25 research outputs found
Combinatorial group theory and public key cryptography
After some excitement generated by recently suggested public key exchange
protocols due to Anshel-Anshel-Goldfeld and Ko-Lee et al., it is a prevalent
opinion now that the conjugacy search problem is unlikely to provide sufficient
level of security if a braid group is used as the platform. In this paper we
address the following questions: (1) whether choosing a different group, or a
class of groups, can remedy the situation; (2) whether some other "hard"
problem from combinatorial group theory can be used, instead of the conjugacy
search problem, in a public key exchange protocol. Another question that we
address here, although somewhat vague, is likely to become a focus of the
future research in public key cryptography based on symbolic computation: (3)
whether one can efficiently disguise an element of a given group (or a
semigroup) by using defining relations.Comment: 12 page
Rakto apsikeitimo protokolas begalinės pusgrupės įvaizdžio lygmenyje
Matrix decomposition problem over integer ring is presented. Solving methods are discussed and it is showed, that this problem is hard computational problem regard to computer memory resources. A key agreement protocol based on matrix decomposition problem is presented
Using decision problems in public key cryptography
There are several public key establishment protocols as well as complete
public key cryptosystems based on allegedly hard problems from combinatorial
(semi)group theory known by now. Most of these problems are search problems,
i.e., they are of the following nature: given a property P and the information
that there are objects with the property P, find at least one particular object
with the property P. So far, no cryptographic protocol based on a search
problem in a non-commutative (semi)group has been recognized as secure enough
to be a viable alternative to established protocols (such as RSA) based on
commutative (semi)groups, although most of these protocols are more efficient
than RSA is.
In this paper, we suggest to use decision problems from combinatorial group
theory as the core of a public key establishment protocol or a public key
cryptosystem. By using a popular decision problem, the word problem, we design
a cryptosystem with the following features: (1) Bob transmits to Alice an
encrypted binary sequence which Alice decrypts correctly with probability "very
close" to 1; (2) the adversary, Eve, who is granted arbitrarily high (but
fixed) computational speed, cannot positively identify (at least, in theory),
by using a "brute force attack", the "1" or "0" bits in Bob's binary sequence.
In other words: no matter what computational speed we grant Eve at the outset,
there is no guarantee that her "brute force attack" program will give a
conclusive answer (or an answer which is correct with overwhelming probability)
about any bit in Bob's sequence.Comment: 12 page
Conjugacy in Baumslag's group, generic case complexity, and division in power circuits
The conjugacy problem belongs to algorithmic group theory. It is the
following question: given two words x, y over generators of a fixed group G,
decide whether x and y are conjugated, i.e., whether there exists some z such
that zxz^{-1} = y in G. The conjugacy problem is more difficult than the word
problem, in general. We investigate the complexity of the conjugacy problem for
two prominent groups: the Baumslag-Solitar group BS(1,2) and the
Baumslag(-Gersten) group G(1,2). The conjugacy problem in BS(1,2) is
TC^0-complete. To the best of our knowledge BS(1,2) is the first natural
infinite non-commutative group where such a precise and low complexity is
shown. The Baumslag group G(1,2) is an HNN-extension of BS(1,2). We show that
the conjugacy problem is decidable (which has been known before); but our
results go far beyond decidability. In particular, we are able to show that
conjugacy in G(1,2) can be solved in polynomial time in a strongly generic
setting. This means that essentially for all inputs conjugacy in G(1,2) can be
decided efficiently. In contrast, we show that under a plausible assumption the
average case complexity of the same problem is non-elementary. Moreover, we
provide a lower bound for the conjugacy problem in G(1,2) by reducing the
division problem in power circuits to the conjugacy problem in G(1,2). The
complexity of the division problem in power circuits is an open and interesting
problem in integer arithmetic.Comment: Section 5 added: We show that an HNN extension G = < H, b | bab^-1 =
{\phi}(a), a \in A > has a non-amenable Schreier graph with respect to the
base group H if and only if A \neq H \neq
Group ring based public key cryptosystems
In this paper, we propose two cryptosystems based on group rings and existing
cryptosystem. First one is Elliptic ElGamal type group ring public key
cryptosystem whose security is greater than security of cryptosystems based on
elliptic curves discrete logarithmic problem (ECDLP). Second is ElGamal type
group ring public key cryptosystem, which is analogous to ElGamal public key
cryptosystem but has comparatively greater security. Examples are also given
for both the proposed cryptosystems