601 research outputs found
On the cycling operation in braid groups
The cycling operation is a special kind of conjugation that can be applied to
elements in Artin's braid groups, in order to reduce their length. It is a key
ingredient of the usual solutions to the conjugacy problem in braid groups. In
their seminal paper on braid-cryptography, Ko, Lee et al. proposed the {\it
cycling problem} as a hard problem in braid groups that could be interesting
for cryptography. In this paper we give a polynomial solution to that problem,
mainly by showing that cycling is surjective, and using a result by Maffre
which shows that pre-images under cycling can be computed fast. This result
also holds in every Artin-Tits group of spherical type.
On the other hand, the conjugacy search problem in braid groups is usually
solved by computing some finite sets called (left) ultra summit sets
(left-USS), using left normal forms of braids. But one can equally use right
normal forms and compute right-USS's. Hard instances of the conjugacy search
problem correspond to elements having big (left and right) USS's. One may think
that even if some element has a big left-USS, it could possibly have a small
right-USS. We show that this is not the case in the important particular case
of rigid braids. More precisely, we show that the left-USS and the right-USS of
a given rigid braid determine isomorphic graphs, with the arrows reversed, the
isomorphism being defined using iterated cycling. We conjecture that the same
is true for every element, not necessarily rigid, in braid groups and
Artin-Tits groups of spherical type.Comment: 20 page
Conjugacy in Garside Groups III: Periodic braids
An element in Artin's braid group B_n is said to be periodic if some power of
it lies in the center of B_n. In this paper we prove that all previously known
algorithms for solving the conjugacy search problem in B_n are exponential in
the braid index n for the special case of periodic braids. We overcome this
difficulty by putting to work several known isomorphisms between Garside
structures in the braid group B_n and other Garside groups. This allows us to
obtain a polynomial solution to the original problem in the spirit of the
previously known algorithms.
This paper is the third in a series of papers by the same authors about the
conjugacy problem in Garside groups. They have a unified goal: the development
of a polynomial algorithm for the conjugacy decision and search problems in
B_n, which generalizes to other Garside groups whenever possible. It is our
hope that the methods introduced here will allow the generalization of the
results in this paper to all Artin-Tits groups of spherical type.Comment: 33 pages, 13 figures. Classical references implying Corollaries 12
and 15 have been added. To appear in Journal of Algebr
Improving an algorithm to solve multiple simultaneous conjugacy problems in braid groups
There are recent cryptographic protocols that are based on Multiple
Simultaneous Conjugacy Problems in braid groups. We improve an algorithm,
due to Sang Jin Lee and Eonkyung Lee, to solve these problems, by
applying a method developed by the author and Nuno Franco, originally
intended to solve the Conjugacy Search Problem in braid groups
Conjugacy in Garside groups I: Cyclings, powers, and rigidity
In this paper a relation between iterated cyclings and iterated powers of
elements in a Garside group is shown. This yields a characterization of
elements in a Garside group having a rigid power, where 'rigid' means that the
left normal form changes only in the obvious way under cycling and decycling.
It is also shown that, given X in a Garside group, if some power X^m is
conjugate to a rigid element, then m can be bounded above by ||\Delta||^3. In
the particular case of braid groups, this implies that a pseudo-Anosov braid
has a small power whose ultra summit set consists of rigid elements. This
solves one of the problems in the way of a polynomial solution to the conjugacy
decision problem (CDP) and the conjugacy search problem (CSP) in braid groups.
In addition to proving the rigidity theorem, it will be shown how this paper
fits into the authors' program for finding a polynomial algorithm to the
CDP/CSP, and what remains to be done.Comment: 41 page
Assessing security of some group based cryptosystems
One of the possible generalizations of the discrete logarithm problem to
arbitrary groups is the so-called conjugacy search problem (sometimes
erroneously called just the conjugacy problem): given two elements a, b of a
group G and the information that a^x=b for some x \in G, find at least one
particular element x like that. Here a^x stands for xax^{-1}. The computational
difficulty of this problem in some particular groups has been used in several
group based cryptosystems. Recently, a few preprints have been in circulation
that suggested various "neighbourhood search" type heuristic attacks on the
conjugacy search problem. The goal of the present survey is to stress a
(probably well known) fact that these heuristic attacks alone are not a threat
to the security of a cryptosystem, and, more importantly, to suggest a more
credible approach to assessing security of group based cryptosystems. Such an
approach should be necessarily based on the concept of the average case
complexity (or expected running time) of an algorithm.
These arguments support the following conclusion: although it is generally
feasible to base the security of a cryptosystem on the difficulty of the
conjugacy search problem, the group G itself (the "platform") has to be chosen
very carefully. In particular, experimental as well as theoretical evidence
collected so far makes it appear likely that braid groups are not a good choice
for the platform. We also reflect on possible replacements.Comment: 10 page
On the genericity of pseudo-Anosov braids II: conjugations to rigid braids
International audienceWe prove that generic elements of braid groups are pseudo-Anosov, in the following sense: in the Cayley graph of the braid group with n 3 strands, with respect to Garside's generating set, we prove that the proportion of pseudo-Anosov braids in the ball of radius l tends to 1 exponentially quickly as l tends to infinity. Moreover, with a similar notion of genericity, we prove that for generic pairs of elements of the braid group, the conjugacy search problem can be solved in quadratic time. The idea behind both results is that generic braids can be conjugated "easily" into a rigid braid
- …