Abstract
This work emphasizes an important problem of braid based cryptography: the random generation of good keys. We present a deterministic, polynomial algorithm that reduces the conjugacy search problem in braid group. The algorithm is based on the decomposition of braids into products of canonical factors and gives a partial factorization of the secret: a divisor and a multiple. The tests we performed on different keys of existing protocols showed that many protocols in their current form are broken and that the efficiency of our attack depends on the random generator used to create the key. Therefore, this method gives new critera for testing weak keys. We also propose a new random generator of key which is secure against our attack and the one of Hofheinz and Steinwandt.
Similar content being viewed by others
References
I Anshel D Goldfeld (1999) ArticleTitleAn algebraic method for public-key cryptography Math Res Lett 6 287–291 Occurrence Handle2000e:94034
Anshel I, Fischer B, Goldfeld D (2001). New key agreement protocols in braid group cryptography , RSA 2001, LNCS 2020, 1–15
E Artin (1947) ArticleTitleTheory of braids Anna Math 48 101–126 Occurrence Handle0030.17703 Occurrence Handle8,367a
Cha JC, Ko KH, Lee SJ, Han JW, Cheon JH (2001). An efficient implementation of braid groups, Asiacrypt 2001, LNCS 2248, pp 144–156
Cheon JH, Jun B (2003). A polynomial time algorithm for the braid Diffie–Hellman conjugacy problem. Crypto 2003
P Dehornoy (1997) ArticleTitleA fast method for computing braids Adv Math 125 IssueID2 200–235 Occurrence Handle10.1006/aima.1997.1605 Occurrence Handle0882.20021 Occurrence Handle98b:20060
P Dehornoy (2004) ArticleTitleBraid-based cryptography Contemp Math Amer Math Soc 360 5–33 Occurrence Handle02144676 Occurrence Handle2005g:94073
EA Elrifai HR Morton (1994) ArticleTitleAlgorithms for positive braids Quart J Math Oxford 45 IssueID2 479–497 Occurrence Handle96b:20052
D Epstein J Cannon D Holt S Levy M Patterson W Thurston (1992) Word processing in groups Jones et Barlett Publishers Boston
N Franco J Gonzalez-Meneses (2003) ArticleTitleConjugacy problem for braid groups and Garside groups J Algebra 266 IssueID1 112–132 Occurrence Handle10.1016/S0021-8693(03)00292-8 Occurrence Handle2004g:20050
Garber D, Kaplan S, Teicher M, Tsaban B, Vishne U (2002). Length-based conjugacy search in the Braid group. http://arXiv.org/abs/math.GR/0209267
Garside FA (1969). The braid group and other groups. Quart J Math Oxford. 20–78, 235–254
Gebhardt V (2003). A new approach to the conjugacy problem in Garside groups to appear in J Algebra: http://arXiv.org/abs/math.GT/0306199
Hofheinz D, Steinwandt R (2003). A practical attack on some braid group cryptographic primitives, PKC 2003, LNCS 2567, pp 187–198
Hughes J (2002). A Linear Algebraic Attack on the AAFG1 Braid Group Cryptosystem, ACISP 2002, LNCS 2384, 02, pp 176–189
Hughes J (2000). Allen Tannenbaum, Length-based attacks for certain group based encryption rewriting systems, Inst. for Math. and its Applic. Minneapolis
A Jacquemard (1990) ArticleTitleAbout the effective classification of conjugacy classes of braids J Pure Appl Algebra 63 IssueID2 161–169 Occurrence Handle10.1016/0022-4049(90)90023-B Occurrence Handle0701.57003 Occurrence Handle90m:20036
Ko KH, Choi DH, Cho MS, Lee JW (2002). New Signature Scheme Using Conjugacy Problem: http://eprint.iacr.org/2002/168/
Ko KH, Lee SJ, Cheon JH, Han JW, Kang JS, Park C (2000). New public-key cryptosystem using braid groups, Crypto 2000, LNCS 1880, pp 166–184
Lee SJ, Lee EK (2002). Potential weakness of the commutator key agreement protocol based on braid groups, Eurocrypt 2002, LNCS 2332, pp 14–28
Lee E, Park JH (2003). Cryptanalysis of the public-key encryption based on braid groups, Eurocrypt 2003, LNCS 2656
Maffre S (2005). Reduction of conjugacy problem in braid groups, using two Garside structures, WCC 2005, pp 214–224
J Michel (1999) ArticleTitleA note on words in braid monoids J Algebra 215 366–377 Occurrence Handle10.1006/jabr.1998.7723 Occurrence Handle0937.20017 Occurrence Handle2000b:20046
Sibert H (2003). Algorithmique des groupes de tresses, Ph.D. Lab. LMNO
Sibert H, Dehornoy P, Girault M (2003). Entity authentification schemes using braid word reduction, WCC 2003, pp 153–163
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by P. Wild
Rights and permissions
About this article
Cite this article
Maffre, S. A Weak Key Test for Braid Based Cryptography. Des Codes Crypt 39, 347–373 (2006). https://doi.org/10.1007/s10623-005-5382-9
Received:
Revised:
Accepted:
Issue Date:
DOI: https://doi.org/10.1007/s10623-005-5382-9