patternCritical
Why hasn't there been an encryption algorithm that is based on the known NP-Hard problems?
Viewed 0 times
encryptionwhythehardhasnproblemsbeenalgorithmthatknown
Problem
Most of today's encryption, such as the RSA, relies on the integer factorization, which is not believed to be a NP-hard problem, but it belongs to BQP, which makes it vulnerable to quantum computers. I wonder, why has there not been an encryption algorithm which is based on an known NP-hard problem. It sounds (at least in theory) like it would make a better encryption algorithm than a one which is not proven to be NP-hard.
Solution
Worst-case Hardness of NP-complete problems is not sufficient for cryptography. Even if NP-complete problems are hard in the worst-case ($P \ne NP$), they still could be efficiently solvable in the average-case. Cryptography assumes the existence of average-case intractable problems in NP. Also, proving the existence of hard-on-average problems in NP using the $P \ne NP$ assumption is a major open problem.
An excellent read is the classic by Russell Impagliazzo, A Personal View of Average-Case Complexity, 1995.
An excellent survey is Average-Case Complexity by Bogdanov and Trevisan, Foundations and Trends in Theoretical Computer Science Vol. 2, No 1 (2006) 1–106
An excellent read is the classic by Russell Impagliazzo, A Personal View of Average-Case Complexity, 1995.
An excellent survey is Average-Case Complexity by Bogdanov and Trevisan, Foundations and Trends in Theoretical Computer Science Vol. 2, No 1 (2006) 1–106
Context
StackExchange Computer Science Q#356, answer score: 85
Revisions (0)
No revisions yet.