Generalized compact knapsacks, cyclic lattices, and efficient one-way functions

Computational Complexity

Volumn 16, Issue 4, 2007, Pages 365-411

  Micciancio, Daniele ^a  

^a UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Average case complexity; Cyclic lattices; Knapsack problem; One way functions

Indexed keywords

EID: 38749089099     PISSN: 10163328     EISSN: 14208954     Source Type: Journal    
DOI: 10.1007/s00037-007-0234-9     Document Type: Article

References (67)

1. M. AJTAI (2004). Generating hard instances of lattice problems. Complexity of Computations and Proofs, Quaderni di Matematica 13, 1-32. Preliminary version in STOC 1996.
2. 2 is NP-hard for randomized reductions (extended abstract). In Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing - STOC '98, 10-19. ACM, Dallas, Texas, USA.
3. M. AJTAI & C. DWORK (1997). A public-key cryptosystem with worst-case/averagecase equivalence. In Proceedings of the Twenty-ninth Annual ACM Symposium on Theory of Computing - STOC '97, 284-293. ACM, El Paso, Texas, USA.
4. M. AJTAI, R. KUMAR & D. SIVAKUMAR (2001). A sieve algorithm for the shortest lattice vector problem. In Proceedings of the Thirty-third Annual ACM Symposium on Theory of Computing - STOC 2001, 266-275. ACM, Heraklion, Crete, Greece.
5. H. R. AMIRAZIZI, E. D. KARNIN & J. M. REYNERI (1983). Compact knapsacks are polynomially solvable. ACM SIGACT News 15, 20-22. Preliminary version in CRYPTO 1981.
6. S. ARORA, L. BABAI, J. STERN & E. Z. SWEEDYK (1997). The hardness of approximate optima in lattices, codes, and systems of linear equations. Journal of Computer and System Sciences 54(2), 317-331. Preliminary version in FOCS 1993.
7. L. BABAI (1986). On Lovasz' lattice reduction and the nearest lattice point problem. Combinatorica 6(1), 1-13. Preliminary version in STAGS 1985.
8. J. BLOMER & J.-P. SEIFERT (1999). On the complexity of computing short linearly independent vectors and short bases in a lattice. In Proceedings of the Thirty-first Annual ACM Symposium on Theory of Computing - STOC '99, 711-720. ACM, Atlanta, Georgia, USA.
9. E. F. BRICKELL (1984). Breaking iterated knapsacks. In Advances in Cryptology Proceedings of CRYPTO '84, G. R. BLAKLEY & D. CHAUM, editors, volume 196 of Lecture Notes in Computer Science, 342-358. Springer-Verlag, Santa Barbara, California, USA.
10. J.-Y. CAI & A. P. NERURKAR (1997). An improved worst-case to average-case connection for lattice problems (extended abstract). In Proceedings of the 38th Annual Symposium on Foundations of Computer Science - FOCS '97, 468-477. IEEE, Miami Beach, Florida, USA.
11. B. CHOR & R. RIVEST (1988). A knapsack-type public key cryptosystem based on arithmetic in finite fields. IEEE Transactions in Information Theory 34, 901-909. Preliminary version in CRYPTO 1984.
12. M. J. COSTER, A. JOUX, B. A. LAMACCHIA, A. M. ODLYZKO, C.-P. SCHNORR & J. STERN (1992). Improved low-density subset sum algorithms. Computational Complexity 2(2), 111-128. Preliminary versions in Eurocrypt 1991 and FCT 1991.
13. T. W. CUSICK (1995). Cryptanalysis of a public key system based on Diophantine equations. Information Processing Letters 56(2), 73-75.
14. I. DAMGÅRD, T. P. PEDERSEN & B. PFITZMANN (1997). On the existence of statistically hiding bit commitment schemes and fail-stop signatures. Journal of Cryptology 10(3), 163-194. Preliminary version in CRYPTO 1993.
15. I. DINUR, G. KINDLER, R. RAZ & S. SAFRA (2003). Approximating CVP to within almost-polynomial factors is NP-hard. Combinatorica 23(2), 205-243. Preliminary version in FOCS 1998.
16. P. VAN EMDE BOAS (1981). Another NP-complete problem and the complexity of computing short vectors in a lattice. Technical Report 81-04, Mathematische Instituut, Universiry of Amsterdam. Available on-line at URL http://turing.wins.uva.nl/~peter/.
17. U. FEIGE & D. MICCIANCIO (2004). The inapproximability of lattice and coding problems with preprocessing. Journal of Computer and System, Sciences 69(1), 45-67. Preliminary version in CCC 2002.
18. A. FLAXMAN & B. PRZYDATEK (2005). Solving medium-density subset sum problems in expected polynomial time. In Proceedings of the 22nd Annual Symposium on Theoretical Aspects of Computer Science - STACS 2005, V. DIEKERT & B. DURAND, editors, volume 3404 of Lecture Notes in Computer Science, 305-314. Springer, Stuttgart, Germany.
19. C. GENTRY & M. SZYDLO (2002). Cryptanaiysis of the revised NTRU signature scheme. In Advances in Cryptology - EUROCRYPT 2002, Proceedings of the Internarional Conference on the Theory and Application of Cryptographic Techniques, L. KNUDSEN, editor, volume 2332 of Lecture Notes in Computer Science, 299-320. Springer-Verlag, Amsterdam, The Netherlands.
20. O. GOLDREICH, S. GOLDWASSER & S. HALEVI (1996). Collision-free hashing from lattice problems. Technical Report TR96-056, Electronic Colloquium on Computational Complexity (ECCC).
21. O. GOLDREICH, S. GOLDWASSER & S. MICALI (1986). How to construct random functions. Journal of the ACM 33, 792-807.
22. O. GOLDREICH & L. LEVIN (1989). A hard predicate for all one-way functions. In Proceedings of the Twenty-first Annual A CM Symposium on the Theory of Computing - STOC '89. ACM, Seattle, Washington, USA.
23. R. M. F. GOODMAN & A. J. MCAULEY (1984). A new trapdoor knapsack public-key cryptosystem. In Advances in Cryptology - EUROCRYPT '84, Proceedings of a Workshop on the Theory and Application of Cryptographic Techniques, T. BETH, N. COT & I. INGEMARSSON, editors, volume 209 of Lecture Notes in Computer Science, 150-158. Springer-Verlag, Paris, France.
24. V. GURUSWAMI & A. VARDY (2005). Maximum-likelihood decoding of Reed-Solomon codes is NP-hard. IEEE Trunsactions on Information Theory 51(7), 2249-2256. Preliminary version in SODA 2005.
25. J. HÅSTAD, R. IMPAGLIAZZO, L. A. LEVIN & M. LUBY (1999). A pseudorandom generator from any one-way function. SIAM Journal on Computing 28(4), 1364-1396.
26. J. HOFFSTEIN, J. PLPHER & J. H. SILVERMAN (1998). NTRU: A ring based public key cryptosystem. In Algorithmic Number Theory: Third International Symposium - ANTS-III, J. P. BUHLER, editor, volume 1423 of Lecture Notes in Computer Science, 267-288. Springer, Portland, OR, USA.
27. N. HOWGRAVE-GRAHAM & M. SZYDLO (2004). A method to solve cyclotomic norm equations. In Algorithmic Number Theory: 6th International Symposium - ANTS-VI, D. A. BUELL, editor, volume 3076 of Lecture Notes in Computer Science, 272-279. Springer, Burlington, VT, USA.
28. R. IMPAGLIAZZO & M. NAOR (1996). Efficient cryptographic schemes provably as secure as subset sum. Journal of Cryptology 9(4), 199-216.
29. R. IMPAGLIAZZO & D. ZUCKERMAN (1989). How to recycle random bits. In Proceedings of the 30th Annual Symposium on Foundations of Computer Science - FOCS '89, 248-253. IEEE, Reseach Triangle Park, NC, USA.
30. A. JOUX & J. STERN (1993). Cryptanalysis of another knapsack cryptosystem. In Advances in Cryptology - Proceedings Asiacrypt 1991, H. IMAI, R. L. RIVEST & T. MATSUMOTO, editors, volume 739 of Lecture Notes in Computer Science, 470-476. Springer-Verlag.
31. A. JOUX & J. STERN (1998). Lattice reduction: A toolbox for the cryptanalyst. Journal of Cryptology 11(3), 161-185.
32. R. M. KARP (1972). Reducibility among combinatorial problems. In Complexity of Computer Computation, R. E. MILLER & J. W. THATCHER, editors, 85-103. Plenum.
33. S. KHOT (2005). Hardness of approximating the shortest vector problem in lattices. Journal of the ACM 52(5), 789-808. Preliminary version in FOCS 2004.
34. J. C. LAGARIAS & A. M. ODLYZKO (1985). Solving low-density subset sum problems. Journal of the ACM 32(1), 229-246.
35. M.-K. LEE & K. PARK (1999). Low-density attack of public-key cryptosystems based on compact knapsacks. Journal of Electrical Engineering and Information Science 4(2), 197-204.
36. A. K. LENSTRA, H. W. LENSTRA, JR. & L. LOVÁSZ (1982). Factoring polynomials with rational coefficients. Mathematische Annalen 261, 513-534.
37. C. H. LIN, C. C. CHANG & R. C. T. LEE (1995). A new public-key cipher system based upon the Diophantine equations. IEEE Transactions on Computers 44(1), 13-19.
38. V. LYUBASHEVSKY (2005). The parity problem in the presence of noise, decoding random linear codes, and the subsetsum problem. In APPROX-RANDOM 2005, C. CHEKURJ, K. JANSEN, D. P. JOSÉ ROLIM & L. TREVISAN, editors, volume 3624 of Lecture Notes in Computer Science, 378-389. Springer, Berkeley, CA, USA.
39. V. LYUBASHEVSKY & D. MICCIANCIO (2006). Generalized compact knapsacks are collision resistant. In Proceedings of the 33rd International Colloquium on Automata, Languages and Programming - ICALP 2006, I. WEGENER, V. SASSONE & B. PRENEEL, editors, volume 4052 of Lecture Notes in Computer Science, 144-155. SpringerVerlag, Venice, Italy.
40. A. MAY & J. H. SILVERMAN (2001). Dimension reduction methods for convolution modular lattices. In Cryptography and Lattices Conference - CaLC 2001, J. SILVERMAN, editor, volume 2146 of Lecture Notes in Computer Science, 110-125. Springer-Verlag, Providence, RI, USA.
41. R. C. MERKLE & M. E. HELLMAN (1978). Hiding information and signatures in trapdoor knapsacks. IEEE Transactions on Information Theory 24(5), 525-530.
42. D. MICCIANCIO (2001a). The hardness of the closest vector problem with preprocessing. IEEE Transactions on Information Theory 47(3), 1212-1215.
43. D. MICCIANCIO (2001b). Improving lattice based cryptosystems using the Hermite normal form. In Cryptography and Lattices Conference - CaLC 2001, J. SILVERMAN, editor, volume 2146 of Lecture Notes in Computer Science, 126-145. Springer-Verlag, Providence, RI, USA.
44. D. MICCIANCIO (2001c). The shortest vector problem is NP-hard to approximate to within some constant. SIAM Journal on Computing 30(6), 2008-2035. Preliminary version in FOCS 1998.
45. D. MICCIANCIO (2002a). Generalized compact knapsaks, cyclic lattices, and efficient one-way functions from worst-case complexity assumptions. In Proceedings of the 43rd Annual Symposium on Foundations of Computer Science - FOCS 2002, 356-365. IEEE, Vancouver, British Columbia, Canada.
46. D. MICCIANCIO (2002b). A note on the minimal volume of almost cubic parallelepiped. Discrete and Computational Geometry 29(1), 133-138.
47. D. MICCIANCIO (2004). Almost perfect lattices, the covering radius problem, and applications to Ajtai's connection factor. SIAM Journal on Computing 34(1), 118-169. Preliminary version in STOC 2002.
48. D. MICCIANCIO & S. GOLDWASSER (2002). Complexity of Lattice Problems: A Cryptographic Perspective, volume 671 of The Kluwer International Series in Engineering and Computer Science. Kluwer Academic Publishers, Boston, Massachusetts.
49. D. MICCIANCIO & O. REGEV (2007). Worst-case to average-case reductions based on Gaussian measure. SIAM Journal on Computing 37(1), 267-302. Preliminary version in FOCS 2004.
50. M. NAOR (1991). Bit commitment using pseudorandomness. Journal of Cryptology 4(2), 151-158. Preliminary version in CRYPTO 1989.
51. M. NAOR & M. YUNG (1989). Universal one-way hash functions and their cryptographic applications. In Proceedings of the Twenty-first Annual ACM Symposium on the Theory of Computing - STOC '89, 33-43. ACM, Seattle, Washington, USA.
52. P. NGUYEN & J. STERN (1997). Merkle-Hellman revisited: A cryptanalysis of the Qu-Vanstone cryptosystem based on group factorizations. In Advances in Cryptology - CRYPTO '97, Proceedings of the 17th Annual International Cryptology Conference, B. S. KALISKI, JR,., editor, volume 1294 of Lecture Notes in Computer Science, 198-212. Springer, Santa Barbara, California, USA.
53. P. NGUYEN & J. STERN (1998). Cryptanalysis of the Ajtai-Dwork cryptosystem. In Advances in Cryptology - CRYPTO '98, Proceedings of the 18th Annual International Cryptology Conference, H. KRAWCZYK, editor, volume 1462 of Lecture Notes in Computer Science, 223-242. Springer-Verlag, Santa Barbara, California, USA.
54. P. NGUYEN & J. STERN (2000). Lattice reduction in cryptology: An update. In Algorithmic Number Theory: 4th International Symposium - ANTS-IV, W. BOSMA, editor, volume 1838 of Lecture Notes in Computer Science, 85-112. Springer, Leiden, The Netherlands.
55. P. NGUYEN & J. STERN (2001). The two faces of lattices in cryptology. In Cryptography and Lattices Conference - CaLC 2001, J. SILVERMAN, editor, volume 2146 of Lecture Notes in Computer Science, 146-180. Springer-Verlag, Providence, RI, USA.
56. A. M. ODLYZKO (1989). The rise and fall of knapsack cryptosystems. In Cryptology and Computational Number Theory, C. POMERANCE, editor, volume 42 of Procedings of Symposia in Applied Mathematics, 75-88. AMS, Boulder, Colorado.
57. G. ORTON (1994). A multiple-iterated trapdoor for dense compact knapsacks. In Advances in Cryptology - EUROCRYPT '94, Proceedings of a Workshop on the Theory and Application of Cryptographic Techniques, A. DE SANTIS, editor, volume 950 of Lecture Notes in Computer Science, 112-130. Springer-Verlag, Perugia, Italy.
58. C. PEIKERT& A. ROSEN (2006). Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices. In Theory of Cryptography Conference - Proceedings of TCC 2006, S. HALEVI & T. RABIN, editors, volume 3876 of Lecture Notes in Computer Science, 145-166. Springer, New York, NY, USA.
59. O. REGEV (2004a). Improved inapproximability of lattice and coding problems with preprocessing. IEEE Transactions on Information Theory 50(9), 2031-2037. Preliminary version in CCC 2003.
60. O. REGEV (2004b). New lattice-based cryptographic constructions. Journal of the ACM 51(6), 899-942. Preliminary version in STOC 2003.
61. H. RITTER (1996). Breaking knapsack cryptosystems by max-norm enumeration. In First International Conference of the Theory and Appications of Cryptology Pragocrypt 1996, 480-492.
62. J. ROMPEL (1990). One-way functions are necessary and sufficient for secure signatures. In Proceedings of the Twenty-second Annual ACM Symposium on the Theory of Computing - STOC '90, 387-394. ACM, Baltimore, Maryland, USA.
63. C.-P. SCHNOR.R. (1987). A hierarchy of polynomial time lattice basis reduction algorithms. Theoretical Computer Science 53(2-3), 201-224.
64. C.-P. SCHNORR. & M. EUCHNER (1994). Lattice basis reduction: Improved practical algorithms and solving subset sum problems. Mathematical Programming 66(1-3), 181-199. Preliminary version in FCT 1991.
65. C.-P. SCHNORR & H. H. HÖRNER (1995). Attacking the Chor-Rivest cryptosystem by improved lattice reduction. In Advances in Cryptology - EUROCRYPT '95, Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, L. C. GUILLOU & J.-J. QUISQUATER., editors, volume 921 of Lecture Notes in Computer Science, 1-12. Springer-Verlag, Saint-Malo, France.
66. A. SHAMIR. (1984). A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem. IEEE Transactions on Information Theory 30(5), 699-704. Preliminary version in FOCS 1982.
67. M. SZYDLO (2003). Hypercubic lattice reduction and analysis of GGH and NTRU signatures. In Advances in Cryptology - EUROCRYPT 2003, Proceedings of the Internarional Conference on the Theory and Application of Cryptographic Techniques, E. BIHAM, editor, volume 2656 of Lecture Notes in Computer Science, 433-448. Springer-Verlag, Warsaw, Poland.