The set of minimal braids is Co-NP-complete
Journal of Algorithms
Average-case computational complexity theory
Complexity theory retrospective II
Word Processing in Groups
New Public-Key Cryptosystem Using Braid Groups
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
A Practical Attack on Some Braid Group Based Cryptographic Primitives
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
One-more matching conjugate problem and security of braid-based signatures
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Towards generating secure keys for braid cryptography
Designs, Codes and Cryptography
Length based attack and braid groups: cryptanalysis of Anshel-Anshel-Goldfeld key exchange protocol
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Transitive signatures from braid groups
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Cryptanalysis of Stickel's key exchange scheme
CSR'08 Proceedings of the 3rd international conference on Computer science: theory and applications
A new hard problem over non-commutative finite groups for cryptographic protocols
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Hi-index | 0.00 |
In this paper we present a practical heuristic attack on the Ko, Lee et al. key exchange protocol introduced at Crypto 2000 [11]. Using this attack, we were able to break the protocol in about 150 minutes with over 95% success rate for typical parameters. One of the ideas behind our attack is using Dehornoy's handle reduction method as a counter measure to diffusion provided by the Garside normal form, and as a tool for simplifying braid words. Another idea employed in our attack is solving the decomposition problem in a braid group rather than the conjugacy search problem.