Group theory in cryptography

This paper is a guide for the pure mathematician who would like to know more about cryptography based on group theory. The paper gives a brief overview of the subject, and provides pointers to good textbooks, key research papers and recent survey papers in the area.Comment: 25 pages References updated, and a few extra references added. Minor typographical changes. To appear in Proceedings of Groups St Andrews 2009 in Bath, U

Short expressions of permutations as products and cryptanalysis of the Algebraic Eraser

On March 2004, Anshel, Anshel, Goldfeld, and Lemieux introduced the \emph{Algebraic Eraser} scheme for key agreement over an insecure channel, using a novel hybrid of infinite and finite noncommutative groups. They also introduced the \emph{Colored Burau Key Agreement Protocol (CBKAP)}, a concrete realization of this scheme. We present general, efficient heuristic algorithms, which extract the shared key out of the public information provided by CBKAP. These algorithms are, according to heuristic reasoning and according to massive experiments, successful for all sizes of the security parameters, assuming that the keys are chosen with standard distributions. Our methods come from probabilistic group theory (permutation group actions and expander graphs). In particular, we provide a simple algorithm for finding short expressions of permutations in $S_n$, as products of given random permutations. Heuristically, our algorithm gives expressions of length $O(n^2\log n)$, in time and space $O(n^3)$. Moreover, this is provable from \emph{the Minimal Cycle Conjecture}, a simply stated hypothesis concerning the uniform distribution on $S_n$. Experiments show that the constants in these estimations are small. This is the first practical algorithm for this problem for $n\ge 256$. Remark: \emph{Algebraic Eraser} is a trademark of SecureRF. The variant of CBKAP actually implemented by SecureRF uses proprietary distributions, and thus our results do not imply its vulnerability. See also arXiv:abs/12020598Comment: Final version, accepted to Advances in Applied Mathematics. Title slightly change

An improvement of cryptographic schemes based on the conjugacy search problem

The key exchange protocol is a method of securely sharing cryptographic keys over a public channel. It is considered as important part of cryptographic mechanism to protect secure communications between two parties. The Diffie — Hellman protocol, based on the discrete logarithm problem, which is generally difficult to solve, is the most well-known key exchange protocol. One of the possible generalizations of the discrete logarithm problem to arbitrary noncommutative groups is the so-called conjugacy search problem: given two elements g,h of a group G and the information that = h for some x G G, find at least one particular element x like that. Here gx stands for x-1gx. This problem is in the core of several known public key exchange protocols, most notably the one due to Anshel et al. and the other due to Ko et al. In recent years, effective algebraic cryptanalysis methods have been developed that have shown the vulnerability of protocols of this type. The main purpose of this short note is to describe a new tool to improve protocols based on the conjugacy search problem. This tool has been introduced by the author in some recent papers. It is based on a new mathematical concept of a marginal set