Results 1 
3 of
3
How to Exploit the Intractability of Exact TSP for Cryptography
, 1994
"... We outline constructions for both pseudorandom generators and oneway hash functions. These constructions are based on the exact TSP (XTSP), a special variant of the well known traveling salesperson problem. We prove that these constructions are secure if the XTSP is infeasible. Our constructions a ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
We outline constructions for both pseudorandom generators and oneway hash functions. These constructions are based on the exact TSP (XTSP), a special variant of the well known traveling salesperson problem. We prove that these constructions are secure if the XTSP is infeasible. Our constructions are easy to implement, appear to be fast, but require a large amount of memory.
Cryptanalysis of pkp: a new approach
 In Public Key Cryptography 2001
, 1992
"... Abstract. Quite recently, in [4], a new timememory tradeoff algorithm was presented. The original goal of this algorithm was to count the number of points on an elliptic curve, however, the authors claimed that their approach could be applied to other problems. In this paper, we describe such an ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Quite recently, in [4], a new timememory tradeoff algorithm was presented. The original goal of this algorithm was to count the number of points on an elliptic curve, however, the authors claimed that their approach could be applied to other problems. In this paper, we describe such an application and show a new way to attack the Permuted Kernel Problem. This new method is faster than any previously known technique but still requires exponential time. In practice, we find that attacking PKP for the original size proposed by Shamir in [6] could be done on a single PC in 125 years. 1
A New N PComplete Problem and PublicKey Identification
"... Abstract. The appearance of the theory of zeroknowledge, presented by Goldwasser, Micali and Rackoff in 1985, opened a way to secure identification schemes. The first application was the famous FiatShamir scheme based on the problem of modular square roots extraction. In the following years, many ..."
Abstract
 Add to MetaCart
Abstract. The appearance of the theory of zeroknowledge, presented by Goldwasser, Micali and Rackoff in 1985, opened a way to secure identification schemes. The first application was the famous FiatShamir scheme based on the problem of modular square roots extraction. In the following years, many other schemes have been proposed, some FiatShamir extensions but also new discrete logarithm based schemes. Therefore, all of them were based on problems from number theory. Their main common drawback is high computational load because of arithmetical operations modulo large integers. Implementation on lowcost smart cards was made difficult and inefficient. With the Permuted Kernels Problem (PKP), Shamir proposed the first efficient scheme allowing for an implementation on such lowcost smart cards, but very few others have afterwards been suggested. In this paper, we present an efficient identification scheme based on a combinatorial N Pcomplete problem: the Permuted Perceptrons Problem (PPP). This problem seems hard enough to be unsolvable even with very small parameters, and some recent cryptanalysis studies confirm that position. Furthermore, it admits efficient zeroknowledge proofs of knowledge and so it is wellsuited for cryptographic purposes. An actual implementation completes the optimistic opinion about efficiency and practicability on lowcost smart cards, and namely with less than 2KB of EEPROM and just 100 Bytes of RAM and 6.4 KB of communication.