Advertisement

The Mersenne Low Hamming Combination Search Problem Can Be Reduced to an ILP Problem

  • Alessandro BudroniEmail author
  • Andrea Tenti
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11627)

Abstract

In 2017, Aggarwal, Joux, Prakash, and Santha proposed an innovative NTRU-like public-key cryptosystem that was believed to be quantum resistant, based on Mersenne prime numbers \(q = 2^N-1\). After a successful attack designed by Beunardeau, Connolly, Géraud, and Naccache, the authors revised the protocol which was accepted for Round 1 of the Post-Quantum Cryptography Standardization Process organized by NIST. The security of this protocol is based on the assumption that a so-called Mersenne Low Hamming Combination Search Problem (MLHCombSP) is hard to solve. In this work, we present a reduction of MLHCombSP to an instance of Integer Linear Programming (ILP). This opens new research directions that are necessary to be investigated in order to assess the concrete robustness of such cryptosystem. We propose different approaches to perform such reduction. Moreover, we uncover a new family of weak keys, for whose our reduction leads to an attack consisting in solving \(<N^3\) ILP problems of dimension 3.

Keywords

Post-Quantum Cryptography Public-key cryptography Integer Linear Programming Mersenne-based cryptosystem 

Notes

Aknowledgments

The authors thank Igor Semeav and Qian Guo for useful suggestions in the early stages of this work, and greatly thank Phillippe Samer for insightful discussions on ILP. The authors are also grateful to anonymous reviewers for constructive comments.

References

  1. 1.
    Aggarwal, D., Joux, A., Prakash, A., Santha, M.: A new public-key cryptosystem via mersenne numbers. Cryptology ePrint Archive, Report 2017/481, version:20170530.072202 (2017)Google Scholar
  2. 2.
    Aggarwal, D., Joux, A., Prakash, A., Santha, M.: A new public-key cryptosystem via mersenne numbers. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 459–482. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-96878-0_16CrossRefGoogle Scholar
  3. 3.
    Appelgren, L.: A column generation algorithm for a ship scheduling problem. Transp. Sci. 3, 53–68 (1969).  https://doi.org/10.1287/trsc.3.1.53CrossRefGoogle Scholar
  4. 4.
    Berry, K.J., Mielke Jr., P.W.: The negative hypergeometric probability distribution: sampling without replacement from a finite population. Percept. Motor Skills 86(1), 207–210 (1998).  https://doi.org/10.2466/pms.1998.86.1.207CrossRefGoogle Scholar
  5. 5.
    Bertsimas, D., Weismantel, R.: Optimization Over Integers. Dynamic Ideas, Belmont (2005)Google Scholar
  6. 6.
    Beunardeau, M., Connolly, A., Graud, R., Naccache, D.: On the hardness of the mersenne low hamming ratio assumption. Cryptology ePrint Archive, Report 2017/522 (2017)Google Scholar
  7. 7.
    de Boer, K., Ducas, L., Jeffery, S., de Wolf, R.: Attacks on the AJPS mersenne-based cryptosystem. In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 101–120. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-79063-3_5CrossRefGoogle Scholar
  8. 8.
    Casella, G., Berger, R.L.: Statistical inference, vol. 2. Duxbury Pacific Grove, CA (2002)zbMATHGoogle Scholar
  9. 9.
    CPLEX Optimizer, I.: IBM ILOG CPLEX optimization studio (2018)Google Scholar
  10. 10.
    Fisher, M.L.: The lagrangian relaxation method for solving integer programming problems. Manag. Sci. 27(1), 1–18 (1981).  https://doi.org/10.1287/mnsc.27.1.1MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Gurobi Optimization, L.: Gurobi optimizer reference manual (2018)Google Scholar
  12. 12.
    Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0054868CrossRefGoogle Scholar
  13. 13.
    Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen 261(4), 515–534 (1982).  https://doi.org/10.1007/BF01457454MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Lenstra Jr., H.W.: Integer programming with a fixed number of variables. Math. Oper. Res. 8(4), 538–548 (1983).  https://doi.org/10.1287/moor.8.4.538MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Marchand, H., Martin, A., Weismantel, R., Wolsey, L.: Cutting planes in integer and mixed integer programming. Discrete Appl. Math. 123(1–3), 397–446 (2002).  https://doi.org/10.1016/S0166-218X(01)00348-1MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Morrison, D.R., Jacobson, S.H., Sauppe, J.J., Sewell, E.C.: Branch and bound algorithms. Discret. Optim. 19(C), 79–102 (2016).  https://doi.org/10.1016/j.disopt.2016.01.005CrossRefzbMATHGoogle Scholar
  17. 17.
    Papadimitriou, C.H.: On the complexity of integer programming. J. ACM 28(4), 765–768 (1981).  https://doi.org/10.1145/322276.322287MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Schrijver, A.: Theory of Linear and Integer Programming. Wiley, New York (1986).  https://doi.org/10.1002/net.3230200608CrossRefzbMATHGoogle Scholar
  19. 19.
    Wang, P.S.: A p-adic algorithm for univariate partial fractions. In: Proceedings of the Fourth ACM Symposium on Symbolic and Algebraic Computation, SYMSAC 1981, pp. 212–217. ACM, New York (1981).  https://doi.org/10.1145/800206.806398
  20. 20.
    Wolsey, L.: Integer Programming. Wiley Series in Discrete Mathematics and Optimization. Wiley, New York (1998)zbMATHGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Department of InformaticsUniversity of BergenBergenNorway

Personalised recommendations