**Length-Based Attacks for Certain Group Based Encryption Rewriting Systems**

*J. Hughes, and A. Tannenbaum*

**Abstract: **In this note, we describe a probabilistic attack on public key cryptosystems based on the word/conjugacy problems for finitely presented groups of the type proposed recently by Anshel, Anshel and Goldfeld. In such a scheme, one makes use of the property that in the given group the word problem has a polynomial time solution, while the conjugacy problem has no known polynomial solution. An example is the braid group from topology in which the word problem is solvable in polynomial time while the only known solutions to the conjugacy problem are exponential. The attack in this paper is based on having a canonical representative of each string relative to which a length function may be computed. Hence the term length attack. Such canonical representatives are known to exist for the braid group.

**Category / Keywords: **public-key cryptography / Braid Group, Length attack, Conjugacy Search Problem AAG AAFG

**Publication Info: **Workshop SECI02 SEcurité de la Communication sur Intenet , September, 2002, Tunis, Tunisa.

**Date: **received 23 May 2003

**Contact author: **james_hughes at StorageTek com

**Available format(s): **PDF | BibTeX Citation

**Note: **Updated since the proceedings.

**Version: **20030529:213000 (All versions of this report)

**Short URL: **ia.cr/2003/102

**Discussion forum: **Show discussion | Start new discussion

[ Cryptology ePrint archive ]