An Improved Multi-set Algorithm for the Dense Subset Sum Problem

Given sets L1, . . . , Lk of elements from Z/mZ, the k-setbirthday problem is to find an element from each list such that theirsum is 0 modulo m. We give a new analysis of the algorithm in [16],proving that it returns a solution with high probability. By the workof Lyubashevsky [10], we get as an immediate corollary an improvedalgorithm for the random modular subset sum problem. Assuming themodulus m = 2nƐ for Ɛ < 1, this problem is now solvable using time andspace O(2nƐ/(1-Ɛ)log n).

[1]  Everett W. Howe Higher-order Carmichael numbers , 1998, Math. Comput..

[2]  Moni Naor,et al.  Efficient cryptographic schemes provably as secure as subset sum , 1989, 30th Annual Symposium on Foundations of Computer Science.

[3]  Adi Shamir,et al.  A T=O(2n/2), S=O(2n/4) Algorithm for Certain NP-Complete Problems , 1981, SIAM J. Comput..

[4]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5]  Joachim von zur Gathen,et al.  Modern Computer Algebra , 1998 .

[6]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[7]  Jeffrey C. Lagarias,et al.  Solving low density subset sum problems , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[8]  C. McDiarmid Concentration , 1862, The Dental register.

[9]  Andrew Shallue,et al.  Two Number-Theoretic Problems That Illustrate the Power and Limitations of Randomness , 2007 .

[10]  Abraham D. Flaxman,et al.  Solving Medium-Density Subset Sum Problems in Expected Polynomial Time , 2005, STACS.

[11]  Vadim Lyubashevsky On Random High Density Subset Sums , 2005, Electron. Colloquium Comput. Complex..

[12]  Antoine Joux,et al.  Improved low-density subset sum algorithms , 1992, computational complexity.

[13]  Vadim Lyubashevsky,et al.  The Parity Problem in the Presence of Noise, Decoding Random Linear Codes, and the Subset Sum Problem , 2005, APPROX-RANDOM.

[14]  David A. Wagner,et al.  A Generalized Birthday Problem , 2002, CRYPTO.

[15]  Raymond E. Miller,et al.  Complexity of Computer Computations , 1972 .

[16]  David P. Wagner,et al.  A Generalized Birthday Problem (Extended Abstract) , 2002, CRYPTO 2002.

[17]  M. Habib Probabilistic methods for algorithmic discrete mathematics , 1998 .

[18]  Sumitra Purkayastha,et al.  Simple proofs of two results on convolutions of unimodal distributions , 1998 .