741 research outputs found
Short expressions of permutations as products and cryptanalysis of the Algebraic Eraser
On March 2004, Anshel, Anshel, Goldfeld, and Lemieux introduced the
\emph{Algebraic Eraser} scheme for key agreement over an insecure channel,
using a novel hybrid of infinite and finite noncommutative groups. They also
introduced the \emph{Colored Burau Key Agreement Protocol (CBKAP)}, a concrete
realization of this scheme.
We present general, efficient heuristic algorithms, which extract the shared
key out of the public information provided by CBKAP. These algorithms are,
according to heuristic reasoning and according to massive experiments,
successful for all sizes of the security parameters, assuming that the keys are
chosen with standard distributions.
Our methods come from probabilistic group theory (permutation group actions
and expander graphs). In particular, we provide a simple algorithm for finding
short expressions of permutations in , as products of given random
permutations. Heuristically, our algorithm gives expressions of length
, in time and space . Moreover, this is provable from
\emph{the Minimal Cycle Conjecture}, a simply stated hypothesis concerning the
uniform distribution on . Experiments show that the constants in these
estimations are small. This is the first practical algorithm for this problem
for .
Remark: \emph{Algebraic Eraser} is a trademark of SecureRF. The variant of
CBKAP actually implemented by SecureRF uses proprietary distributions, and thus
our results do not imply its vulnerability. See also arXiv:abs/12020598Comment: Final version, accepted to Advances in Applied Mathematics. Title
slightly change
Commitment and Oblivious Transfer in the Bounded Storage Model with Errors
The bounded storage model restricts the memory of an adversary in a
cryptographic protocol, rather than restricting its computational power, making
information theoretically secure protocols feasible. We present the first
protocols for commitment and oblivious transfer in the bounded storage model
with errors, i.e., the model where the public random sources available to the
two parties are not exactly the same, but instead are only required to have a
small Hamming distance between themselves. Commitment and oblivious transfer
protocols were known previously only for the error-free variant of the bounded
storage model, which is harder to realize
- …