A general construction for monoid-based knapsack protocols

We present a generalized version of the knapsack protocol proposed by D. Naccache and J. Stern at the Proceedings of Eurocrypt (1997). Our new framework will allow the construction of other knapsack protocols having similar security features. We will outline a very concrete example of a new protocol using extension fields of a finite field of small characteristic instead of the prime field Z/pZ, but more efficient in terms of computational costs for asymptotically equal information rate and similar key size. DOI: https://doi.org/10.3934/amc.2014.8.343 Posted at the Zurich Open Repository and Archive, University of Zurich ZORA URL: https://doi.org/10.5167/uzh-98258 Published Version Originally published at: Micheli, Giacomo; Schiavina, Michele (2014). A general construction for monoid-based knapsack protocols. Advances in Mathematics of Communications, 8(3):343-358. DOI: https://doi.org/10.3934/amc.2014.8.343 Advances in Mathematics of Communications doi:10.3934/amc.2014.8.343 Volume 8, No. 3, 2014, 343–358 A GENERAL CONSTRUCTION FOR MONOID-BASED KNAPSACK PROTOCOLS Giacomo Micheli and Michele Schiavina Institut für Mathematik Winterthurerstrasse 190 Zürich, CH8057, Switzerland (Communicated by Joan-Josep Climent) Abstract. We present a generalized version of the knapsack protocol proposed by D. Naccache and J. Stern at the Proceedings of Eurocrypt (1997). Our new framework will allow the construction of other knapsack protocols having similar security features. We will outline a very concrete example of a new protocol using extension fields of a finite field of small characteristic instead of the prime field Z/pZ, but more efficient in terms of computational costs for asymptotically equal information rate and similar key size. We present a generalized version of the knapsack protocol proposed by D. Naccache and J. Stern at the Proceedings of Eurocrypt (1997). Our new framework will allow the construction of other knapsack protocols having similar security features. We will outline a very concrete example of a new protocol using extension fields of a finite field of small characteristic instead of the prime field Z/pZ, but more efficient in terms of computational costs for asymptotically equal information rate and similar key size.