Big Data applications are characterized by processing an amount of data too huge to be stored. Cryptographic protocols are by construction supposed to define huge data spaces that cannot be handled by any attacker. Nevertheless, the task of protocol cryptanalysis is to properly select cryptographic parameter lengths that guarantee both efficiency and security. This requires to break cryptographic protocols and their underlying hardness assumptions for mid-sized parameters. But even for mid-sized parameters cryptographic search spaces are way too huge to be stored. This asks for technical solutions that traverse the search space without storing elements. As an appealingly simple example, we address the subset sum problem which lies at the heart of many modern cryptographic protocols designed to offer security even against quantum computers. In the subset sum problem, one obtains integers and an integer target t, and has to find a subset of the ’s that exactly sums to t. A trivial memory-less algorithm tests for all subsets, whether their sum equals t. It may come as a surprise that there exist memory-less algorithms significantly faster than . We give a survey on recent memory-less techniques, that apply but are not limited to the subset sum problem. We start by describing a general collision finding technique that was introduced in 1994 in the seminal work of van Oorschot and Wiener. Applied to subset sum the van Oorschot-Wiener technique leads to a -algorithm. This was improved in 2011 by Becker, Coron and Joux to using the representation technique. Recently, Esser and May presented a memory-less algorithm achieving using two-layered collision finding. These running times have to be compared to the optimal lower bound for collision finding algorithms.
Funding statement: This work was funded by DFG under Germany’s Excellence Strategy - EXC 2092 CASA - 390781972.
The author wants to thank the anonymous reviewers for their constructive comments.
1. M. Alekhnovich. More on average case vs approximation complexity. In: 44th Annual IEEE Symposium on Foundations of Computer Science, IEEE Proceedings, pp. 298–307, 2003.Search in Google Scholar
2. N. Bansal, S. Garg, J. Nederlof, N. Vyas. Faster space-efficient algorithms for subset sum, k-sum, and related problems. SIAM Journal on Computing 47(5):1755–1777, 2018.10.1137/17M1158203Search in Google Scholar
3. A. Becker, J. S. Coron, A. Joux. Improved generic algorithms for hard knapsacks. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (Eurocrypt), pp. 364–385. Springer, Berlin, Heidelberg, 2011.10.1007/978-3-642-20465-4_21Search in Google Scholar
4. A. Esser and A. May. Low Weight Discrete Logarithms and Subset Sum in 20.65nwith Polynomial Memory, Cryptology ePrint Archive, Report 2019/931, to appear at: Annual International Conference on the Theory and Applications of Cryptographic Techniques (Eurocrypt), 2020.Search in Google Scholar
6. N. Howgrave-Graham, A. Joux. New generic algorithms for hard knapsacks. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (Eurocrypt), pp. 235–256. Springer, Berlin, Heidelberg, 2010.10.1007/978-3-642-13190-5_12Search in Google Scholar
8. T. Kleinjung, K. Aoki, J. Franke, A. K. Lenstra, E. Thomé, J. W. Bos, P. Gaudry, A. Kruppa, P. L. Montgomery, D. A. Osvik, H. Te Riele. Factorization of a 768-bit RSA modulus. In: Annual Cryptology Conference, pp. 333–350. Springer, Berlin, Heidelberg, 2010.10.1007/978-3-642-14623-7_18Search in Google Scholar
9. A. K. Lenstra and E. R. Verheul. Selecting cryptographic key sizes. In: International Workshop on Public Key Cryptography. Springer, Berlin, Heidelberg, 2000.10.1007/978-3-540-46588-1_30Search in Google Scholar
12. J. A. Silva, E. R. Faria, R. C. Barros, E. R. Hruschka, A. C. De Carvalho, J. Gama. Data stream clustering: A survey. ACM Computing Surveys 46(1):13, 2013.10.1145/2522968.2522981Search in Google Scholar
15. D. E. Knuth. The art of computer programming 2: Seminumerical algorithms. Addison Wesley Publishing Company, 1969.Search in Google Scholar
© 2020 Walter de Gruyter GmbH, Berlin/Boston