Cryptanalysis of Group-Based Key Agreement Protocols Using Subgroup Distance Functions

We introduce a new approach for cryptanalysis of key agreement protocols based on noncommutative groups. Our approach uses functions that estimate the distance of a group element to a given subgroup. We test it against the Shpilrain-Ushakov protocol, which is based on Thompson's group F, and show that it can break about half the keys within a few seconds on a single PC.

[1]  박해룡 Public-key cryptosystem using braid groups , 2001 .

[2]  Allen R. Tannenbaum,et al.  Length-Based Attacks for Certain Group Based Encryption Rewriting Systems , 2003, IACR Cryptol. ePrint Arch..

[3]  Jung Hee Cheon,et al.  New Public-Key Cryptosystem Using Braid Groups , 2000, CRYPTO.

[4]  D. Goldfeld,et al.  An algebraic method for public-key cryptography , 1999 .

[5]  Vladimir Shpilrain,et al.  Thompson's Group and Public Key Cryptography , 2005, ACNS.

[6]  Vladimir Shpilrain Assessing security of some group based cryptosystems , 2003, IACR Cryptol. ePrint Arch..

[7]  David Garber,et al.  Probabilistic Solutions of Equations in the Braid Group , 2005, Adv. Appl. Math..

[8]  Adi Shamir,et al.  Length-based cryptanalysis: the case of Thompson's group , 2007, J. Math. Cryptol..

[9]  E. Artin The theory of braids. , 1950, American scientist.

[10]  Francesco Matucci,et al.  The Shpilrain-Ushakov Protocol for Thompson's Group $F$ is always breakable , 2006 .

[11]  Vladimir Shpilrain,et al.  Combinatorial Group Theory and Public Key Cryptography , 2004, Applicable Algebra in Engineering, Communication and Computing.

[12]  Vladimir Shpilrain,et al.  The Conjugacy Search Problem in Public Key Cryptography: Unnecessary and Insufficient , 2006, Applicable Algebra in Engineering, Communication and Computing.

[13]  D. Garber,et al.  LENGTH-BASED CONJUGACY SEARCH IN THE BRAID GROUP , 2002, math/0209267.

[14]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[15]  F. Bohnenblust,et al.  The Algebraical Braid Group , 1947 .