Abstract
We discuss pitfalls in the security of the combinatorial public key cryptosystem based on Nielsen transformations inspired by the ElGamal cryptosystem proposed by Fine, Moldenhauer and Rosenberger. We introduce three different types of attacks to possible combinatorial public key encryption schemes and apply these attacks to the scheme corresponding to the cryptosystem under discussion. As a result of our observation, we show that under some natural assumptions the scheme is vulnerable to at least one of the proposed attacks.
Funding source: Russian Science Foundation
Award Identifier / Grant number: 16-11-10002
Funding statement: This research was supported by Russian Science Foundation, project 16-11-10002.
References
[1] G. Baumslag, F. B. Cannonito, D. J. Robinson and D. Segal, The algorithmic theory of polycyclic-by-finite groups, J. Algebra 142 (1991), no. 1, 118–149. 10.1016/0021-8693(91)90221-SSearch in Google Scholar
[2] T. Beelen and P. Van Dooren, An improved algorithm for the computation of Kronecker’s canonical form of a singular pencil, Linear Algebra Appl. 105 (1988), 9–65. 10.1016/0024-3795(88)90003-1Search in Google Scholar
[3] B. Cavallo and D. Kahrobaei, A family of polycyclic groups over which the uniform conjugacy problem is NP-complete, Internat. J. Algebra Comput. 24 (2014), no. 4, 515–530. 10.1142/S0218196714500234Search in Google Scholar
[4] W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Trans. Information Theory IT-22 (1976), no. 6, 644–654. 10.1109/TIT.1976.1055638Search in Google Scholar
[5] D. Z. Du and F. Hwang, Computing in Euclidean Geometry, Lect. Notes Seri. Comput. 1, World Scientific, River Edge, 1992. 10.1142/1657Search in Google Scholar
[6] B. Eick and D. Kahrobaei, Polycyclic groups: A new platform for cryptology?, preprint (2004), https://arxiv.org/abs/math/0411077. Search in Google Scholar
[7] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms, IEEE Trans. Inform. Theory 31 (1985), no. 4, 469–472. 10.1109/TIT.1985.1057074Search in Google Scholar
[8] B. Fine, A. I. S. Moldenhauer and G. Rosenberger, Cryptographic protocols based on Nielsen transformations, J. Comp. Commun. 4 (2016), no. 12, 63–107. 10.4236/jcc.2016.412004Search in Google Scholar
[9] F. R. Gantmacher, The Theory of Matrices. Vols. 1 and 2, Chelsea Publishing, New York, 1959. Search in Google Scholar
[10] G. H. Golub and J. H. Wilkinson, Ill-conditioned eigensystems and the computation of the Jordan canonical form, SIAM Rev. 18 (1976), no. 4, 578–619. 10.1137/1018113Search in Google Scholar
[11] J. Gryak and D. Kahrobaei, The status of polycyclic group-based cryptography: A survey and open problems, Groups Complex. Cryptol. 8 (2016), no. 2, 171–186. 10.1515/gcc-2016-0013Search in Google Scholar
[12] M. Hall, Jr., The Theory of Groups, Macmillan, New York, 1959. 10.4159/harvard.9780674592711Search in Google Scholar
[13] P. Hall, Nilpotent Groups. Notes of Lectures given at the Canadian Mathematical Congress Summer Seminar, University of Alberta, 12–30 August, 1957, Queen Mary College, London, 1969. Search in Google Scholar
[14]
P. Hecht,
Post-Quantum Cryptography (PQC): Generalized ElGamal cipher over
[15] D. Kahrobaei and B. Khan, A non-commutative generalization of ElGamal key exchange using polycyclic groups, 2006 Global Telecommunications Conference – IEEE GLOBECOM 2006 (San Francisco 2006), IEEE Press, Piscataway (2006), 10.1109/GLOCOM.2006.290. 10.1109/GLOCOM.2006.290Search in Google Scholar
[16] K. H. Ko, S. J. Lee, J. H. Cheon, J. W. Han, J.-S. Kang and C. Park, New public-key cryptosystem using braid groups, Advances in Cryptology—CRYPTO 2000 (Santa Barbara 2000), Lecture Notes in Comput. Sci. 1880, Springer, Berlin (2000), 166–183. 10.1007/3-540-44598-6_10Search in Google Scholar
[17] N. Koblitz, A course in Number Theory and Cryptography, 2nd ed., Grad. Texts in Math. 114, Springer, New York, 1994. 10.1007/978-1-4419-8592-7Search in Google Scholar
[18] J. C. Lennox and D. J. S. Robinson, The Theory of Infinite Soluble Groups, Oxford Math. Monogr., The Clarendon Press, Oxford, 2004. 10.1093/acprof:oso/9780198507284.001.0001Search in Google Scholar
[19] R. C. Lyndon and P. E. Schupp, Combinatorial Group Theory, Classics Math., Springer, Berlin, 2001. 10.1007/978-3-642-61896-3Search in Google Scholar
[20] W. Magnus, A. Karrass and D. Solitar, Combinatorial Group Theory, rev. ed., Dover Publications, New York, 1976. Search in Google Scholar
[21] A. Mahalanobis, The Diffie–Hellman key exchange protocol and non-abelian nilpotent groups, Israel J. Math. 165 (2008), 161–187. 10.1007/s11856-008-1008-zSearch in Google Scholar
[22] A. I. S. Moldenhauer, Cryptographic protocols based on inner product spaces and group theory with a special focus on the use of Nielsen transformations, Ph.D. thesis, University of Hamburg, Hamburg, 2016. Search in Google Scholar
[23] A. Myasnikov, A. Nikolaev and A. Ushakov, Non-commutative lattice problems, J. Group Theory 19 (2016), no. 3, 455–475. 10.1515/jgth-2016-0506Search in Google Scholar
[24] A. Myasnikov and V. Roman’kov, A linear decomposition attack, Groups Complex. Cryptol. 7 (2015), no. 1, 81–94. 10.1515/gcc-2015-0007Search in Google Scholar
[25] G. A. Noskov, V. N. Remeslennikov and V. A. Romankov, Infinite groups, J. Math. Sci. 18 (1982), no. 5, 669–735. 10.1007/BF01091962Search in Google Scholar
[26] J.-L. Roch and G. Villard, Fast parallel computation of the Jordan normal form of matrices, Parallel Process. Lett. 6 (1996), no. 2, 203–212. 10.1142/S0129626496000200Search in Google Scholar
[27] V. A. Roman’kov, Automorphisms of groups, Acta Appl. Math. 29 (1992), no. 3, 241–280. 10.1007/BF00047221Search in Google Scholar
[28] V. A. Roman’kov, Introduction to Cryptography (in Russian), Forum, Moscow, 2012. Search in Google Scholar
[29] V. A. Roman’kov, Algebraic Cryptography (in Russian), Dostoevsky Omsk State University, Omsk, 2013. Search in Google Scholar
[30] V. A. Roman’kov, Cryptanalysis of some schemes applying automorphisms (in Russian), Appl. Discrete Math. 3 (2013), 35–51. 10.17223/20710410/21/5Search in Google Scholar
[31] V. A. Roman’kov, Linear decomposition attack on public key exchange protocols using semidirect products of (semi)groups, preprint (2015), https://arxiv.org/abs/1501.01152v1. Search in Google Scholar
[32] V. A. Roman’kov, Linear decomposition method in analyzing hidden information protocols on algebraic platforms, Algebra Logic 54 (2015), 81–87. 10.1007/s10469-015-9327-8Search in Google Scholar
[33] V. A. Roman’kov, A nonlinear decomposition attack, Groups Complex. Cryptol. 8 (2016), no. 2, 197–207. 10.1515/gcc-2016-0017Search in Google Scholar
[34] V. A. Roman’kov, A polynomial time algorithm for the braid double shielded public key cryptosystems, Bull. Karaganda Univ. Math. Ser. 4(84) (2016), 110–115. 10.31489/2016M4/110-115Search in Google Scholar
[35] V. A. Roman’kov and A. Menshov, Cryptanalysis of Andrecut’s public key cryptosystem, preprint (2015), https://arxiv.org/abs/1507.01496v1. Search in Google Scholar
[36] S. Schleimer, Polynomial-time word problems, Comment. Math. Helv. 83 (2008), no. 4, 741–765. 10.4171/CMH/142Search in Google Scholar
[37] C. C. Sims, Computation with Finitely Presented Groups, Encyclopedia Math. Appl. 48, Cambridge University Press, Cambridge, 1994. 10.1017/CBO9780511574702Search in Google Scholar
[38] B. Tsaban, Practical polynomial time solutions of several major problems in noncommutative-algebraic cryptography (preliminary announcement), preprint (2014), https://eprint.iacr.org/2014/041/20140115:201530. Search in Google Scholar
[39] B. Tsaban, Polynomial-time solutions of computational problems in noncommutative-algebraic cryptography, J. Cryptology 28 (2015), no. 3, 601–622. 10.1007/s00145-013-9170-9Search in Google Scholar
© 2017 Walter de Gruyter GmbH, Berlin/Boston
