2016
DOI: 10.1007/978-3-662-49384-7_2
|View full text |Cite
|
Sign up to set email alerts
|

Chosen-Ciphertext Security from Subset Sum

Abstract: Abstract. We construct a public-key encryption (PKE) scheme whose security is polynomial-time equivalent to the hardness of the Subset Sum problem. Our scheme achieves the standard notion of indistinguishability against chosen-ciphertext attacks (IND-CCA) and can be used to encrypt messages of arbitrary polynomial length, improving upon a previous construction by Lyubashevsky, Palacio, and Segev (TCC 2010) which achieved only the weaker notion of semantic security (IND-CPA) and whose concrete security decrease… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
6
0

Year Published

2016
2016
2023
2023

Publication Types

Select...
4
4
1

Relationship

1
8

Authors

Journals

citations
Cited by 12 publications
(6 citation statements)
references
References 40 publications
0
6
0
Order By: Relevance
“…The first PKE scheme with CPA security directly based on Subset Sum has been constructed by Lyubashevsky, Palacio, and Segev [LPS10]; their work has recently been extended to the setting of CCA security by Faust, Masny, and Venturi [FMV16]. Subset Sum also found application in the context of outsourced pattern matching [FHV13].…”
Section: Related Workmentioning
confidence: 99%
“…The first PKE scheme with CPA security directly based on Subset Sum has been constructed by Lyubashevsky, Palacio, and Segev [LPS10]; their work has recently been extended to the setting of CCA security by Faust, Masny, and Venturi [FMV16]. Subset Sum also found application in the context of outsourced pattern matching [FHV13].…”
Section: Related Workmentioning
confidence: 99%
“…. , a n , t) ∈ Z n+1 ≥0 , the problem is to decide whether there exists S ⊆ [n] such that ∑ i∈S a i = t. In the recent years, provable-secure cryptosystems based on SSUM such as privatekey encryption schemes [LPS10], tag-based encryption schemes [FMV16], etc have been proposed. There are numerous improvements made in the algorithms that solve the SSUM problem in both the classical [BW21, Bri17, JW18, JVW21, EM20] and quantum world [BJLM13,HM18,LL19].…”
Section: Introductionmentioning
confidence: 99%
“…Subset sum is one of the most fundamental hard problems in theoretical computer science, with a remarkable history of applications in cryptography [10,12,16,20,23]. Subset sum instances consist of a 1 , .…”
Section: Introductionmentioning
confidence: 99%