Cryptology ePrint Archive: Report 2021/583

Entropoids: Groups in Disguise

Lorenz Panny

Abstract: A recent preprint [ePrint 2021/469] suggests the use of exponentiation in a non-associative algebraic structure called "entropoid" to construct post-quantum analogues of DLP-based cryptosystems. In this note, we show a polynomial-time reduction from the entropoid version of DLP to the conventional DLP in the underlying finite field. The resulting attack takes less than 10 minutes on a laptop against parameters suggested in [ePrint 2021/469] for 128-bit post-quantum secure key exchange and runs in polynomial time on a quantum computer. We briefly discuss how to generalize the attack to the generic setting.

Category / Keywords: public-key cryptography / cryptanalysis, post-quantum cryptography, entropic quasigroup, non-associative exponentiation, linearization attack, discrete-logarithm problem

Date: received 3 May 2021, last revised 27 Jul 2021

Contact author: lorenz at yx7 cc

Available format(s): PDF | BibTeX Citation

Note: Updated following ePrint 2021/896.

Version: 20210727:152753 (All versions of this report)

Short URL: ia.cr/2021/583


[ Cryptology ePrint archive ]