An Implementation of the Chor-Rivest Knapsack Type Public Key Cryptosystem

The Chor-Rivest cryptosystem is a public key cryptosystem first proposed by MIT cryptographers Ben Zion Chor and Ronald Rivest [Chor84]. More recently Chor has imple mented the cryptosystem as part of his doctoral thesis [Chor85]. Derived from the knapsack problem, this cryptosystem differs from earlier knapsack public key systems in that computa tions to create the knapsack are done over finite algebraic fields. An interesting result of Bose and Chowla supplies a method of constructing higher densities than previously attain able [Bose62]. Not only does an increased information rate arise, but the new system so far is immune to the low density attacks levied against its predecessors, notably those of Lagarias- Odlyzko and Radziszowski-Kreher [Laga85, Radz86]. An implementation of this cryptosystem is really an instance of the general scheme, dis tinguished by fixing a pair of parameters, p and h , at the outset. These parameters then remain constant throughout the life of the implementation (which supports a community of users). Chor has implemented one such instance of his cryptosystem, where p =197 and h =24. This thesis aspires to extend Chor\u27s work by admitting p and h as variable inputs at run time. In so doing, a cryptanalyst is afforded the means to mimic the action of arbitrary implementations. A high degree of success has been achieved with respect to this goal. There are only a few restrictions on the choice of parameters that may be selected. Unfortunately this general ity incurs a high cost in efficiency; up to thirty hours of (VAX1 1-780) processor time are needed to generate a single key pair in the desired range (p = 243 and h =18)

On the Chor-Rivest knapsack cryptosystem

Wetensch. publicati

Safer parameters for the Chor–Rivest cryptosystem

AbstractVaudenay’s cryptanalysis against Chor–Rivest cryptosystem is applicable when the parameters, p and h, originally proposed by the authors are used. Nevertheless, if p and h are both prime integers, then Vaudenay’s attack is not applicable. In this work, a choice of these parameters resistant to the existing cryptanalytic attacks, is presented. The parameters are determined in a suitable range guaranteeing its security and the computational feasibility of implementation. Regrettably, the obtained parameters are scarce in practice

Quadratic compact knapsack public-key cryptosystem

AbstractKnapsack-type cryptosystems were among the first public-key cryptographic schemes to be invented. Their NP-completeness nature and the high speed in encryption/decryption made them very attractive. However, these cryptosystems were shown to be vulnerable to the low-density subset-sum attacks or some key-recovery attacks. In this paper, additive knapsack-type public-key cryptography is reconsidered. We propose a knapsack-type public-key cryptosystem by introducing an easy quadratic compact knapsack problem. The system uses the Chinese remainder theorem to disguise the easy knapsack sequence. The encryption function of the system is nonlinear about the message vector. Under the relinearization attack model, the system enjoys a high density. We show that the knapsack cryptosystem is secure against the low-density subset-sum attacks by observing that the underlying compact knapsack problem has exponentially many solutions. It is shown that the proposed cryptosystem is also secure against some brute-force attacks and some known key-recovery attacks including the simultaneous Diophantine approximation attack and the orthogonal lattice attack