A good cryptosystem needs more than just a hard problem behind it.
Its rare to reduce the cryptosystem directly to the
underlying problem, for example
Hypothetically: RSA might be easier than factoring.
Some desired attributes:
Speed of encryption and decryption.
Use of a large state space without having to store
Short keys (passwords).
Stability against foreseen attacks.
Leave no trace.