Science China Information Sciences

, Volume 53, Issue 3, pp 524–536 | Cite as

Conjugate adjoining problem in braid groups and new design of braid-based signatures

  • LiCheng Wang
  • LiHua Wang
  • ZhenFu Cao
  • YiXian Yang
  • XinXin Niu
Research Papers


The development of quantum computation casts serious threats to the securities of most existing public-key cryptosystems. Braid-based cryptography is one of the alternatives that have potential advantages in resisting quantum attacks. In this paper, the state of the art of braid cryptography is surveyed, and then a new cryptographic problem—conjugate adjoining problem related to braid groups is proposed. Based on this problem, we design a new braid-based signature scheme. This scheme is efficient and provably secure in the random oracle model. Further, we present the comparison between braid-based signatures and RSA-based ones. The signing process of the braid-based schemes is more efficient than that of RSA-based ones, while the verifying process of the braid-based ones is observably slow. Hence, braid-based signatures are suitable for scenarios where the signing process has to be as quick as possible but delays are permitted in the verifying process, for example, in off-line e-cash systems. The key sizes in braid-based schemes are considerably large—about 2K bits in the case of secret keys and 12K bits in the case of public keys. However, braid operations are much simpler and more efficient than modular exponential operations. Therefore, braid-based schemes can be embedded into devices with low computational ability and large memory space. The capability of braid cryptosystems to resist currently known quantum attacks is also discussed from the perspective of hidden subgroup problems.


braid group conjugate adjoining problem digital signature provable security resistance to quantum attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Magliveras S S, Stinson D R, Trung T V. New approaches to designing public key cryptosystems using one-way functions and trapdoors in finite groups. J Cryptogr, 2002, 15: 285–297MATHCrossRefGoogle Scholar
  2. 2.
    Shor P. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J Comput, 1997, 26: 1484–1509MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Kitaev A. Quantum measurements and the abelian stabilizer problem. Report arXiv:quant-ph/9511026, 1995Google Scholar
  4. 4.
    Proos J, Zalka C. Shor’s discrete logarithm quantum algorithm for elliptic curves. Quant Inf Comput, 2003, 3: 317–344MATHMathSciNetGoogle Scholar
  5. 5.
    Lee E. Braid groups in cryptography. IEICE Trans Fund Electr, 2004, E87-A: 986–992Google Scholar
  6. 6.
    Anshel I, Anshel M, Goldfeld D. An algebraic method for public-key cryptography. Math Res Lett, 1999, 6: 287–291MATHMathSciNetGoogle Scholar
  7. 7.
    Ko K, Lee S, Cheon J, et al. New public-key cryptosystem using braid groups. In: Bellare M, ed. Advances in Cryptology-CRYPTO 2000, Lecture Notes in Computer Science, Vol. 1880. Berlin: Springer-Verlag, 2000. 166–183CrossRefGoogle Scholar
  8. 8.
    Anshel I, Anshel M, Fisher B, et al. New key agreement protocols in braid group cryptography. In: Naccache D, ed. Topics in Cryptology-CT-RSA 2001, Lecture Notes in Computer Science, Vol. 2020. Berlin: Springer-Verlag, 2001. 13–27CrossRefGoogle Scholar
  9. 9.
    Cha J, Ko K, Lee S, et al. An efficient implementation of braid groups. In: Boyd C, ed. Advances in Cryptology-ASIACRYPT 2001, Lecture Notes in Computer Science, Vol. 2248. Berlin: Springer-Verlag, 2001. 144–156CrossRefGoogle Scholar
  10. 10.
    Ko K, Choi D, Cho M, et al. New signature scheme using conjugacy problem. Cryptology ePrint Archive: Report 2002/168Google Scholar
  11. 11.
    Lee E, Lee S J, Hahn S G. Pseudorandomness from braid groups. In: Kilian J, ed. Advances in Cryptology-CRYPTO 2001, Lecture Notes in Computer Science, Vol. 2139. Berlin: Springer-Verlag, 2001. 486–502CrossRefGoogle Scholar
  12. 12.
    Cheon J H, Jun B. A polynomial time algorithm for the braid diffie-hellman conjugacy problem. In: Boneh D, ed. Advances in Cryptology-CRYPTO 2003, Lecture Notes in Computer Science, Vol. 2729. Berlin: Springer-Verlag, 2003. 212–225Google Scholar
  13. 13.
    Hughes J. The left sss attack on ko-lee-cheon-han-kang-park key agreement scheme in b45. Report, Rump session Crypto 2000, 2000Google Scholar
  14. 14.
    Hughes J. A linear algebraic attack on the aafg1 braid group cryptosystem. In: Batten L M, Seberry J, eds. Proceedings of the 7th Australian Conference on Information Security and Privacy, Lecture Notes in Computer Science, Vol. 2384. London: Springer-Verlag, 2002. 176–189CrossRefGoogle Scholar
  15. 15.
    Myasnikov A, Shpilrain V, Ushakov A. A practical attack on a braid group based cryptographic protocol. In: Shoup V, ed. Advances in Cryptology-CRYPTO 2005, Lecture Notes in Computer Science, Vol. 3621. Berlin: Springer-Verlag, 2005. 86–96Google Scholar
  16. 16.
    Dehornoy P. Braid-based cryptography. In: Myasnikov A G, ed. Group Theory, Statistics, and Cryptography, Number 360 in Contemporary Mathematics. New York: ACM Press, 2004. 5–33Google Scholar
  17. 17.
    Dehornoy P. Using shifted conjugacy in braid-based cryptography. Report, arXiv:cs/0609091, 2006Google Scholar
  18. 18.
    Cao Z, Dong X, Wang L. New public key cryptosystems using polynomials over noncommutative rings. Cryptology ePrint Archive: Report 2007/009, 2007. 1–35Google Scholar
  19. 19.
    Shpilrain V, Ushakov A. An authentication scheme based on the twisted conjugacy problem. In: Bellovin S, ed. Applied Cryptography and Network Security—ACNS 2008, Lecture Notes in Computer Science, Vol. 5037. Berlin: Springer-Verlag, 2008. 366–372CrossRefGoogle Scholar
  20. 20.
    Ko K, Lee J, Thomas T. Towards generating secure keys for braid cryptography. Design Code Cryptogr, 2007, 45: 317–333MATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Ding Y, Tian H, Wang Y. An improved signature scheme based on the braid group (in Chinese). J Xidian Univ, 2006, 33: 50–61Google Scholar
  22. 22.
    Wang L, Cao Z, Zeng P, et al. One-more matching conjugate problem and security of braid-based signatures. In: Deng R, et al. eds. Proceedings of the 2nd ACM Symposium on Information, Computer and Communications security (ASIACCS’07). New York: ACM Press, 2007. 295–301Google Scholar
  23. 23.
    Gonzales-Meneses J. Improving an algorithm to solve the multiple simultaneous conjugacy problems in braid groups. Report arXiv:math/0212150v1, 2002Google Scholar
  24. 24.
    Bellare M, Namprempre C, Pointcheval D, et al. The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme. J Cryptol, 2003, 16: 185–215MATHCrossRefMathSciNetGoogle Scholar
  25. 25.
    Wang L, Cao Z, Zheng S, et al. Transitive signatures from braid groups. In: Srinathan K, et al. eds. Progress in Cryptology-IndoCrypt 2007, Lecture Notes in Computer Science, Vol. 4859. Berlin: Springer-Verlag, 2007. 366–372Google Scholar
  26. 26.
    Maffre S. A weak key test for braid based cryptography. Design Code Cryptogr, 2006, 39: 347–373MATHCrossRefMathSciNetGoogle Scholar
  27. 27.
    Coppersmith D. Modifications to the number field sieve. J Cryptol, 1993, 169–180Google Scholar
  28. 28.
    Elrifai E, Morton H R. Algorithms for positive braids. Quart J Math Oxford Ser, 1994, 45: 479–497MATHCrossRefMathSciNetGoogle Scholar
  29. 29.
    Franco N, Gonzales-Menses J. Conjugacy problem for braid groups and Garside groups. J Algebra, 2003, 266: 112–132MATHCrossRefMathSciNetGoogle Scholar
  30. 30.
    Gebhardt V. A new approach to the conjugacy problem in garside groups. J Algebra, 2005, 292: 282–302MATHCrossRefMathSciNetGoogle Scholar
  31. 31.
    Shpilrain V. Assessing security of some group based cryptosystems. Contempor Math, 2003, 360: 167–177MathSciNetGoogle Scholar
  32. 32.
    Garber D. Braid group cryptography. Report, PRIMA School and Conference of Braids, Singapore, 2007. 1–75Google Scholar
  33. 33.
    Anshel M. Braid group cryptography and quantum cryptoanalysis. In: 8th International Wigner Symposium, Baruch College of CUNY, New York, USA, 2003. 13–27Google Scholar
  34. 34.
    Rotteler M. Quantum algorithms: A survey of some recent results. Informatik Forsc Entw, 2006, 21: 3–20CrossRefGoogle Scholar
  35. 35.
    Koiran P, Nesme V, Portier N. The quantum query complexity of the abelian hidden subgroup problem. Theor Comput Sci, 2007, 380: 115–126MATHCrossRefMathSciNetGoogle Scholar
  36. 36.
    Friedl K, Ivanyos G, Magniez F, et al. Hidden translation and orbit coset in quantum computing. In: Proceedings of the Symposium on Theory of Computing. New York: ACM Press, 2003. 1–9Google Scholar
  37. 37.
    Bacon D, Childs A M, Dam WV. Optimal measurements for the dihedral hidden subgroup problem. Report arXiv:quantph/0501044v2, 2005Google Scholar
  38. 38.
    Bacon D, Childs A M, Dam W V. From optimal measurement to efficient quantum algorithms for the hidden subgroup problem over semidirect product groups. In: Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science. Washington: IEEE Computer Society. 2005. 469–478CrossRefGoogle Scholar
  39. 39.
    Bacon D. How a Clebsch-Gordan transform helps to solve the Heisenberg hidden subgroup problem. Report arXiv:quantph/0612107v2, 2006Google Scholar
  40. 40.
    Krovi H, Roetteler M. An efficient quantum algorithm for the hidden subgroup problem over Weyl-Heisenberg groups. Report arXiv: quant-ph/0810.3695, 2008Google Scholar
  41. 41.
    Jozsa R. Quantum factoring, discrete logarithms, and the hidden subgroup problem. Comput Sci Eng (CSE), 2001, 3: 34–43CrossRefGoogle Scholar
  42. 42.
    Lomonaco S J, Kauffman L H. Quantum hidden subgroup problems: A mathematical perspective. Report arXiv:quantph/0201095, 2002Google Scholar
  43. 43.
    Lomont C. The hidden subgroup problem—review and open problems. Report arXiv:quant-ph/0411037, 2004Google Scholar
  44. 44.
    Moore C, Russell A, Vazirani U. A classical one-way function to confound quantum adversaries. Report arXiv: quantph/0701115, 2007Google Scholar
  45. 45.
    Denney A, Moore C, Russell A. Finding conjugate stabilizer subgroups of PSL(2; q). Report, arXiv: 0809.2445, 2009Google Scholar
  46. 46.
    Grigni M, Schulman L J, Vazirani M, et al. Quantum mechanical algorithms for the nonabelian hidden subgroup problem. Combinatorica, 2004, 24: 137–154MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Science in China Press and Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • LiCheng Wang
    • 1
    • 2
  • LiHua Wang
    • 2
  • ZhenFu Cao
    • 3
  • YiXian Yang
    • 1
  • XinXin Niu
    • 1
  1. 1.Information Security Center, State Key Laboratory of Networking and Switching TechnologyBeijing University of Posts and TelecommunicationsBeijingChina
  2. 2.National Institute of Information and Communications TechnologyTokyoJapan
  3. 3.Trusted Digital Technology LaboratoryShanghai Jiao Tong UniversityShanghaiChina

Personalised recommendations