3 research outputs found
Cryptanalysis of Cryptosystems Based on Non-commutative Skew Polynomials
International audienceTen years ago, Ko et al. described a Diffie-Hellman like protocol based on decomposition with respect to a non-commutative semigroup law. Instantiation with braid groups had first been considered, however intense research on braid groups revealed vulnerabilities of the group structure and of the braid based DH problem itself.Recently, Boucher et al. proposed a similar scheme based on a particular non-commutative multiplication of polynomials over a finite field. These so called skew polynomials have a well-studied theory and have many applications in mathematics and coding theory, however they are quite unknown in a cryptographic application.In this paper, we show that the Diffie-Hellman problem based on skew polynomials is susceptible to a very efficient attack. This attack is in fact general in nature, it uses the availability of a one-sided notion of gcd and exact division. Given such tools, one can shift the Diffie-Hellman probllem to a linear algebra type problem
Computational Approaches to Problems in Noncommutative Algebra -- Theory, Applications and Implementations
Noncommutative rings appear in several areas of mathematics. Most
prominently, they can be used to model operator equations, such as
differential or difference equations.
In the Ph.D. studies leading to this thesis, the focus was mainly on
two areas: Factorization in certain noncommutative domains and matrix
normal forms over noncommutative principal ideal domains.
Regarding the area of factorization, we initialize in this thesis a classification of noncommutative domains with
respect to the factorization properties of their elements. Such a
classification is well established in the area of commutative integral
domains. Specifically, we define conditions to identify so-called
finite factorization domains, and discover that the ubiquitous
G-algebras are finite factorization domains. We furthermore
realize a practical factorization algorithm
applicable to G-algebras, with minor assumptions on the underlying field. Since the generality of our algorithm
comes with the price of performance, we also study how it can be optimized for specific domains. Moreover, all of these factorization
algorithms are implemented.
However, it turns out that factorization
is difficult for many types of noncommutative rings. This observation leads to the adjunct
examination of noncommutative rings in the context of cryptography. In
particular, we develop a Diffie-Hellman-like key exchange protocol
based on certain noncommutative rings.
Regarding the matrix normal forms, we present a polynomial-time
algorithm of Las Vegas type to compute the Jacobson normal form of matrices over
specific domains. We will study the flexibility, as well as the
limitations of our proposal.
Another core contribution of this thesis consists of various implementations
to assist future researchers working with noncommutative
algebras. Detailed reports on all these programs and software-libraries are
provided. We furthermore develop a benchmarking tool called SDEval, tailored to the
needs of the computer algebra community. A description of this
tool is also included in this thesis