Solving low-density subset sum problems
Journal of the ACM (JACM)
How to construct random functions
Journal of the ACM (JACM)
Proceedings of CRYPTO 84 on Advances in cryptology
A new trapdoor knapsack public-key cryptosystem
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
A hierarchy of polynomial time lattice basis reduction algorithms
Theoretical Computer Science
A hard-core predicate for all one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Improved low-density subset sum algorithms
Computational Complexity
Lattice basis reduction: improved practical algorithms and solving subset sum problems
Mathematical Programming: Series A and B
A New Public-Key Cipher System Based Upon the Diophantine Equations
IEEE Transactions on Computers
Cryptanalysis of a public key system based on Diophantine equations
Information Processing Letters
The hardness of approximate optima in lattices, codes, and systems of linear equations
Journal of Computer and System Sciences - Special issue: papers from the 32nd and 34th annual symposia on foundations of computer science, Oct. 2–4, 1991 and Nov. 3–5, 1993
A public-key cryptosystem with worst-case/average-case equivalence
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
The shortest vector problem in L2 is NP-hard for randomized reductions (extended abstract)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
On the complexity of computing short linearly independent vectors and short bases in a lattice
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
A sieve algorithm for the shortest lattice vector problem
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Complexity of Lattice Problems
Complexity of Lattice Problems
The Shortest Vector in a Lattice is Hard to Approximate to within Some Constant
SIAM Journal on Computing
FOCS '02 Proceedings of the 43rd Symposium on Foundations of Computer Science
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of the Ajtai-Dwork Cryptosystem
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Another Knapsack Cryptosystem
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Cryptanalysis of the Revised NTRU Signature Scheme
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
NTRU: A Ring-Based Public Key Cryptosystem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Lattice Reduction in Cryptology: An Update
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
An Improved Worst-Case to Average-Case Connection for Lattice Problems
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Compact knapsacks are polynomially solvable
ACM SIGACT News - A special issue on cryptography
The inapproximability of lattice and coding problems with preprocessing
Journal of Computer and System Sciences - Special issue on computational complexity 2002
Almost Perfect Lattices, the Covering Radius Problem, and Applications to Ajtai's Connection Factor
SIAM Journal on Computing
New lattice-based cryptographic constructions
Journal of the ACM (JACM)
Hardness of approximating the shortest vector problem in lattices
Journal of the ACM (JACM)
Worst-Case to Average-Case Reductions Based on Gaussian Measures
SIAM Journal on Computing
Attacking the Chor-Rivest cryptosystem by improved lattice reduction
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Hypercubic lattice reduction and analysis of GGH and NTRU signatures
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Generalized compact knapsacks are collision resistant
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
APPROX'05/RANDOM'05 Proceedings of the 8th international workshop on Approximation, Randomization and Combinatorial Optimization Problems, and Proceedings of the 9th international conference on Randamization and Computation: algorithms and techniques
Solving medium-density subset sum problems in expected polynomial time
STACS'05 Proceedings of the 22nd annual conference on Theoretical Aspects of Computer Science
Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices
TCC'06 Proceedings of the Third conference on Theory of Cryptography
The hardness of the closest vector problem with preprocessing
IEEE Transactions on Information Theory
Improved inapproximability of lattice and coding problems with preprocessing
IEEE Transactions on Information Theory
Maximum-likelihood decoding of Reed-Solomon codes is NP-hard
IEEE Transactions on Information Theory
Efficient reductions among lattice problems
Proceedings of the nineteenth annual ACM-SIAM symposium on Discrete algorithms
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Limits on the Hardness of Lattice Problems in lp Norms
Computational Complexity
SWIFFT: A Modest Proposal for FFT Hashing
Fast Software Encryption
A New Analysis of the McEliece Cryptosystem Based on QC-LDPC Codes
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Public Key Encryption Based on Ideal Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Faster exponential time algorithms for the shortest vector problem
SODA '10 Proceedings of the twenty-first annual ACM-SIAM symposium on Discrete Algorithms
An efficient and parallel Gaussian sampler for lattices
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
A lattice-based threshold ring signature scheme
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Improved zero-knowledge identification with lattices
ProvSec'10 Proceedings of the 4th international conference on Provable security
Interpreting hash function security proofs
ProvSec'10 Proceedings of the 4th international conference on Provable security
Better key sizes (and attacks) for LWE-based encryption
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Making NTRU as secure as worst-case problems over ideal lattices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Improving BDD cryptosystems in general lattices
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
The geometry of lattice cryptography
Foundations of security analysis and design VI
Faster and smoother: VSH revisited
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
On ideal lattices and learning with errors over rings
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Bonsai trees, or how to delegate a lattice basis
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Tightly-Secure signatures from lossy identification schemes
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Trapdoors for lattices: simpler, tighter, faster, smaller
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
NTRUCCA: how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
Practical lattice-based cryptography: a signature scheme for embedded systems
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
A polynomial time algorithm for computing the HNF of a module over the integers of a number field
Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation
On Ideal Lattices and Learning with Errors over Rings
Journal of the ACM (JACM)
Lattice-based message recovery signature schemes
International Journal of Electronic Security and Digital Forensics
Hi-index | 0.00 |
We investigate the average-case complexity of a generalization of the compact knapsack problem to arbitrary rings: given m (random) ring elements a 1,..., a m 驴 R and a (random) target value b 驴 R, find coefficients x 1, ..., x m 驴 S (where S is an appropriately chosen subset of R) such that 驴 a i · x i = b. We consider compact versions of the generalized knapsack where the set S is large and the number of weights m is small. Most variants of this problem considered in the past (e.g., when $$R={\mathbb{Z}}$$ is the ring of the integers) can be easily solved in polynomial time even in the worst case. We propose a new choice of the ring R and subset S that yields generalized compact knapsacks that are seemingly very hard to solve on the average, even for very small values of m. Namely, we prove that for any unbounded function m = 驴(1) with arbitrarily slow growth rate, solving our generalized compact knapsack problems on the average is at least as hard as the worst-case instance of various approximation problems over cyclic lattices. Specific worst-case lattice problems considered in this paper are the shortest independent vector problem SIVP and the guaranteed distance decoding problem GDD (a variant of the closest vector problem, CVP) for approximation factors n 1+驴 almost linear in the dimension of the lattice. Our results yield very efficient and provably secure one-way functions (based on worst-case complexity assumptions) with key size and time complexity almost linear in the security parameter n. Previous constructions with similar security guarantees required quadratic key size and computation time. Our results can also be formulated as a connection between the worst-case and average-case complexity of various lattice problems over cyclic and quasi-cyclic lattices.