In this note, we describe a probabilistic attack on public key cryptosystems
based on the word/conjugacy problems for finitely presented groups of the type
proposed recently by Anshel, Anshel and Goldfeld. In such a scheme, one makes
use of the property that in the given group the word problem has a polynomial
time solution, while the conjugacy problem has no known polynomial solution. An
example is the braid group from topology in which the word problem is solvable
in polynomial time while the only known solutions to the conjugacy problem are
exponential. The attack in this paper is based on having a canonical
representative of each string relative to which a length function may be
computed. Hence the term length attack. Such canonical representatives are
known to exist for the braid group
