1,357 research outputs found
Assessing security of some group based cryptosystems
One of the possible generalizations of the discrete logarithm problem to
arbitrary groups is the so-called conjugacy search problem (sometimes
erroneously called just the conjugacy problem): given two elements a, b of a
group G and the information that a^x=b for some x \in G, find at least one
particular element x like that. Here a^x stands for xax^{-1}. The computational
difficulty of this problem in some particular groups has been used in several
group based cryptosystems. Recently, a few preprints have been in circulation
that suggested various "neighbourhood search" type heuristic attacks on the
conjugacy search problem. The goal of the present survey is to stress a
(probably well known) fact that these heuristic attacks alone are not a threat
to the security of a cryptosystem, and, more importantly, to suggest a more
credible approach to assessing security of group based cryptosystems. Such an
approach should be necessarily based on the concept of the average case
complexity (or expected running time) of an algorithm.
These arguments support the following conclusion: although it is generally
feasible to base the security of a cryptosystem on the difficulty of the
conjugacy search problem, the group G itself (the "platform") has to be chosen
very carefully. In particular, experimental as well as theoretical evidence
collected so far makes it appear likely that braid groups are not a good choice
for the platform. We also reflect on possible replacements.Comment: 10 page
Assessing and countering reaction attacks against post-quantum public-key cryptosystems based on QC-LDPC codes
Code-based public-key cryptosystems based on QC-LDPC and QC-MDPC codes are
promising post-quantum candidates to replace quantum vulnerable classical
alternatives. However, a new type of attacks based on Bob's reactions have
recently been introduced and appear to significantly reduce the length of the
life of any keypair used in these systems. In this paper we estimate the
complexity of all known reaction attacks against QC-LDPC and QC-MDPC code-based
variants of the McEliece cryptosystem. We also show how the structure of the
secret key and, in particular, the secret code rate affect the complexity of
these attacks. It follows from our results that QC-LDPC code-based systems can
indeed withstand reaction attacks, on condition that some specific decoding
algorithms are used and the secret code has a sufficiently high rate.Comment: 21 pages, 2 figures, to be presented at CANS 201
Length-based cryptanalysis: The case of Thompson's Group
The length-based approach is a heuristic for solving randomly generated
equations in groups which possess a reasonably behaved length function. We
describe several improvements of the previously suggested length-based
algorithms, that make them applicable to Thompson's group with significant
success rates. In particular, this shows that the Shpilrain-Ushakov public key
cryptosystem based on Thompson's group is insecure, and suggests that no
practical public key cryptosystem based on this group can be secure.Comment: Final version, to appear in JM
Analysis of common attacks in LDPCC-based public-key cryptosystems
We analyze the security and reliability of a recently proposed class of
public-key cryptosystems against attacks by unauthorized parties who have
acquired partial knowledge of one or more of the private key components and/or
of the plaintext. Phase diagrams are presented, showing critical partial
knowledge levels required for unauthorized decryptionComment: 14 pages, 6 figure
Combinatorial group theory and public key cryptography
After some excitement generated by recently suggested public key exchange
protocols due to Anshel-Anshel-Goldfeld and Ko-Lee et al., it is a prevalent
opinion now that the conjugacy search problem is unlikely to provide sufficient
level of security if a braid group is used as the platform. In this paper we
address the following questions: (1) whether choosing a different group, or a
class of groups, can remedy the situation; (2) whether some other "hard"
problem from combinatorial group theory can be used, instead of the conjugacy
search problem, in a public key exchange protocol. Another question that we
address here, although somewhat vague, is likely to become a focus of the
future research in public key cryptography based on symbolic computation: (3)
whether one can efficiently disguise an element of a given group (or a
semigroup) by using defining relations.Comment: 12 page
Fast and User-friendly Quantum Key Distribution
Some guidelines for the comparison of different quantum key distribution
experiments are proposed. An improved 'plug & play' interferometric system
allowing fast key exchange is then introduced. Self-alignment and compensation
of birefringence remain. Original electronics implementing the BB84 protocol
and allowing user-friendly operation is presented. Key creation with 0.1 photon
per pulse at a rate of 486 Hz with a 5.4% QBER - corresponding to a net rate of
210Hz - over a 23 Km installed cable was performed.Comment: 21 pages, 6 figures, added referenc
Cryptanalysis of group-based key agreement protocols using subgroup distance functions
We introduce a new approach for cryptanalysis of key agreement protocols
based on noncommutative groups. This approach uses functions that estimate the
distance of a group element to a given subgroup. We test it against the
Shpilrain-Ushakov protocol, which is based on Thompson's group F
- …