10,136 research outputs found
Length-Based Attacks for Certain Group Based Encryption Rewriting Systems
In this note, we describe a probabilistic attack on public key cryptosystems
based on the word/conjugacy problems for finitely presented groups of the type
proposed recently by Anshel, Anshel and Goldfeld. In such a scheme, one makes
use of the property that in the given group the word problem has a polynomial
time solution, while the conjugacy problem has no known polynomial solution. An
example is the braid group from topology in which the word problem is solvable
in polynomial time while the only known solutions to the conjugacy problem are
exponential. The attack in this paper is based on having a canonical
representative of each string relative to which a length function may be
computed. Hence the term length attack. Such canonical representatives are
known to exist for the braid group
Weakening Assumptions for Publicly-Verifiable Deletion
We develop a simple compiler that generically adds publicly-verifiable
deletion to a variety of cryptosystems. Our compiler only makes use of one-way
functions (or one-way state generators, if we allow the public verification key
to be quantum). Previously, similar compilers either relied on the use of
indistinguishability obfuscation (Bartusek et. al., ePrint:2023/265) or
almost-regular one-way functions (Bartusek, Khurana and Poremba,
arXiv:2303.08676).Comment: 13 pages. arXiv admin note: text overlap with arXiv:2303.0867
Group theory in cryptography
This paper is a guide for the pure mathematician who would like to know more
about cryptography based on group theory. The paper gives a brief overview of
the subject, and provides pointers to good textbooks, key research papers and
recent survey papers in the area.Comment: 25 pages References updated, and a few extra references added. Minor
typographical changes. To appear in Proceedings of Groups St Andrews 2009 in
Bath, U
Variations of the McEliece Cryptosystem
Two variations of the McEliece cryptosystem are presented. The first one is
based on a relaxation of the column permutation in the classical McEliece
scrambling process. This is done in such a way that the Hamming weight of the
error, added in the encryption process, can be controlled so that efficient
decryption remains possible. The second variation is based on the use of
spatially coupled moderate-density parity-check codes as secret codes. These
codes are known for their excellent error-correction performance and allow for
a relatively low key size in the cryptosystem. For both variants the security
with respect to known attacks is discussed
- …