Some remarks on the security of the identification scheme based on permuted kernels
Journal of Cryptology
An Efficient Identification Scheme Based on Permuted Kernels (Extended Abstract)
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
On the Security of the Permuted Kernel Identification Scheme
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
A New \mathcal{NP}-Complete Problem and Public-Key Identification
Designs, Codes and Cryptography
| Hi-index | 0.00 |
In 1989, Adi Shamir published a new asymmetric identification scheme, based on the intractability of the Permuted Kernel Problem (PKP) [3]. In 1992, an algorithm to solve the PKP problem was suggested by J. Georgiades [2], and also in 1992 T. Baritaud, M. Campana, P. Chauvaud and H. Gilbert [1] have independently found another algorithm for this problem. These algorithms still need huge amount of time and/or memory in order to solve the PKP problem with the values suggested by A. Shamir.In this paper, we will see that it is possible to solve the PKP problem using less time that which was needed in [1] and [2], and much less memory than that needed in [1].First we will investigate how the ideas of [1] and [2] can be combined. This will enable us to obtain a little reduction in the time needed. Then, some new ideas will enable us to obtain a considerable reduction in the memory required, and another small reduction in time.Since our new algorithms are quicker and more practical than previous algorithms they confirm the idea stated in [1] that for strong security requirements, the smallest values (n = 32, m = 16, p = 251) mentioned in [3] are not recommended.