HiveBrain v1.2.0
Get Started
← Back to all entries
patternCritical

Why hasn't there been an encryption algorithm that is based on the known NP-Hard problems?

Submitted by: @import:stackexchange-cs··
0
Viewed 0 times
encryptionwhythehardhasnproblemsbeenalgorithmthatknown

Problem

Most of today's encryption, such as the RSA, relies on the integer factorization, which is not believed to be a NP-hard problem, but it belongs to BQP, which makes it vulnerable to quantum computers. I wonder, why has there not been an encryption algorithm which is based on an known NP-hard problem. It sounds (at least in theory) like it would make a better encryption algorithm than a one which is not proven to be NP-hard.

Solution

Worst-case Hardness of NP-complete problems is not sufficient for cryptography. Even if NP-complete problems are hard in the worst-case ($P \ne NP$), they still could be efficiently solvable in the average-case. Cryptography assumes the existence of average-case intractable problems in NP. Also, proving the existence of hard-on-average problems in NP using the $P \ne NP$ assumption is a major open problem.

An excellent read is the classic by Russell Impagliazzo, A Personal View of Average-Case Complexity, 1995.

An excellent survey is Average-Case Complexity by Bogdanov and Trevisan, Foundations and Trends in Theoretical Computer Science Vol. 2, No 1 (2006) 1–106

Context

StackExchange Computer Science Q#356, answer score: 85

Revisions (0)

No revisions yet.