DocumentCode :
939100
Title :
A critical analysis of the security of knapsack public-key algorithms
Author :
Desmedt, Yvo G. ; Vandewalle, Joos P. ; Govaerts, Rene J M
Volume :
30
Issue :
4
fYear :
1984
fDate :
7/1/1984 12:00:00 AM
Firstpage :
601
Lastpage :
611
Abstract :
The authors claim that the security of the Merkle-Hellman algorithm is greatly exaggerated. First, any enciphering key that is obtained from a superincreasing sequence has infinitely many superincreasing deciphering keys that can decipher all messages. This follows from the fact that the conditions on the transformation ^{\\ast } w \\bmod m require w/m to lie in a restricted set of intervals. Second, it is claimed that iterative transformations ^{\\ast } w \\bmod m may not increase the security. In the example that Merkle and Hellman used for "proving" the benefits of the iterative transformation, the security is completely ruined. Third, techniques are presented to crack one bit of the plaintext. These techniques apply to sets of enciphering keys introduced in this text, which contain all the Merkle-Hellman enciphering keys. Such bit-by-bit techniques also allow the construction of new enciphering keys. Fourth, some knapsacks that allow a one-to-one deciphering cannot be obtained from easy deciphering keys, e.g., superincreasing keys, even with infinitely many transformations ^{\\ast } w \\bmod m! If the worst cases of nondeterministic polynomial complete knapsack problems are always of this kind, the foundation of the security of the Merkle-Hellman algorithm is nonexistent. The cryptanalysis can be reduced to a problem of simultaneous diophantine approximations. A link is made with other recent results.
Keywords :
Cryptography; Algebra; Algorithm design and analysis; Computational complexity; Computer science; Digital signatures; Lattices; Mathematical programming; Public key; Public key cryptography; Security;
fLanguage :
English
Journal_Title :
Information Theory, IEEE Transactions on
Publisher :
ieee
ISSN :
0018-9448
Type :
jour
DOI :
10.1109/TIT.1984.1056932
Filename :
1056932
Link To Document :
بازگشت