Thompson’s Group and Public Key Cryptography
Recently, several public key exchange protocols based on symbolic computation in non-commutative (semi)groups were proposed as a more efficient alternative to well established protocols based on numeric computation. Notably, the protocols due to Anshel-Anshel-Goldfeld and Ko-Lee et al. exploited the conjugacy search problem in groups, which is a ramification of the discrete logarithm problem. However, it is a prevalent opinion now that the conjugacy search problem alone is unlikely to provide sufficient level of security no matter what particular group is chosen as a platform.
In this paper we employ another problem (we call it the decomposition problem), which is more general than the conjugacy search problem, and we suggest to use R. Thompson’s group as a platform. This group is well known in many areas of mathematics, including algebra, geometry, and analysis. It also has several properties that make it fit for cryptographic purposes. In particular, we show here that the word problem in Thompson’s group is solvable in almost linear time.
KeywordsNormal Form Word Problem Braid Group Negative Word Empty Word
Unable to display preview. Download preview PDF.
- 5.Hughes, J., Tannenbaum, A.: Length-based attacks for certain group based encryption rewriting systems, Workshop SECI02 Securitè de la Communication sur Intenet, Tunis, Tunisia (September 2002), http://www.storagetek.com/hughes/
- 8.Shpilrain, V., Ushakov, A.: The conjugacy search problem in public key cryptography: unnecessary and insufficient, Applicable Algebra in Engineering, Communication and Computing (to appear), http://eprint.iacr.org/2004/321/
- 9.Shpilrain, V., Zapata, G.: Combinatorial group theory and public key cryptography. Applicable Algebra in Engineering, Communication and Computing (to appear)Google Scholar