A Polynomial Time Algorithm for the Braid Diffie-Hellman Conjugacy Problem

We propose the first polynomial time algorithm for the braid Diffie-Hellman conjugacy problem (DHCP) on which the braid key exchange scheme and the braid encryption scheme are based [9]. We show the proposed method solves the DHCP for the image of braids under the Lawrence-Krammer representation and the solutions play the equivalent role of the original key for the DHCP of braids. Given a braid index n and a canonical length l, the complexity is about O(n 14.4 l 3.2) or O(n 4τ + 2e l 2e ) bit operations for τ = log2 7 ≈ 2.8 and e> log2 3 ≈ 1.57.

[1]  Dennis Hofheinz,et al.  A Practical Attack on Some Braid Group Based Cryptographic Primitives , 2003, Public Key Cryptography.

[2]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[3]  Jung Hee Cheon,et al.  New Public-Key Cryptosystem Using Braid Groups , 2000, CRYPTO.

[4]  Joan S. Birman,et al.  A new approach to the word and conjugacy problems in the braid groups , 1997 .

[5]  Jang-Won Lee,et al.  New Signature Scheme Using Conjugacy Problem , 2002, IACR Cryptol. ePrint Arch..

[6]  Jung Hee Cheon,et al.  An Efficient Implementation of Braid Groups , 2001, ASIACRYPT.

[7]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[8]  Rosario Gennaro,et al.  Cryptanalysis of a Pseudorandom Generator Based on Braid Groups , 2002, EUROCRYPT.

[9]  Daan Krammer,et al.  The braid group B4 is linear , 2000 .

[10]  Iris Anshel,et al.  New Key Agreement Protocols in Braid Group Cryptography , 2001, CT-RSA.

[11]  Daan Krammer Braid groups are linear , 2002 .

[12]  G. Hardy,et al.  An Introduction to the Theory of Numbers , 1938 .

[13]  Eonkyung Lee,et al.  Cryptanalysis of the Public-Key Encryption Based on Braid Groups , 2003, EUROCRYPT.

[14]  Audra E. Kosh,et al.  Linear Algebra and its Applications , 1992 .

[15]  D. Goldfeld,et al.  An algebraic method for public-key cryptography , 1999 .

[16]  Sangjin Lee,et al.  Potential Weaknesses of the Commutator Key Agreement Protocol Based on Braid Groups , 2002, EUROCRYPT.

[17]  Sangjin Lee,et al.  Pseudorandomness from Braid Groups , 2001, CRYPTO.