Alexander Ushakov

Thompson's group and public key cryptography

Recently, several public key exchange protocols based on symbolic computation in non-commutative (semi)groups were proposed as a more efficient alternative to well established protocols based on numeric computation. Notably, the protocols due to Anshel-Anshel-Goldfeld and Ko-Lee et al. exploited the conjugacy search problem in groups, which is a ramification of the discrete logarithm problem. However, it is a prevalent opinion now that the conjugacy search problem alone is unlikely to provide sufficient level of security no matter what particular group is chosen as a platform. In this paper we employ another problem (we call it the decomposition problem), which is more general than the conjugacy search problem, and we suggest to use R. Thompsons group as a platform. This group is well known in many areas of mathematics, including algebra, geometry, and analysis. It also has several properties that make it fit for cryptographic purposes. In particular, we show here that the word problem in Thompsons group is solvable in almost linear time.

Non-Commutative Cryptography and Complexity of Group-Theoretic Problems

This book is about relations between three different areas of mathematics and theoretical computer science: combinatorial group theory, cryptography, and complexity theory. It explores how non-commutative (infinite) groups, which are typically studied in combinatorial group theory, can be used in public-key cryptography. It also shows that there is remarkable feedback from cryptography to combinatorial group theory because some of the problems motivated by cryptography appear to be new to group theory, and they open many interesting research avenues within group theory. In particular, a lot of emphasis in the book is put on studying search problems, as compared to decision problems traditionally studied in combinatorial group theory. Then, complexity theory, notably generic-case complexity of algorithms, is employed for cryptanalysis of various cryptographic protocols based on infinite groups, and the ideas and machinery from the theory of generic-case complexity are used to study asymptotically dominant properties of some infinite groups that have been applied in public-key cryptography so far. This book also describes new interesting developments in the algorithmic theory of solvable groups and another spectacular new development related to complexity of group-theoretic problems, which is based on the ideas of compressed words and straight-line programs coming from computer science.

Length based attack and braid groups: cryptanalysis of Anshel-Anshel-Goldfeld key exchange protocol

The length based attack on Anshel-Anshel-Goldfeld commutator key-exchange protocol [1] was initially proposed by Hughes and Tannenbaum in [9]. Several attempts have been made to implement the attack [6], but none of them had produced results convincing enough to believe that attack works. In this paper we show that accurately designed length based attack can successfully break a random instance of the simultaneous conjugacy search problem for certain parameter values and argue that the public/private information chosen uniformly random leads to weak keys.

The word and geodesic problems in free solvable groups

We study the computational complexity of the Word Problem (WP) in free solvable groups S r,d , where r > 2 is the rank and d ≥ 2 is the solvability class of the group. It is known that the Magnus embedding of S r,d into matrices provides a polynomial time decision algorithm for WP in a fixed group S r,d . Unfortunately, the degree of the polynomial grows together with d, so the uniform algorithm is not polynomial in d. In this paper we show that WP has time complexity O(rn log 2 n) in S r,2 , and O(n 3 rd) in S r,d for d ≥ 3. However, it turns out, that a seemingly close problem of computing the geodesic length of elements in S r,2 is NP-complete. We prove also that one can compute Fox derivatives of elements from S r,d in time O(n 3 rd); in particular, one can use efficiently the Magnus embedding in computations with free solvable groups. Our approach is based on such classical tools as the Magnus embedding and Fox calculus, as well as on relatively new geometric ideas; in particular, we establish a direct link between Fox derivatives and geometric flows on Cayley graphs.

The Conjugacy Search Problem in Public Key Cryptography: Unnecessary and Insufficient

The conjugacy search problem in a group G is the problem of recovering an

Random subgroups and analysis of the length-based and quotient attacks

x \in G

Knapsack problems in groups

from given