Cryptology ePrint Archive: Report 2003/123
Assessing security of some group based cryptosystems
Abstract: One of the possible generalizations of the discrete logarithm
problem to arbitrary groups is the so-called conjugacy search
problem. The computational difficulty of this problem in some
particular groups has been used in several group based cryptosystems.
Recently, a few preprints have been in circulation that suggest
various heuristic attacks on the conjugacy search problem.
The goal of the present survey is to stress a (probably well known)
fact that these heuristic attacks alone are not a threat to the
security of a cryptosystem, and, more importantly, to suggest a more
credible approach to assessing security of group based cryptosystems.
Such an approach should be necessarily based on the concept of the
average case complexity (or expected running time) of an algorithm.
These arguments support the following conclusion: although it is
generally feasible to base the security of a cryptosystem on the
difficulty of the conjugacy search problem, the group itself
(the ``platform") has to be chosen very carefully. In particular,
experimental as well as theoretical evidence collected so far
makes it appear likely that braid groups are not a good choice
for the platform. We also reflect on possible replacements.
Category / Keywords: cryptographic protocols / braid groups, conjugacy search problem
Date: received 15 Jun 2003
Contact author: shpil at groups sci ccny cuny edu
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20030616:143731 (All versions of this report)
Short URL: ia.cr/2003/123
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]