Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Groups Complexity Cryptology

Managing Editor: Shpilrain, Vladimir / Weil, Pascal

Editorial Board: Ciobanu, Laura / Conder, Marston / Eick, Bettina / Elder, Murray / Fine, Benjamin / Gilman, Robert / Grigoriev, Dima / Ko, Ki Hyoung / Kreuzer, Martin / Mikhalev, Alexander V. / Myasnikov, Alexei / Perret, Ludovic / Roman'kov, Vitalii / Rosenberger, Gerhard / Sapir, Mark / Thomas, Rick / Tsaban, Boaz / Capell, Enric Ventura / Lohrey, Markus

CiteScore 2018: 0.80

SCImago Journal Rank (SJR) 2018: 0.368
Source Normalized Impact per Paper (SNIP) 2018: 1.061

Mathematical Citation Quotient (MCQ) 2017: 0.32

See all formats and pricing
More options …

A nonlinear decomposition attack

Vitaliĭ Roman’kov
Published Online: 2016-10-23 | DOI: https://doi.org/10.1515/gcc-2016-0017


This paper introduces a new type of attack, termed a nonlinear decomposition attack, against two known group-based key agreement protocols, namely, protocol based on extensions of (semi)groups by endomorphisms introduced by Kahrobaei, Shpilrain et al., and the noncommutative Diffie–Hellman protocol introduced by Ko, Lee et al. This attack works efficiently in the case when finitely generated nilpotent (more generally, polycyclic) groups are used as platforms. This attack is based on a deterministic algorithm that finds the secret shared key from the public data in both the protocols under consideration. Furthermore, we show that in this case one can break the schemes without solving the algorithmic problems on which the assumptions are based. The efficacy of the attack depends on the platform group, so it requires a more thorough analysis in each particular case.

Keywords: Group-based cryptography; key agreement protocol; (non)linear decomposition attack,polycyclic group; Diffie–Hellman protocol

MSC 2010: 20F10; 94A60


  • [1]

    Anshel I., Anshel M. and Goldfeld D., An algebraic method for public-key cryptography, Math. Res. Lett. 6 (1999), 287–291. Google Scholar

  • [2]

    Baumslag G., Cannonito F. B., Robinson D. J. S. and Segal D., The algorithmic theory of polycyclic-by-finite groups, J. Algebra 142 (1991), 118–149. Google Scholar

  • [3]

    Ben-Zvi A., Kalka A. and Tsaban B., Cryptanalysis via algebraic spans, preprint 2014, https://eprint.iacr.org/2014/041.

  • [4]

    Bosma W., Cannon J. and Playoust C., The MAGMA algebra system I: The user language, J. Symbolic Comput. 24 (1997), 235–265. Google Scholar

  • [5]

    Cavallo B. and Kahrobaei D., A family of polycyclic groups over which the conjugacy problem is NP-complete, preprint 2014, https://arxiv.org/abs/1403.4153v2.

  • [6]

    Cheon J. and Jun B., A polynomial time algorithm for the braid Diffie–Hellman conjugacy problem, Advances in Cryptology (CRYPTO 2003), Lecture Notes in Comput. Sci. 2729, Springer, Berlin (2003), 212–225. Google Scholar

  • [7]

    Ding J., Miasnikov A. D. and Ushakov A., A linear attack on a key exchange protocol using extensions of matrix semigroups, preprint 2015, https://eprint.iacr.org/2015/018.

  • [8]

    Eick B. and Kahrobaei D., Polycyclic groups: A new platform for cryptology?, preprint 2004, https://arxiv.org/abs/math/0411077.

  • [9]

    Eick B. and Ostheimer G., On the orbit-stabilizer problem for integral matrix actions of polycyclic groups, Math. Comp. 72 (2003), 1511–1529. Google Scholar

  • [10]

    Garber D., Kahrobaei D. and Lam H. T., Analysing the length-based attack on polycyclic groups, preprint 2013, https://arxiv.org/abs/1305.0548v1.

  • [11]

    Garber D., Kaplan S., Teicher M., Tsaban B. and Vishne U., Probabilistic solutions of equations in the braid group, Adv. Appl. Math. 35 (2005), 323–334. Google Scholar

  • [12]

    Garber D., Kaplan S., Teicher M., Tsaban B. and Vishne U., Length-based conjugacy search in the braid group, Algebraic Methods in Cryptography (Mainz/Bochum 2005), Contemp. Math. 418, American Mathematical Society, Providence (2006), 75–87. Google Scholar

  • [13]

    Habeeb M., Kahrobaei D., Koupparis C. and Shpilrain V., Public key exchange using semidirect product of (semi)groups, preprint 2013, https://arxiv.org/abs/1304.6572v1.

  • [14]

    Hall P., Edmonton Notes on Nilpotent Groups, Queen Mary College Math. Notes, Queen Mary College, London, 1969. Google Scholar

  • [15]

    Hughes J. and Tannenbaum A., Length-based attacks for certain group-based encryption rewriting systems, Workshop SECI02 Securite de la Communication sur Internet 2002. Google Scholar

  • [16]

    Janusz G. J., Faithful representations of p-groups at characteristic p, J. Algebra 15 (1970), 335–351. Google Scholar

  • [17]

    Kahrobaei D. and Anshel M., Decision and search in non-abelian Cramer–Shoup public key cryptosystem, Groups Complex. Cryptol. 1 (2009), 217–225. Google Scholar

  • [18]

    Kahrobaei D. and Khan B., A non-commutative generalization of ElGamal key exchange using polycyclic groups, Global Telecommunications Conference 2006 (GLOBECOM ’06), IEEE Press, Piscataway (2006), DOI 10.1109/GLOCOM.2006.290. Google Scholar

  • [19]

    Kahrobaei D. and Koupparis C., Non-commutative digital structures using non-commutative groups, Groups Complex. Cryptol. 4 (2012), 377–384. Google Scholar

  • [20]

    Kahrobaei D., Koupparis C. and Shpilrain V., Key exchange using semidirect product of (semi)groups, Applied Cryptography and Network Security (ACNS 2013), Lecture Notes in Comput. Sci. 7954, Springer, Berlin (2013), 475–486. Google Scholar

  • [21]

    Kahrobaei D., Lam H. and Shpilrain V., Public key exchange using extensions by endomorphisms and matrices over a Galois field, preprint, http://www.sci.ccny.cuny.edu/~shpil/res.html.

  • [22]

    Kahrobaei D. and Shpilrain V., Using semidirect product of (semi)groups in public key cryptography, preprint 2016, https://arxiv.org/abs/1604.05542v1.

  • [23]

    Ko K. H., Lee S. J., Cheon J. H., Han J. W., Kang J. and Park C., New public-key cryptosystem using braid groups, Advances in Cryptology (CRYPTO 2000), Lecture Notes in Comput. Sci. 1880, Springer, Berlin (2000), 166–183. Google Scholar

  • [24]

    Kreuzer M., Myasnikov A. D. and Ushakov A., A linear algebra attack to group-ring-based key exchange protocols, Applied Cryptography and Network Security (ACNS 2014), Lecture Notes in Comput. Sci. 8479, Springer, Berlin (2014), 37–43; https://eprint.iacr.org/2015/018.pdf.

  • [25]

    Leedham-Green C. and Soicher L., Symbolic collection from the left and other strategies, J. Symbolic Comput. 9 (1990), 665–675. Google Scholar

  • [26]

    Lennox J. C. and Robinson D. J. S., The Theory of Infinite Soluble Groups, Oxford Mathematical Monographs, Clarendon Press, Oxford, 2004. Google Scholar

  • [27]

    Mahalanobis A., The Diffie–Hellman key exchange protocol and non-abelian nilpotent groups, Israel J. Math. 165 (2008), 161–87. Google Scholar

  • [28]

    Miasnikov A. G., Shpilrain V. and Ushakov A., Random subgroups of braid groups: An approach to cryptanalysis of a braid group based cryptographic protocol, Public Key Cryptography (PKC 2006), Lecture Notes in Comput. Sci. 3958, Springer, Berlin (2006), 302–314. Google Scholar

  • [29]

    Miasnikov A. G. and Ushakov A., Random subgroups and analysis of the length-based and quotient attacks, J. Math. Cryptol. 2 (2008), 29–61. Google Scholar

  • [30]

    Myasnikov A. G. and Roman’kov V. A., A linear decomposition attack, Groups Complex. Cryptol. 7 (2015), 81–94; see also https://arxiv.org/abs/1412.6401v1.

  • [31]

    Myasnikov A., Shpilrain V. and Ushakov A., Group-Based Cryptography, Adv. Courses Math. CRM Barcelona, Birkhäuser, Basel, 2008. Google Scholar

  • [32]

    Myasnikov A., Shpilrain V. and Ushakov A., Non-Commutative Cryptography and Complexity of Group-theoretic Problems. With appendix by Natalia Mosina, Math. Surveys Monogr. 177, American Mathematical Society, Providence, 2011. Google Scholar

  • [33]

    Myasnikov A. D. and Ushakov A., Length based attack and braid groups: Cryptanalysis of Anshel–Anshel–Godlfeld key exchange protocol, Public Key Cryptography (PKC 2007), Lecture Notes in Comput. Sci. 4450, Springer, Berlin (2007), 76–88. Google Scholar

  • [34]

    Roman’kov V. A., Equations over groups, Groups Complex. Cryptol. 4 (2012), no. 2, 191–239. Google Scholar

  • [35]

    Roman’kov V. A., Algebraic Cryptography (in Russian), Omsk, Omsk State University, 2013. Google Scholar

  • [36]

    Roman’kov V. A., Cryptanalysis of some schemes applying automorphisms (in Russian), Appl. Discrete Math. 3 (2013), 35–51. Google Scholar

  • [37]

    Roman’kov V. A., A polynomial time algorithm for the braid double shielded public key cryptosystems, preprint 2014, https://arxiv.org/abs/1412.5277v1.

  • [38]

    Roman’kov V. A., Linear decomposition attack on public key exchange protocols using semidirect products of (semi)groups, preprint 2015, https://arxiv.org/abs/1501.01152v1.

  • [39]

    Roman’kov V. A. and Menshov A., Cryptanalysis of Andrecut’s public key cryptosystem, preprint 2015, https://arxiv.org/abs/1507.01496v1.

  • [40]

    Segal D., Polycyclic Groups, Cambridge Tracts in Math. 82, Cambridge University Press, Cambridge, 2005. Google Scholar

  • [41]

    Shpilrain V. and Zapata G., Using the subgroup membership search problem in public key cryptography, Algebraic Methods in Cryptography (Mainz/Bochum 2005), Contemp. Math. 418, American Mathematical Society, Providence (2006), 169–181. Google Scholar

  • [42]

    Sims C. C., Computation with Finitely Presented Groups, Encyclopedia Math. Appl. 48, Cambridge University Press, Cambridge, 1994. Google Scholar

  • [43]

    Tsaban B., Practical polynomial time solutions of several major problems in noncommutative-algebraic cryptography (preliminary announcement), preprint 2014, https://eprint.iacr.org/2014/041/20140115:201530.

  • [44]

    Tsaban B., Polynomial time solutions of computational problems in noncommutative algebraic cryptography, J. Cryptology 28 (2015), no. 2, 601–622. Google Scholar

  • [45]

    The GAP group, GAP – Groups, Algorithms and Programming, 2000. Google Scholar

About the article

Received: 2016-07-07

Published Online: 2016-10-23

Published in Print: 2016-11-01

Funding Source: Russian Science Foundation

Award identifier / Grant number: 16-11-10002

This research was supported by Russian Science Foundation (project 16-11-10002).

Citation Information: Groups Complexity Cryptology, Volume 8, Issue 2, Pages 197–207, ISSN (Online) 1869-6104, ISSN (Print) 1867-1144, DOI: https://doi.org/10.1515/gcc-2016-0017.

Export Citation

© 2016 by De Gruyter.Get Permission

Comments (0)

Please log in or register to comment.
Log in