A parallel evolutionary approach to solving systems of equations in polycyclic groups

AbstractThe Anshel–Anshel–Goldfeld (AAG) key exchange protocol is based upon the multiple conjugacy problem for a finitely-presented group. The hardness in breaking this protocol relies on the supposed difficulty in solving the corresponding equations for the conjugating element in the group. Two such protocols based on polycyclic groups as a platform were recently proposed and were shown to be resistant to length-based attack. In this article we propose a parallel evolutionary approach which runs on multicore high-performance architectures. The approach is shown to be more efficient than previous attempts to break these protocols, and also more successful. Comprehensive data of experiments run with a GAP implementation are provided and compared to the results of earlier length-based attacks. These demonstrate that the proposed platform is not as secure as first thought and also show that existing measures of cryptographic complexity are not optimal. A more accurate alternative measure is suggested. Finally, a linear algebra attack for one of the protocols is introduced.</jats:p

Length-based attacks in polycyclic groups

The Anshel–Anshel–Goldfeld (AAG) key-exchange protocol was implemented and studied with the braid groups as its underlying platform. The length-based attack, introduced by Hughes and Tannenbaum, has been used to cryptanalyze the AAG protocol in this setting. Eick and Kahrobaei suggest to use the polycyclic groups as a possible platform for the AAG protocol. In this paper, we apply several known variants of the length-based attack against the AAG protocol with the polycyclic group as the underlying platform. The experimental results show that, in these groups, the implemented variants of the length-based attack are unsuccessful in the case of polycyclic groups having high Hirsch length. This suggests that the length-based attack is insucient to cryptanalyze the AAG protocol when implemented over this type of polycyclic groups. This implies that polycyclic groups could be a potential platform for some cryptosystems based on conjugacy search problem, such as non-commutative Die–Hellman, El Gamal and Cramer–Shoup key-exchange protocols. Moreover, we compare for the rst time the success rates of the dierent variants of the length-based attack. These experiments show that, in these groups, the memory length-based attack introduced by Garber, Kaplan, Teicher, Tsaban and Vishne does better than the other variants proposed thus far in this context

Algorithmic properties of poly-Z groups and secret sharing using non-commutative groups

Computational aspects of polycyclic groups have been used to study cryptography since 2004 when Eick and Kahrobaei proposed polycyclic groups as a platform for conjugacy based cryptographic protocols. In the first chapter we study the conjugacy problem in polycyclic groups and construct a family of torsion-free polycyclic groups where the uniform conjugacy problem over the entire family is at least as hard as the subset sum problem. We further show that the conjugacy problem in these groups is in NP, implying that the uniform conjugacy problem is NP-complete over these groups. This is joint work with Delaram Kahrobaei. We also present an algorithm for the conjugacy problem in groups of the form $\Z^n \rtimes_\phi \Z$. We continue by studying automorphisms of poly-$\Z$ groups and successive cyclic extensions of arbitrary groups. We study a certain kind of extension that we call deranged , and show that the automorphisms of the resulting group have a strict form. We also show that the automorphism group of a group obtained by iterated extensions of this type contains a non-abelian free group if and only if the original base group does. Finally we show that it is possible to verify that a finitely presented by infinite cyclic group is finitely presented by infinite cyclic, but that determining that a general finitely presented group is finitely generated by infinite cyclic is undecidable. We then discuss implications the latter result has for calculating the Bieri-Neumann-Strebel invariant. This is joint work with Jordi Delgado, Delaram Kahrobaei, Ha Lam, and Enric Ventura and is currently in preparation. In the final chapter we discuss secret sharing schemes and variations. We begin with classical secret sharing schemes and present variations that allow them to be more practical. We then present a secret sharing scheme due to Habeeb, Kahrobaei, and Shpilrain. Finally, we present an original adjustment to their scheme that involves the shortlex order on a group and allows less information to be transmitted each time a secret is shared. Additionally, we propose additional steps that allow participants to update their information independently so that the scheme remains secure over multiple rounds. This is joint work with Delaram Kahrobaei