the Chor-Rivest Knapsack Type Public Key Cryptosystem

The Chor-Rivest cryptosystem is a public key cryptosystem first proposed by MIT cryptographers Ben Zion Chor and Ronald Rivest [Chor84]. More recently Chor has imple mented the cryptosystem as part of his doctoral thesis [Chor85]. Derived from the knapsack problem, this cryptosystem differs from earlier knapsack public key systems in that computa tions to create the knapsack are done over finite algebraic fields. An interesting result of Bose and Chowla supplies a method of constructing higher densities than previously attain able [Bose62]. Not only does an increased information rate arise, but the new system so far is immune to the low density attacks levied against its predecessors, notably those of Lagarias- Odlyzko and Radziszowski-Kreher [Laga85, Radz86]. An implementation of this cryptosystem is really an instance of the general scheme, dis tinguished by fixing a pair of parameters, p and h , at the outset. These parameters then remain constant throughout the life of the implementation (which supports a community of users). Chor has implemented one such instance of his cryptosystem, where p =197 and h =24. This thesis aspires to extend Chor\u27s work by admitting p and h as variable inputs at run time. In so doing, a cryptanalyst is afforded the means to mimic the action of arbitrary implementations. A high degree of success has been achieved with respect to this goal. There are only a few restrictions on the choice of parameters that may be selected. Unfortunately this general ity incurs a high cost in efficiency; up to thirty hours of (VAX1 1-780) processor time are needed to generate a single key pair in the desired range (p = 243 and h =18)

Quadratic compact knapsack public-key cryptosystem

AbstractKnapsack-type cryptosystems were among the first public-key cryptographic schemes to be invented. Their NP-completeness nature and the high speed in encryption/decryption made them very attractive. However, these cryptosystems were shown to be vulnerable to the low-density subset-sum attacks or some key-recovery attacks. In this paper, additive knapsack-type public-key cryptography is reconsidered. We propose a knapsack-type public-key cryptosystem by introducing an easy quadratic compact knapsack problem. The system uses the Chinese remainder theorem to disguise the easy knapsack sequence. The encryption function of the system is nonlinear about the message vector. Under the relinearization attack model, the system enjoys a high density. We show that the knapsack cryptosystem is secure against the low-density subset-sum attacks by observing that the underlying compact knapsack problem has exponentially many solutions. It is shown that the proposed cryptosystem is also secure against some brute-force attacks and some known key-recovery attacks including the simultaneous Diophantine approximation attack and the orthogonal lattice attack

A survey of the mathematics of cryptology

Herein I cover the basics of cryptology and the mathematical techniques used in the field. Aside from an overview of cryptology the text provides an in-depth look at block cipher algorithms and the techniques of cryptanalysis applied to block ciphers. The text also includes details of knapsack cryptosystems and pseudo-random number generators

Public key cryptosystems : theory, application and implementation

The determination of an individual's right to privacy is mainly a nontechnical matter, but the pragmatics of providing it is the central concern of the cryptographer. This thesis has sought answers to some of the outstanding issues in cryptography. In particular, some of the theoretical, application and implementation problems associated with a Public Key Cryptosystem (PKC).The Trapdoor Knapsack (TK) PKC is capable of fast throughput, but suffers from serious disadvantages. In chapter two a more general approach to the TK-PKC is described, showing how the public key size can be significantly reduced. To overcome the security limitations a new trapdoor was described in chapter three. It is based on transformations between the radix and residue number systems.Chapter four considers how cryptography can best be applied to multi-addressed packets of information. We show how security or communication network structure can be used to advantage, then proposing a new broadcast cryptosystem, which is more generally applicable.Copyright is traditionally used to protect the publisher from the pirate. Chapter five shows how to protect information when in easily copyable digital format.Chapter six describes the potential and pitfalls of VLSI, followed in chapter seven by a model for comparing the cost and performance of VLSI architectures. Chapter eight deals with novel architectures for all the basic arithmetic operations. These architectures provide a basic vocabulary of low complexity VLSI arithmetic structures for a wide range of applications.The design of a VLSI device, the Advanced Cipher Processor (ACP), to implement the RSA algorithm is described in chapter nine. It's heart is the modular exponential unit, which is a synthesis of the architectures in chapter eight. The ACP is capable of a throughput of 50 000 bits per second

A CCA2 secure Code based encryption scheme in the Standard Model

This paper proposes an encryption scheme secureagainst chosen cipher text attack, built on the Niederreiterencryption scheme. The security of the scheme is based on thehardness of the Syndrome Decoding problem and the Goppa CodeDistinguishability problem. The scheme uses the techniques providedby Peikert and Waters using the lossy trapdoor functions.Compared to the existing IND-CCA2 secure variants in standardmodel due to Dowsley et.al. and Freeman et. al. (using the repetition paradigm initiated by Rosen and Segev), this schemeis more efficient as it avoids repetitions

A reversible system based on hybrid toggle radius-4 cellular automata and its application as a block cipher

The dynamical system described herein uses a hybrid cellular automata (CA) mechanism to attain reversibility, and this approach is adapted to create a novel block cipher algorithm called HCA. CA are widely used for modeling complex systems and employ an inherently parallel model. Therefore, applications derived from CA have a tendency to fit very well in the current computational paradigm where scalability and multi-threading potential are quite desirable characteristics. HCA model has recently received a patent by the Brazilian agency INPI. Several evaluations and analyses performed on the model are presented here, such as theoretical discussions related to its reversibility and an analysis based on graph theory, which reduces HCA security to the well-known Hamiltonian cycle problem that belongs to the NP-complete class. Finally, the cryptographic robustness of HCA is empirically evaluated through several tests, including avalanche property compliance and the NIST randomness suite.Comment: 34 pages, 12 figure

Preimage Selective Trapdoor Function: How to Repair an Easy Problem

Public key cryptosystems are constructed by embedding a trapdoor into a one-way function. So, the one-wayness and the trapdoorness are vital to public key cryptography. In this paper, we propose a novel public key cryptographic primitive called preimage selective trapdoor function. This scenario allows to use exponentially many preimage to hide a plaintext even if the underlying function is not one-way. The compact knapsack problem is used to construct a probabilistic public key cryptosystem, the underlying encryption function of which is proven to be preimage selective trapdoor one-way functions under some linearization attack models. The constructive method can guarantee the noninjectivity of the underlying encryption function and the unique decipherability for ciphertexts simultaneously. It is heuristically argued that the security of the proposal cannot be compromised by a polynomial-time adversary even if the compact knapsack is easy to solve. We failed to provide any provable security results about the proposal; however, heuristic illustrations show that the proposal is secure against some known attacks including brute force attacks, linearization attacks, and key-recovery attacks. The proposal turns out to have acceptable key sizes and performs efficiently and hence is practical

Delphi: sharing assessments of cryptographic assumptions

Almost all practical cryptographic protocols are based on computational or ad-hoc assumptions. Assessing the strengths of these assumptions is therefore a key factor in evaluating the risks of the systems using them. As a service to (and by) cryptographic researchers and practitioners, we developed Delphi, an online questionnaire to document researchers\u27 opinions and beliefs about the strengths of the most important assumptions. All responses received will be made accessible on our website, ideally non-anonymous (but depending on the contributor\u27s preference). We also intend to consolidate these responses and publish the results. We believe this effort will be of great value when deciding which cryptographic primitives to keep or start using