the recent connection with the conjugacy problem made by Bogopolski–Martino–Ventura in . All the con-
sequences up to date, published in several other papers by other authors, are also commented and reviewed.
Keywords: Orbit decidability, conjugacy problem
MSC 2010: 20F10, 20F28
Enric Ventura: Departament de Matemàtica Aplicada III, Escola Politècnica Superior d’Enginyeria de Manresa,
Universitat Politècnica de Catalunya, Av. Bases de Manresa 61-73 08242-Manresa, Barcelona (Catalonia), Spain,
In many areas of
security of the schemes, i.e., one can break the schemes without solving the algorithmic problems
on which the assumptions are based.
Keywords: Algebraic cryptography, Die–Hellman scheme, cryptanalysis, linear decomposition, linear
MSC 2010: 94A60, 20F10
Received January 8, 2015
In this paper, we discuss, following [37, 38], a new general attack, called the dimension or linear decom-
position attack, on various group-based cryptosystems. We do cryptanalysis of ten principle protocols (see
BS(1, 2), and indicate why certain of these groups played a key role in showing the word problem for nitely
presented groups is unsolvable.
Keywords:Word problem for groups, Baumslag–Solitar groups, Higman’s non-hopfian group
MSC 2010: 20F05, 20F10
Charles F. Miller III: Department of Mathematics and Statistics, University of Melbourne, Melbourne 3010, Australia,
The familiar Baumslag–Solitar groups are the groups with presentations of the form
BS(n, m) = ⟨s, x | s−1xns = xm⟩
where n, m ∈ ℤ. For convenience
the double endomorphism problem. We prove
that this problem is undecidable in free metabelian groups of suciently large rank. We relate this result to
computational security assumptions of some group-based cryptosystems. In particular, we show how to
improve the Grigoriev–Shpilrain’s protocol to get a new computational security assumption based on the
double endomorphism problem, providing a better theoretical foundation to security.
Keywords: Free metabelian group, endomorphism problem, cryptosystems, authentication
MSC 2010: 20F10, 68W30, 20F16, 11T71
The purpose of this study is to identify the behavior of customers in the online environment. We analyzed the evolution, characteristics, advantages and disadvantages of this type of commerce, and its implications on the consumers. In order to identify the customers’ behavior online, we selected three variables which are characterized by time intervals of the latest online order, and six variables which analyze the main problems faced by consumers of goods/services bought online (a long shipping time, damaged products, non-compliant products, fraud related issues, underperforming complaint system, technical issues, lack of customer and legal aspects). Online commerce is less developed in the Czech Republic, Romania, Poland, Lithuania, Ireland, Bulgaria, Estonia, Slovenia and Norway. But, the advantages of ecommerce weigh more for the consumer than the problems they face, for example: online shoppers will continue to make online purchases even if they have experienced delays in delivering goods/services, damaged products, online fraud, technical problems or difficulties in finding information about the warranty of goods/services.
Polycyclic groups are natural generalizations of cyclic groups but with more complicated algorithmic properties. They are finitely presented and the word, conjugacy, and isomorphism decision problems are all solvable in these groups. Moreover, the non-virtually nilpotent ones exhibit an exponential growth rate. These properties make them suitable for use in group-based cryptography, which was proposed in 2004 by Eick and Kahrobaei .
Since then, many cryptosystems have been created that employ polycyclic groups. These include key exchanges such as non-commutative ElGamal, authentication schemes based on the twisted conjugacy problem, and secret sharing via the word problem. In response, heuristic and deterministic methods of cryptanalysis have been developed, including the length-based and linear decomposition attacks. Despite these efforts, there are classes of infinite polycyclic groups that remain suitable for cryptography.
The analysis of algorithms for search and decision problems in polycyclic groups has also been developed. In addition to results for the aforementioned problems we present those concerning polycyclic representations, group morphisms, and orbit decidability. Though much progress has been made, many algorithmic and complexity problems remain unsolved; we conclude with a number of them. Of particular interest is to show that cryptosystems using infinite polycyclic groups are resistant to cryptanalysis on a quantum computer.
Let X be an aspherical polyhedron of the homotopy type
of the figure-eight and let f : X → X be a self-map. The Wagner
algorithm [Trans. Amer. Math. Soc. 351 (1999), 41–62] provides computations for the Nielsen number of
self-maps of X satisfying the remnant condition. If f is without
remnant, then using the concept of mutant by Jiang [Math. Ann. 311 (1998), 467–479] we may assume
that f#(b) is an initial segment of f#(a), where f# is
the induced endomorphism of π1(X) and a, b are generators of
π1(X). Let f#(b) = U and f#(a) = UnR, where n is the
maximal such positive integer. If R is not an initial segment of
U, we say that f is of Type Y. In this paper, we prove that if
f is of Type Y, then f can be mutated either to a map that has
remnant or to an exceptional form for which we can calculate the
Nielsen number directly. Not all self-maps of X are of Type Y. However, making use of the results in this paper, an algorithm is
presented by Kim [J. Pure Appl. Algebra 216 (2012),
1652–1666] that does compute the Nielsen number for
all self-maps of X.
In this paper, we introduce two general schemes of algebraic cryptography.
We show that many of the systems and protocols considered in literature that use two-sided multiplications are specific cases of the first general scheme.
In a similar way, we introduce the second general scheme that joins systems and protocols based on automorphisms or endomorphisms of algebraic systems.
Also, we discuss possible applications of the membership search problem in algebraic cryptanalysis.
We show how an efficient decidability of the underlined membership search problem for an algebraic system chosen as the platform can be applied to show a vulnerability of both schemes.
Our attacks are based on the linear or on the nonlinear decomposition method, which complete each other.
We give a couple of examples of systems and protocols known in the literature that use one of the two introduced schemes with their cryptanalysis.
Mostly, these protocols simulate classical cryptographic schemes, such as Diffie–Hellman, Massey–Omura and ElGamal in algebraic setting.
Furthermore, we show that, in many cases, one can break the schemes without solving the algorithmic problems on which the assumptions are based.