Cryptanalysis of a Pseudorandom Generator Based on Braid Groups

@inproceedings{Gennaro2002CryptanalysisOA,
  title={Cryptanalysis of a Pseudorandom Generator Based on Braid Groups},
  author={Rosario Gennaro and Daniele Micciancio},
  booktitle={EUROCRYPT},
  year={2002}
}
We show that the decisional version of the Ko-Lee assumption for braid groups put forward by Lee, Lee and Hahn at Crypto 2001 is false, by giving an efficient algorithm that solves (with high probability) the corresponding decisional problem. Our attack immediately applies to the pseudo-random generator and synthesizer proposed by the same authors based on the decisional Ko-Lee assumption, and shows that neither of them is cryptographically secure. 
11 Citations

Cryptanalysis of the Public-Key Encryption Based on Braid Groups

TLDR
This paper shows that the private-key can be recovered from the public-key for several parameters with significant probability in a reasonable time and gives a new requirement for secure parameters against the attack, which more or less conflicts with that against brute force attack.

Cryptanalysis of matrix conjugation schemes

TLDR
This paper cryptanalyze two protocols: the Grigoriev–Shpilrain authentication protocol and a public key cryptosystem due to Wang, Wang, Cao, Okamoto and Shao and claims that these protocols are insecure for the proposed parameter values.

A Reaction Attack on a Public Key Cryptosystem Based on the Word Problem

TLDR
It is proved that in the present form Wagner and Magyarik's approach is vulnerable to so-called reaction attacks, and for the proposed instance it is possible to retrieve the private key just by watching the performance of a legitimate recipient.

A New Key Exchange Protocol Based on Infinite Non-Abelian Groups

TLDR
A shared secret key is constructed which contains two hard problems of equivalent decomposition problem (EDP) and discrete logarithm problem (DLP), and two methods were employed to verify the antiattack for the proposed protocol.

A Polynomial Time Algorithm for the Braid Diffie-Hellman Conjugacy Problem

TLDR
The first polynomial time algorithm for the braid Diffie-Hellman conjugacy problem (DHCP) is proposed and the solutions play the equivalent role of the original key for the DHCP of braids.

Right-Invariance: A Property for Probabilistic Analysis of Cryptography Based on Infinite Groups

TLDR
This paper pays attention to a property, the so-called right-invariance, which makes finite groups so convenient in cryptography, and gives a mathematical framework for correct, appropriate use of it in infinite groups.

An Authenticated Group Key Agreement Protocol on Braid groups

TLDR
The 2-party key exchange protocol on braid groups is extended and authenticity is provided to the group key agreement protocol based on the hardness of Ko-Lee problem.

Translation-Randomizable Distributions via Random Walks

TLDR
This work study the possibility of phrasing random self-reducibility properties for infinite groups in an analogous manner to the case of finite groups with the uniform distribution, using a novel approach based on random walks to construct families of distributions, which are translation-randomizable over infinite groups.

A new key exchange protocol based on the decomposition problem

TLDR
Here two new ideas are introduced that improve the security of key establishment protocols based on the decomposition problem in non-commutative groups by introducing an additional computationally hard problem for the adversary, namely, finding the centralizer of a given finitely generated subgroup.

Linear representations of braid groups and braid-based cryptography

  • A. Kalka
  • Mathematics, Computer Science
  • 2007
TLDR
Braid groups are linear representations of braid groups that have several notions and fundamental properties and some have linear representations that do not have these properties.

References

SHOWING 1-10 OF 26 REFERENCES

Pseudorandomness from Braid Groups

TLDR
Some cryptographic primitives under two related assumptions in braid groups are presented: which particular bit of the argument x is pseudorandom given f(x).

New Public-Key Cryptosystem Using Braid Groups

TLDR
The aim of this article is to show that the braid groups can serve as a good source to enrich cryptography and to propose and implement a new key agreement scheme and public key cryptosystem based on these primitives in thebraid groups.

The Decision Diffie-Hellman Problem

  • D. Boneh
  • Mathematics, Computer Science
    ANTS
  • 1998
TLDR
This paper surveys the recent applications of DDH as well as known results regarding its security, and describes some open problems in this area.

Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems

  • E. Verheul
  • Mathematics, Computer Science
    EUROCRYPT
  • 2001
We show that finding an efficiently computable injective homomorphism from the XTR subgroup into the group of points over GF(p2) of a particular type of supersingular elliptic curve is at least as

Short Signatures from the Weil Pairing

TLDR
A short signature scheme based on the Computational Diffie–Hellman assumption on certain elliptic and hyperelliptic curves is introduced for systems where signatures are typed in by a human or are sent over a low-bandwidth channel.

Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems

  • E. Verheul
  • Mathematics, Computer Science
    Journal of Cryptology
  • 2004
Abstract We show that finding an efficiently computable injective homomorphism from the XTR subgroup into the group of points over GF(p2) of a particular type of supersingular elliptic curve is at

Random oracles are practical: a paradigm for designing efficient protocols

TLDR
It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.

The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes

TLDR
This paper shows the relationship among inverting problems, decision problems and gap problems, and sees how the gap problems find natural applications in cryptography, namely for proving the security of very efficients and for solving a more than 10-year old open security problem: the Chaum's undeniable signature.

An algebraic method for public-key cryptography

Algebraic key establishment protocols based on the difficulty of solving equations over algebraic structures are described as a theoretical basis for constructing public–key cryptosystems.

A hard-core predicate for all one-way functions

TLDR
This paper proves a conjecture of [Levin 87, sec. 5.6.2] that the scalar product of Boolean vectors p, g, x is a hard-core of every one-way function ƒ, and extends to multiple (up to the logarithm of security) such bits and to any distribution on the <italic>x</italic>.