Accessible Requires Authentication Published by De Gruyter October 11, 2016

A parallel evolutionary approach to solving systems of equations in polycyclic groups

Matthew J. Craven and Daniel Robertz


The Anshel–Anshel–Goldfeld (AAG) key exchange protocol is based upon the multiple conjugacy problem for a finitely-presented group. The hardness in breaking this protocol relies on the supposed difficulty in solving the corresponding equations for the conjugating element in the group. Two such protocols based on polycyclic groups as a platform were recently proposed and were shown to be resistant to length-based attack. In this article we propose a parallel evolutionary approach which runs on multicore high-performance architectures. The approach is shown to be more efficient than previous attempts to break these protocols, and also more successful. Comprehensive data of experiments run with a GAP implementation are provided and compared to the results of earlier length-based attacks. These demonstrate that the proposed platform is not as secure as first thought and also show that existing measures of cryptographic complexity are not optimal. A more accurate alternative measure is suggested. Finally, a linear algebra attack for one of the protocols is introduced.


The Centre for Mathematical Sciences at Plymouth University is gratefully acknowledged for its generous research support and encouragement. The authors also gratefully acknowledge the kind comments of the anonymous referees.


[1] Anshel I., Anshel M., Fisher B. and Goldfeld D., New key agreement protocols, Topics in Cryptology – CT-RSA 2001, Lecture Notes in Comput. Sci. 2020, Springer, Berlin (2001), 13–27. Search in Google Scholar

[2] Anshel I., Anshel M. and Goldfeld D., An algebraic method for public-key cryptography, Math. Res. Lett. 6 (1999), 287–291. Search in Google Scholar

[3] Cooperman G., ParGAP, Version 1.4.0, 2013, Search in Google Scholar

[4] Craven M. J. and Jimbo H. C., An evolutionary algorithm solution of the multiple conjugacy search problem in partially commutative groups with applications, Groups Complex. Cryptol. 4 (2012), 135–165. Search in Google Scholar

[5] Eick B. and Kahrobaei D., Polycyclic groups: A new platform for cryptology?, preprint 2004, Search in Google Scholar

[6] Eick B., Nickel W. and Horn M., Polycyclic, Version 2.1.1, 2013, Search in Google Scholar

[7] Franco N. and González-Meneses J., Conjugacy problem for braid groups and Garside groups, J. Algebra 266 (2003), no. 1, 112–132. Search in Google Scholar

[8] Garber D., Kahrobaei D. and Lam H. T., Length-based attacks in polycyclic groups, J. Math. Cryptol. 9 (2015), no. 1, 33–43. Search in Google Scholar

[9] Garber D., Kaplan S., Teicher M., Tsaban B. and Vishne U., Probabilistic solutions of equations in the braid group, Adv. Appl. Math. 35 (2005), 323–334. Search in Google Scholar

[10] Garber D., Kaplan S., Teicher M., Tsaban B. and Vishne U., Length-based conjugacy search in the braid group, Algebraic Methods in Cryptography, Contemp. Math. 418, American Mathematical Society, Providence (2006), 75–88. Search in Google Scholar

[11] Garside F. A., The braid group and other groups, Quart. J. Math. Oxford 20 (1969), 235–254. Search in Google Scholar

[12] Gebhardt V., Efficient collection in infinite polycyclic groups, J. Symbolic Comput. 34 (2002), 213–228. Search in Google Scholar

[13] Goldberg D. E., Genetic Algorithms in Search, Optimization and Machine Learning, Addison-Wesley, Reading, 1989. Search in Google Scholar

[14] Holt D. F., Eick B. and O’Brien E. A., Handbook of Computational Group Theory, Chapman & Hall/CRC, Chapman, 2005. Search in Google Scholar

[15] Hughes J. and Tannenbaum A., Length-based attacks for certain group based encryption rewriting systems, preprint 2003, Search in Google Scholar

[16] Kahrobaei D. and Lam H. T., Heisenberg groups as platform for the AAG key-exchange protocol, Proceedings of the 22nd International Conference on Network Protocols (ICNP), IEEE Press, Piscataway (2014), 660–664. Search in Google Scholar

[17] Ko K., Lee S., Cheon J., Han J., Kang J. and Park C., New public-key cryptosystem using braid groups, CRYPTO 2000, Lecture Notes in Comput. Sci. 1880, Springer Berlin (2000), 166–183. Search in Google Scholar

[18] Kotov M. and Ushakov A., Analysis of a certain polycyclic group-based cryptosystem, J. Math. Cryptol. 9 (2015), 161–167. Search in Google Scholar

[19] Myasnikov A. D. and Ushakov A., Length based attack and braid groups: Cryptanalysis of Anshel–Anshel–Goldfeld key exchange protocol, Public Key Cryptography, Lecture Notes in Comput. Sci. 4450, Springer, Berlin (2007), 76–88. Search in Google Scholar

[20] Myasnikov A. G. and Ushakov A., Random subgroups and analysis of the length-based and quotient attacks, J. Math. Cryptol. 2 (2008), no. 1, 29–61. Search in Google Scholar

[21] Nikolaev A. and Blaney K. R., A PTIME solution to the restricted conjugacy problem in generalized heisenberg groups, Groups Complex. Cryptol. 8 (2016), no. 1, 69–74. Search in Google Scholar

[22] Ruinskiy D., Shamir A. and Tsaban B., Length-based cryptanalysis: The case of Thompson’s group, J. Math. Crypt. 1 (2007), 359–372. Search in Google Scholar

[23] Sudholt D., Parallel evolutionary algorithms, Handbook of Computational Intelligence, Springer, Berlin (2015), 929–959. Search in Google Scholar

[24] The GAP Group, GAP – Groups, Algorithms, and Programming, Version 4.7.7, 2015, Search in Google Scholar

Received: 2016-3-14
Published Online: 2016-10-11
Published in Print: 2016-11-1

© 2016 by De Gruyter