A linear decomposition attack
-
Alexei Myasnikov
and
Vitaliĭ Roman'kov
Abstract
We discuss a new attack, termed a dimension or linear decomposition attack, on several known group-based cryptosystems. This attack gives a polynomial time deterministic algorithm that recovers the secret shared key from the public data in all the schemes under consideration. Furthermore, we show that in this case, contrary to the common opinion, the typical computational security assumptions are not very relevant to the security of the schemes, i.e., one can break the schemes without solving the algorithmic problems on which the assumptions are based.
Funding source: NSF
Award Identifier / Grant number: DMS-1318716
Funding source: RFBR
Award Identifier / Grant number: 13-01-00239a
Funding source: Russian Research Fund
Award Identifier / Grant number: 14-11-00085
© 2015 by De Gruyter
Articles in the same Issue
- Frontmatter
- Group extensions with special properties
- Symmetries of finite graphs and homology
- A fast search algorithm for 〈m,m,m〉 Triple Product Property triples and an application for 5×5 matrix multiplication
- Key-escrow free multi-signature scheme using bilinear pairings
- An application of elementary real analysis to a metabelian group admitting integral polynomial exponents
- On convex hulls and the quasiconvex subgroups of Fm×ℤn
- A linear decomposition attack
Articles in the same Issue
- Frontmatter
- Group extensions with special properties
- Symmetries of finite graphs and homology
- A fast search algorithm for 〈m,m,m〉 Triple Product Property triples and an application for 5×5 matrix multiplication
- Key-escrow free multi-signature scheme using bilinear pairings
- An application of elementary real analysis to a metabelian group admitting integral polynomial exponents
- On convex hulls and the quasiconvex subgroups of Fm×ℤn
- A linear decomposition attack
