Paper 2023/1425
Popping “R-propping”: breaking hardness assumptions for matrix groups over F_{2^8}
Abstract
A recent series of works (Hecht, IACR ePrint, 2020–2021) propose to build post-quantum public-key encapsulation, digital signatures, group key agreement and oblivious transfer from "R-propped" variants of the Symmetrical Decomposition and Discrete Logarithm problems for matrix groups over $\mathbb{F}_{2^8}$. We break all four proposals by presenting a linearisation attack on the Symmetrical Decomposition platform, a forgery attack on the signature scheme, and a demonstration of the insecurity of the instances of the Discrete Logarithm Problem used for signatures, group key agreement and oblivious transfer, showing that none of the schemes provides adequate security.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. Mathematical Cryptology
- Keywords
- non-commutative cryptographyR-propping
- Contact author(s)
- f virdia @ gmx com
- History
- 2023-09-24: approved
- 2023-09-20: received
- See all versions
- Short URL
- https://ia.cr/2023/1425
- License
-
CC BY-SA
BibTeX
@misc{cryptoeprint:2023/1425, author = {Fernando Virdia}, title = {Popping “R-propping”: breaking hardness assumptions for matrix groups over F_{2^8}}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1425}, year = {2023}, url = {https://eprint.iacr.org/2023/1425} }