Y. Desmedt, What happened with knapsack cryptographic schemes, Performance limits in communication - theory and practice, NATO ASI series E: Applied sciences, vol. 142, Kluwer Academic Publishers, pp. 113-134, 1988.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....exists, then a 1 cannot be in the subset which sums to s, and we know that e 1 = 0. We can then recurse and determine e 2 ; e 3 ; e n in sequence. Many public key cryptosystems have been proposed with the difficulty of solving subset sum problems as the basis for their security. See [7, 8, 13, 31] for surveys of this field. Almost all of these cryptosystems have been shown to be insecure; the Chor Rivest one [11] is perhaps the most widely known system which has not yet been broken. The majority of the attacks on knapsack based cryptosystems have involved discovering the secret ....

Y. Desmedt, What happened with knapsack cryptographic schemes?, Performance Limits in Communication, Theory and Practice, J. K. Skwirzynski, ed., Kluwer (1988), 113-134.

....a i = s: 1) This problem is known to be NP complete [9] in its feasibility recognition form) and so is thought to be very hard in general. This has led to the invention of several public key cryptosystems based on the knapsack problem. Almost all of these have been broken by now, however. See [2, 3, 5, 15] for surveys of this field. Most of the attacks exploited specific constructions of the relevant cryptosystems. In addition, two algorithms have been proposed, one by Brickell [1] and the other by Lagarias and Odlyzko [11] which show that almost all low density subset sum problems can be solved ....

Y. Desmedt, What happened with knapsack cryptographic schemes?, Performance Limits in Communication, Theory and Practice, J. K. Skwirzynski, ed., Kluwer (1988), 113-134.

....the two numbers M and W . With the private key it is easy to recover the plaintext. Let S = yW Gamma1 (mod M) then solving the knapsack problem with weights s and sum S recovers the plaintext x. There are many alternative knapsack type public key cryptosystems, a review of which is given in [19]. The basic Merkle Hellman cryptosystem was cracked by Shamir [71] and all proposed variants except [12] which is based on arithmetic in a finite field, have been cracked using techniques described in [9] 73 3.6.2 RSA Named after its inventors, Rivest, Shamir and Adleman [64] it is the most ....

Y. Desmedt. What happened with knapsack cryptographic schemes. Performance Limits in Communication, Theory and Practice, 142, 1988.

....practical usefulness of the new cryptosystem. A general knapsack taxonomy also seems in order. The idea of multiplicative knapsack is roughly 20 years old and was first proposed in the open literature by Merkle and Hellman [11] in their original paper. As, observed by Desmedt in his 1986 survey [7], encryption in the multiplicative Merkle Hellman knapsack is actually additive. It is in fact the decryption which is multiplicative. The scheme presented here is in this respect thoroughly multiplicative. It should also be noted that Merkle Hellman s knapsack was (partially) cryptanalyzed in by ....

Y. Desmedt, What happened with knapsack cryptographic schemes, Performance limits in communication - theory and practice, NATO ASI series E : Applied sciences, vol. 142, Kluwer Academic Publishers, pp. 113-134, 1988.

....problem is known to be NP complete [10] in its feasibility recognition form) and so is thought to be very hard in general. This has led to the invention of several public key cryptosystems based on the knapsack problem. 2 Coster et al. Almost all of these have been broken by now, however. See [2, 3, 6, 17] for surveys of this field. Most of the attacks exploited specific constructions of the relevant cryptosystems. In addition, two algorithms have been proposed, one by Brickell [1] and the other by Lagarias and Odlyzko [13] which show that almost all low density subset sum problems can be solved ....

Y. Desmedt, What happened with knapsack cryptographic schemes?, in Performance Limits in Communication, Theory and Practice, J. K. Skwirzynski, ed., Kluwer, Boston, 1988, 113-134.

....i = s: 1.1) This problem is known to be NP complete [10] in its feasibility recognition form) and so is thought to be very hard in general. This has led to the invention of several public key cryptosystems based on the knapsack problem. Almost all of these have been broken by now, however. See [2, 3, 6, 17] for surveys of this field. Most of the attacks exploited specific constructions of the relevant cryptosystems. In addition, two algorithms have been proposed, one by Brickell [1] and the other by Lagarias and Odlyzko [13] which show that 2 Coster et al. almost all low density subset sum ....

Y. Desmedt, What happened with knapsack cryptographic schemes?, in Performance Limits in Communication, Theory and Practice, J. K. Skwirzynski, ed., Kluwer, Boston, 1988, 113-134.

....with the use of tools from the area of diophantine approximation. The paper [6] contains a survey of many of the systems that have been broken as well as descriptions of some of the attacks. For full details, the reader is advised to consult [6] and many of the references contained there, such as [3,4,5,8,11,16,17,18,22,26]. The remainder of this paper is devoted to a description of one each of the two kinds of basic attacks that have been used. Section 2 describes the attack on the singly iterated Merkle Hellman cryptosystem. This attack allows the cryptanalyst to read encrypted messages just about as fast as ....

Y. Desmedt, "What Happened with Knapsack Cryptographic Schemes?," Performance Limits in Communication, Theory and Practice, J. K. Skwirzynski, ed., Kluwer, 1988, pp. 113-134.

No context found.

Y. Desmedt, What happened with knapsack cryptographic schemes, Performance limits in communication - theory and practice, NATO ASI series E: Applied sciences, vol. 142, Kluwer Academic Publishers, pp. 113-134, 1988.

No context found.

Y. Desmedt, What happened with knapsack cryptographic schemes, Performance limits in communication - theory and practice, NATO ASI series E: Applied sciences, vol. 142, Kluwer Academic Publishers, pp. 113-134, 1988.

No context found.

Y. Desmedt, What happened with knapsack cryptographic schemes, Performance limits in communication - theory and practice, NATO ASI series E: Applied sciences, vol. 142, Kluwer Academic Publishers, pp. 113-134, 1988.

No context found.

Y. Desmedt, What happened with knapsack cryptographic schemes, Performance limits in communication - theory and practice, NATO ASI series E: Applied sciences, vol. 142, Kluwer Academic Publishers, pp. 113-134, 1988.

No context found.

Y. Desmedt, What happened with knapsack cryptographic schemes, Performance limits in communication - theory and practice, NATO ASI series E: Applied sciences, vol. 142, Kluwer Academic Publishers, pp. 113-134, 1988.

No context found.

Y. Desmedt, What happened with knapsack cryptographic schemes, in Performance Limits in Communication, Theory and Practice (J. K. Skwirzynski, ed.),Kluwer, 1988, 113--134. Discusses the demise of most proposed knapsack schemes. See also Brickell and Odlyzko [38]. An apparent exception is the scheme by Chor and Rivest [44].

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC