An Improved Low-Denisty Subset Sum Algorithm

The general subset sum problem is NP-complete. However, there are two algorithms, one due to Brickell and the other to Lagarias and Odlyzko, which in polynomial time solve almost all subset sum problems of sufficiently low density. Both methods rely on basis reduction algorithms to find short non-zero vectors in special lattices. The Lagarias-Odlyzko algorithm would solve almost all subset sum problems of density < 0.6463... in polynomial time if it could invoke a polynomial-time algorithm for finding the shortest non-zero vector in a lattice. This note shows that a simple modification of that algorithm would solve almost all problems of density < 0.9408... if it could find shortest non-zero vectors in lattices. This modification also yields dramatic improvements in practice when it is combined with known lattice basis reduction algorithms.

[1]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[2]  Jeffrey C. Lagarias,et al.  Polynomial Time Algorithms for Finding Integer Relations Among Real Numbers , 1989, STACS.

[3]  Antoine Joux,et al.  Improving the Critical Density of the Lagarias-Odlyzko Attack Against Subset Sum Problems , 1991, FCT.

[4]  E. Brickell,et al.  Cryptanalysis: a survey of recent results , 1988, Proc. IEEE.

[5]  Alan M. Frieze,et al.  On the Lagarias-Odlyzko Algorithm for the Subset Sum Problem , 1986, SIAM J. Comput..

[6]  C. P. Schnorr,et al.  A Hierarchy of Polynomial Time Lattice Basis Reduction Algorithms , 1987, Theor. Comput. Sci..

[7]  Ernest F. Brickell,et al.  Solving Low Density Knapsacks , 1983, CRYPTO.

[8]  Brian A. LaMacchia Basis Reduction Algorithms and Subset Sum Problems , 1991 .

[9]  A. Odlyzko,et al.  Lattice points in high-dimensional spheres , 1990 .

[10]  Donald L. Kreher,et al.  Solving subset sum problems with the L^3 algorithm , 1988 .

[11]  David Chaum,et al.  Advances in Cryptology: Proceedings Of Crypto 83 , 2012 .

[12]  Ravi Kannan,et al.  Succinct Certificates for Almost All Subset Sum Problems , 1989, SIAM J. Comput..

[13]  Yvo Desmedt,et al.  What Happened with Knapsack Cryptographic Schemes , 1988 .

[14]  Ronald L. Rivest,et al.  A knapsack-type public key cryptosystem based on arithmetic in finite fields , 1988, IEEE Trans. Inf. Theory.

[15]  Claus-Peter Schnorr,et al.  Approximating Integer Lattices by Lattices with Cyclic Factor Groups , 1987, ICALP.

[16]  Claus-Peter Schnorr,et al.  A More Efficient Algorithm for Lattice Basis Reduction , 1988, J. Algorithms.

[17]  Jeffrey C. Lagarias,et al.  Solving low density subset sum problems , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[18]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .