2010
DOI: 10.1007/978-3-642-11799-2_23
|View full text |Cite
|
Sign up to set email alerts
|

Public-Key Cryptographic Primitives Provably as Secure as Subset Sum

Abstract: Abstract. We propose a semantically-secure public-key encryption scheme whose security is polynomial-time equivalent to the hardness of solving random instances of the subset sum problem. The subset sum assumption required for the security of our scheme is weaker than that of existing subset-sum based encryption schemes, namely the lattice-based schemes of Ajtai and Dwork (STOC'97), Regev (STOC'03, STOC'05), and Peikert (STOC'09). Additionally, our proof of security is simple and direct. We also present a natu… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

2
44
0

Year Published

2013
2013
2020
2020

Publication Types

Select...
7
1

Relationship

0
8

Authors

Journals

citations
Cited by 65 publications
(46 citation statements)
references
References 38 publications
2
44
0
Order By: Relevance
“…One expects that with high probability at least one of these ways will satisfy Σ(I 11 ) ≡ s 11 (mod M 1 ), implying Σ(I 12 ) ≡ s 12 (mod M 1 ) (since M 1 divides M and s 11 + s 12 = s 1 ). Analogous comments apply to I 2 , I 21 , I 22 .…”
Section: T T T T T T T T T T T T Tmentioning
confidence: 93%
See 2 more Smart Citations
“…One expects that with high probability at least one of these ways will satisfy Σ(I 11 ) ≡ s 11 (mod M 1 ), implying Σ(I 12 ) ≡ s 12 (mod M 1 ) (since M 1 divides M and s 11 + s 12 = s 1 ). Analogous comments apply to I 2 , I 21 , I 22 .…”
Section: T T T T T T T T T T T T Tmentioning
confidence: 93%
“…For example, Lyubashevsky, Palacio, and Segev in [22] propose a public-key encryption system and prove that being able to break it implies being able to solve modular subset-sum problems of the following type: find a random subset I ⊆ {1, 2, . .…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…This limitation was overcome by the work of Lyubashevsky, Palacio, and Segev [22] that proposed a new PKE scheme achieving IND-CPA security with a simple and direct reduction to solving random instances of the Subset Sum problem.…”
Section: Introductionmentioning
confidence: 99%
“…Usually the leakage bound is also related to the secret key size, so that a relatively large fraction of the secret key can be leaked. Leakage-resilient schemes in this model include storage schemes [25,30], public-key and identity-based encryption [59,2,56,1,13,27,12,18,47], signature schemes [50,2,13,27,11,57,37,60,61,21], and more (see, e.g., [40,10,63,62]). …”
Section: Introductionmentioning
confidence: 99%