Skip to main content
SpringerLink
Log in

Why you cannot even hope to use Ore algebras in Cryptography

  • Original Paper
  • Published:
Applicable Algebra in Engineering, Communication and Computing Aims and scope

Abstract

We adapt tag-variables and Buchberger reduction in order, given two elements, \(pg\in R\) into an effective ring R, to express g as the evaluation of a polynomial \(f(X)\in R[X]\) at p, \(g=f(p)\). As a by-product, we present also an attack to a couple of Cryptographical protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. id est \({{\mathcal {I}}}_\omega \subset R\), is the left ideal containing all the \(r\in R\), for which there is at least an \(h\in R\langle {\overline{\mathbf{V}}}\rangle =:{{\mathcal {Q}}}\), such that the biggest term of h with respect to the given ordering is strictly smaller than \(\omega \) and we have \( r\omega +h\in {{\mathcal {I}}}\).

  2. We borrow both the notation and this french phonetical joke from [11].

  3. Note that in the setting of [5] which is the classical commutative semigroup of terms \(\Gamma \), the computation becomes

    • compute \(\lambda ,\rho :\omega =\lambda \circ \tau \circ \rho =\lambda \tau \rho \).

  4. Where \(\cdot \) denotes the commutative multiplication.

  5. And in particular, the lexicographical ordering < on \(\langle {\overline{\mathbf{V}}}\rangle \) induced by \(X_1<\ldots<X_n<Y_1<\ldots <Y_m\); but the argument here is general.

  6. The reader interested to this result well documented in literature can consult any available text on Gröbner Theory.

  7. where \(\pi :\) is the canonical projection \({\mathcal {Q}} \rightarrow {\mathcal {Q}}/{\mathcal {I}}\) and \({\mathcal {I}} = (f_1,\ldots ,f_v)\)

References

  1. Apel, J.: Gröbnerbasen in Nichetkommutativen Algebren und ihre Anwendung. Dissertation, Leipzig (1988)

  2. Apel, J.: Computational ideal theory in finite generated extension rings. Theor. Comput. Sci. 244, 1–33 (2000)

    Article  MathSciNet  Google Scholar 

  3. Barkee, B., Ceria, M., Moriarty, T., Visconti, A.: Why you cannot even hope to use Gröbner bases in cryptography: an eternal golden braid of failures. Appl. Algebra Eng. Commun. Comput. 31(3), 235–252 (2020)

    Article  Google Scholar 

  4. Bueso, J., Gomez-Torrecillas, J., Verschoren, A.: Methods in Non-commutative Algebra. Kluwer, Amsterdam (2003)

    Book  Google Scholar 

  5. Burger, R., Heinle, A.: A Diffie–Hellman-like key exchange protocol based on multivariate Ore polynomials. preprint (2014). arXiv:1407.1270

  6. Cao, Z., Dong, X. and Wang, L.: New Public Key Cryptosystems using polynomials over non-commutative rings, Cryptology e-print Archive (2007). arXiv:2007/009

  7. Ceria, M., Mora, T.: Buchberger–Weispfenning Theory for Effective Associative Rings. Accepted by J. Symb. Comp., special issue for ISSAC (2015)

  8. Ceria, M., Mora, T.: Buchberger–Zacharias theory of multivariate ore extensions. J. Pure Appl. Algebra 221(12), 2974–3026 (2017)

    Article  MathSciNet  Google Scholar 

  9. Chyzak, F., Salvy, B.: Non-commutative elimination in Ore algebras proves multivariate identities. J. Symb. Comp. 26, 187–227 (1998)

    Article  MathSciNet  Google Scholar 

  10. Dubois, V., Kammerer, J.-G.: Cryptanalysis of cryptosystems based on non-commutative skew polynomials. In: International Workshop on PKC2011. Springer (2011)

  11. Giusti, M., Heintz, J.: Algorithmes—disons rapides—pour la décomposition d’une variété algébrique en composantes irréductibles. Progr. Math. 94, 169–194 (1990)

    MATH  Google Scholar 

  12. Heyworth, A.: One-sided noncommutative Gröbner bases with applications to computing Green’s relations. J. Algebra 242, 401–416 (2001)

    Article  MathSciNet  Google Scholar 

  13. Kandri-Rody, A., Weispfenning, W.: Non-commutative Gröbner bases in algebras of solvable type. J. Symb. Comp. 9, 1–26 (1990)

    Article  Google Scholar 

  14. Kanwal, S., Inam, S., Ali, R., Qiu, S.: Two New Variants of Stickel’s Key Exchange Protocol Based on Polynomials over Noncommutative Rings

  15. Kredel, H.: Solvable polynomial rings. Dissertation, Passau (1992)

  16. Levandovskyy, V.G.: Non-commutative Computer Algebra for Polynomial Algebras: Gröbner Bases, Applications and Implementation. Dissertation, Kaiserslautern (2005). http://kluedo.ub.uni-kl.de/volltexte/2005/1883/

  17. Levandovskyy V.G.: PBW bases, non-degeneracy conditions and applications In: Buchweitz, R.-O., Lenzing, H. (eds.), Representation of Algebras and Related Topics (Proceedings of the ICRA X Conference), vol. 45, pp. 229–246. AMS. Fields Institute Communications

  18. Maza, G.: Algebraic methods for constructing one-way trapdoor functions. Ph.D. Thesis, University of Notre Dame (2003). http://user.math.uzh.ch/maze/Articles/DissJoli.pdf

  19. Maza, G., Monico, C., Rosenthal, J.: Public key cryptography based on semigroup actions [pdf arXiv]. In: Advances of Mathematics of Communications, vol. 1, 4, pp. 489–507 (2007). https://www.math.uzh.ch/aa/fileadmin/user/rosen/publikation/ma07.pdf

  20. Mora, F.: De Nugis Groebnerialium 4: Zacharias, Spears, Möller Proc. ISSAC’15 (2015), pp. 191–198. ACM

  21. Mora, T.: Seven variations on standard bases (1988). ftp://ftp.disi.unige.it/person/MoraF/PUBLICATIONS/7Varietions.tar.gz

  22. Mora, T.: Solving Polynomial Equation Systems 4 Vols., Cambridge University Press, I (2003), II (2005), III (2015), IV (2016)

  23. Mosteig, E., Sweedler, M.: Valuations and filtrations. J. Symb. Comp. 34, 399–435 (2002)

    Article  MathSciNet  Google Scholar 

  24. Mullan, C.: Some results in group-based cryptography. Technical Report, Department of Mathematics, Royal Holloway, University of London (2012)

  25. Nguefack, B., Pola, E.: Effective Buchberger–Zacharias–Weispfenning theory of skew polynomial extensions of restricted bilateral coherent rings. J. Symb. Comp. (2019). https://doi.org/10.1016/j.jsc.2019.03.003

    Article  MATH  Google Scholar 

  26. Ore, O.: Theory of non-commutative polynomials. Ann. Math. 34, 480–508 (1933)

    Article  MathSciNet  Google Scholar 

  27. Pesch, M.: Gröbner bases in skew polynomial rings. Dissertation, Passau (1997)

  28. Pesch, M.: Two-sided Groebner bases in iterated Ore extensions. Progr. Comput. Sci. Appl. Logic 15, 225–243 (1991)

    MATH  Google Scholar 

  29. Reinert, B.: A Systematic Study of Groebner Basis Methods. Habilitation, Kaiserslautern (2003)

    Google Scholar 

  30. Reinert, B.: Groebner bases in function ring—a guide for introducing reduction relations to algebraic structures. J. Symb. Comp. 41, 1264–94 (2006)

    Article  Google Scholar 

  31. Spear, D.A.: A constructive approach to commutative ring theory. In: Proceedings of the 1977 MACSYMA Users’ Conference, NASA CP-2012, pp. 369–376 (1977)

  32. Shannon, D., Sweedler, M.: Using Gröbner bases to determine algebra membership, splitting surjective algebra homomorphisls and determine birational equivalence. J. Symb. Comp. 6, 267–273 (1988)

    Article  Google Scholar 

  33. Shpilrain, V.: Cryptanalysis of Stickel’s key exchange scheme. Proc. Comput. Sci. Russ. 5010, 283–288 (2008)

    MATH  Google Scholar 

  34. Shpilrain, V., Ushakov, A.: Thompson’s group and public key cryptography. In: Third International Conference, ACNS 2005, volume 3531 of Lecture Notes in Computer Science, pp. 151–163. Springer, Berlin (2005). arXiv:0505487v1

  35. Sramka, M.: On the security of Stickel’s key exchange scheme. J. Comb. Math. Comb. Comput. 66 (2008)

  36. Stickel,E.: A new method for exchanging secret key. In: Proceedings of the Third International Conference on Information Technology and Applications (ICITA’05), pp. 426–430. Sidney, Australia, (2005)

  37. Sweedler, M.: Ideal bases and valuation rings. Manuscript (1986). http://math.usask.ca/fvk/Valth.html

  38. Weispfenning, V.: Finite Groebner bases in non-noetherian skew polynomial rings. In: Proceedings of ISSAC’92, pp. 320–332 (1992). ACM

Download references

Author information

Authors and Affiliations

  1. Department of Mechanics, Mathematics and Management, Polytechnic University of Bari, Via Orabona 4, 70125, Bari, Italy

    Michela Ceria

  2. Department of Mathematics, University of Genoa, Via Dodecaneso 35, Genoa, Italy

    Teo Mora

  3. Department of Computer Science, University of Milan, Via Celoria 18, 20133, Milan, Italy

    Andrea Visconti

Authors
  1. Michela Ceria
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Teo Mora
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrea Visconti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michela Ceria.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ceria, M., Mora, T. & Visconti, A. Why you cannot even hope to use Ore algebras in Cryptography. AAECC 32, 229–244 (2021). https://doi.org/10.1007/s00200-021-00493-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00200-021-00493-9

Keywords

Search

Navigation