Find in Library

Knapsack problem is a famous NP-complete problem, which is believed to be difficult to be solved even by a quantum computer. Hence, this type of cryptosystem is a good candidate for post-quantum cryptography. Recently, many new knapsack-based cryptosystems were proposed. The basic operations of all these cryptosystems are superincreasing sequences and modular multiplications, which is the same as the basic Merkle-Hellman cryptosystem. In this paper, we revisit and present an improved version of Shamir's attack on the basic Merkle-Hellman cryptosystem, this new idea would be helpful to estimate the security of the new knapsack-based cryptosystems. The main tool of our attack is the orthogonal lattice technique. More precisely, we first obtain a sublattice containing the private key vector by calculating the orthogonal lattice of the public key vector. Combining with the necessary conditions of the equivalent keys, we can easily recover several groups of equivalent keys. The time complexity of our new attack is lower than Shamir's. The feasibility of our attack is validated by the experimental data.