1,272 research outputs found
Using decision problems in public key cryptography
There are several public key establishment protocols as well as complete
public key cryptosystems based on allegedly hard problems from combinatorial
(semi)group theory known by now. Most of these problems are search problems,
i.e., they are of the following nature: given a property P and the information
that there are objects with the property P, find at least one particular object
with the property P. So far, no cryptographic protocol based on a search
problem in a non-commutative (semi)group has been recognized as secure enough
to be a viable alternative to established protocols (such as RSA) based on
commutative (semi)groups, although most of these protocols are more efficient
than RSA is.
In this paper, we suggest to use decision problems from combinatorial group
theory as the core of a public key establishment protocol or a public key
cryptosystem. By using a popular decision problem, the word problem, we design
a cryptosystem with the following features: (1) Bob transmits to Alice an
encrypted binary sequence which Alice decrypts correctly with probability "very
close" to 1; (2) the adversary, Eve, who is granted arbitrarily high (but
fixed) computational speed, cannot positively identify (at least, in theory),
by using a "brute force attack", the "1" or "0" bits in Bob's binary sequence.
In other words: no matter what computational speed we grant Eve at the outset,
there is no guarantee that her "brute force attack" program will give a
conclusive answer (or an answer which is correct with overwhelming probability)
about any bit in Bob's sequence.Comment: 12 page
Group theory in cryptography
This paper is a guide for the pure mathematician who would like to know more
about cryptography based on group theory. The paper gives a brief overview of
the subject, and provides pointers to good textbooks, key research papers and
recent survey papers in the area.Comment: 25 pages References updated, and a few extra references added. Minor
typographical changes. To appear in Proceedings of Groups St Andrews 2009 in
Bath, U
Combinatorial group theory and public key cryptography
After some excitement generated by recently suggested public key exchange
protocols due to Anshel-Anshel-Goldfeld and Ko-Lee et al., it is a prevalent
opinion now that the conjugacy search problem is unlikely to provide sufficient
level of security if a braid group is used as the platform. In this paper we
address the following questions: (1) whether choosing a different group, or a
class of groups, can remedy the situation; (2) whether some other "hard"
problem from combinatorial group theory can be used, instead of the conjugacy
search problem, in a public key exchange protocol. Another question that we
address here, although somewhat vague, is likely to become a focus of the
future research in public key cryptography based on symbolic computation: (3)
whether one can efficiently disguise an element of a given group (or a
semigroup) by using defining relations.Comment: 12 page
Public-key cryptography and invariant theory
Public-key cryptosystems are suggested based on invariants of groups. We give
also an overview of the known cryptosystems which involve groups.Comment: 10 pages, LaTe
Assessing security of some group based cryptosystems
One of the possible generalizations of the discrete logarithm problem to
arbitrary groups is the so-called conjugacy search problem (sometimes
erroneously called just the conjugacy problem): given two elements a, b of a
group G and the information that a^x=b for some x \in G, find at least one
particular element x like that. Here a^x stands for xax^{-1}. The computational
difficulty of this problem in some particular groups has been used in several
group based cryptosystems. Recently, a few preprints have been in circulation
that suggested various "neighbourhood search" type heuristic attacks on the
conjugacy search problem. The goal of the present survey is to stress a
(probably well known) fact that these heuristic attacks alone are not a threat
to the security of a cryptosystem, and, more importantly, to suggest a more
credible approach to assessing security of group based cryptosystems. Such an
approach should be necessarily based on the concept of the average case
complexity (or expected running time) of an algorithm.
These arguments support the following conclusion: although it is generally
feasible to base the security of a cryptosystem on the difficulty of the
conjugacy search problem, the group G itself (the "platform") has to be chosen
very carefully. In particular, experimental as well as theoretical evidence
collected so far makes it appear likely that braid groups are not a good choice
for the platform. We also reflect on possible replacements.Comment: 10 page
A Non-commutative Cryptosystem Based on Quaternion Algebras
We propose BQTRU, a non-commutative NTRU-like cryptosystem over quaternion
algebras. This cryptosystem uses bivariate polynomials as the underling ring.
The multiplication operation in our cryptosystem can be performed with high
speed using quaternions algebras over finite rings. As a consequence, the key
generation and encryption process of our cryptosystem is faster than NTRU in
comparable parameters. Typically using Strassen's method, the key generation
and encryption process is approximately times faster than NTRU for an
equivalent parameter set. Moreover, the BQTRU lattice has a hybrid structure
that makes inefficient standard lattice attacks on the private key. This
entails a higher computational complexity for attackers providing the
opportunity of having smaller key sizes. Consequently, in this sense, BQTRU is
more resistant than NTRU against known attacks at an equivalent parameter set.
Moreover, message protection is feasible through larger polynomials and this
allows us to obtain the same security level as other NTRU-like cryptosystems
but using lower dimensions.Comment: Submitted for possible publicatio
- …