Jump to ContentJump to Main Navigation
Show Summary Details

Groups Complexity Cryptology

Managing Editor: Shpilrain, Vladimir / Weil, Pascal

Editorial Board Member: Blackburn, Simon R. / Conder, Marston / Dehornoy, Patrick / Eick, Bettina / Fine, Benjamin / Gilman, Robert / Grigoriev, Dima / Ko, Ki Hyoung / Kreuzer, Martin / Mikhalev, Alexander V. / Myasnikov, Alexei / Roman'kov, Vitalii / Rosenberger, Gerhard / Sapir, Mark / Schäge, Sven / Thomas, Rick / Tsaban, Boaz / Capell, Enric Ventura

SCImago Journal Rank (SJR) 2015: 1.208
Source Normalized Impact per Paper (SNIP) 2015: 2.294
Impact per Publication (IPP) 2015: 1.103

Mathematical Citation Quotient (MCQ) 2015: 0.48

49,00 € / $74.00 / £37.00*

See all formats and pricing

Cryptanalysis of the Anshel-Anshel-Goldfeld-Lemieux Key Agreement Protocol

Alex D. Myasnikov1 / Alexander Ushakov2

1Department of Mathematics, Stevens Institute of Technology, Hoboken, NJ 07030, USA.

2Department of Mathematics, Stevens Institute of Technology, Hoboken, NJ 07030, USA.

Citation Information: Groups – Complexity – Cryptology. Volume 1, Issue 1, Pages 63–75, ISSN (Online) 1869-6104, ISSN (Print) 1867-1144, DOI: 10.1515/GCC.2009.63, February 2010

Publication History

Published Online:

The Anshel-Anshel-Goldfeld-Lemieux (abbreviated AAGL) key agreement protocol [Contemp. Math. 418: 1–34, 2006] is proposed to be used on low-cost platforms which constraint the use of computational resources. The core of the protocol is the concept of an Algebraic EraserTM (abbreviated AE) which is claimed to be a suitable primitive for use within lightweight cryptography. The AE primitive is based on a new and ingenious idea of using an action of a semidirect product on a (semi)group to obscure involved algebraic structures. The underlying motivation for AAGL protocol is the need to secure networks which deploy Radio Frequency Identification (RFID) tags used for identification, authentication, tracing and point-of-sale applications.

In this paper we revisit the computational problem on which AE relies and heuristically analyze its hardness. We show that for proposed parameter values it is impossible to instantiate a secure protocol. To be more precise, in 100% of randomly generated instances of the protocol we were able to find a secret conjugator z generated by the TTP algorithm (part of AAGL protocol).

Citing Articles

Here you can find all Crossref-listed publications in which this article is cited. If you would like to receive automatic email messages as soon as this article is cited in other publications, simply activate the “Citation Alert” on the top of this page.

Baocang Wang and Yupu Hu
Journal of Applied Mathematics, 2014, Volume 2014, Page 1
Arkadius Kalka, Mina Teicher, and Boaz Tsaban
Advances in Applied Mathematics, 2012, Volume 49, Number 1, Page 57

Comments (0)

Please log in or register to comment.