Entropoid-based cryptography is group exponentiation in disguise
暂无分享,去创建一个
A recent preprint [3] suggests the use of exponentiation in a non-associative algebraic structure called entropoid to construct postquantum analogues of DLP-based cryptosystems. In this note, we show a polynomial-time reduction from the entropoid version of DLP to the conventional DLP in the underlying finite field. The resulting attack takes less than 10 minutes on a laptop against parameters suggested in [3] for 128-bit post-quantum secure key exchange and runs in polynomial time on a quantum computer. We briefly discuss how to generalize the attack to the generic setting.
[1] Danilo Gligoroski,et al. Entropoid Based Cryptography , 2021, IACR Cryptol. ePrint Arch..
[2] R. H. Bruck,et al. Some results in the theory of quasigroups , 1944 .
[3] D. C. Murdoch. Quasi-Groups Which Satisfy Certain Generalized Associative Laws , 1939 .