Short expressions of permutations as products and cryptanalysis of the Algebraic Eraser

Arkadius Kalka; Mina Teicher; Boaz Tsaban

doi:10.1016/j.aam.2012.03.001

Short expressions of permutations as products and cryptanalysis of the Algebraic Eraser

Arkadius Kalka, Mina Teicher, Boaz Tsaban

Department of Mathematics

Bar-Ilan University

Research output: Contribution to journal › Article › peer-review

Abstract

On March 2004, Anshel, Anshel, Goldfeld, and Lemieux introduced the Algebraic Eraser scheme for key agreement over an insecure channel, using a novel hybrid of infinite and finite noncommutative groups. They also introduced the Colored Burau Key Agreement Protocol (CBKAP), a concrete realization of this scheme. We present general, efficient heuristic algorithms, which extract the shared key out of the public information provided by CBKAP. These algorithms are, according to heuristic reasoning and according to massive experiments, successful for all sizes of the security parameters, assuming that the keys are chosen with standard distributions. Our methods come from probabilistic group theory (permutation group actions and expander graphs). In particular, we provide a simple algorithm for finding short expressions of permutations in ^Sn, as products of given random permutations. Heuristically, our algorithm gives expressions of length O( ⁿ²logn), in time and space O( ⁿ³). Moreover, this is provable from the Minimal Cycle Conjecture, a simply stated hypothesis concerning the uniform distribution on ^Sn. Experiments show that the constants in these estimations are small. This is the first practical algorithm for this problem for n≥256. Algebraic Eraser is a trademark of SecureRF. The variant of CBKAP actually implemented by SecureRF uses proprietary distributions, and thus our results do not imply its vulnerability.

Original language	English
Pages (from-to)	57-76
Number of pages	20
Journal	Advances in Applied Mathematics
Volume	49
Issue number	1
DOIs	https://doi.org/10.1016/j.aam.2012.03.001
State	Published - Jul 2012

Keywords

Algebraic Eraser
Colored Burau Key Agreement Protocol (CBKAP)
Expander
Expressions of permutations
Minimal Cycle Conjecture
Symmetric group

All Science Journal Classification (ASJC) codes

Applied Mathematics

Access to Document

10.1016/j.aam.2012.03.001

Cite this

@article{4f4e4f5a25b442c5b562f5601b8713c6,

title = "Short expressions of permutations as products and cryptanalysis of the Algebraic Eraser",

abstract = "On March 2004, Anshel, Anshel, Goldfeld, and Lemieux introduced the Algebraic Eraser scheme for key agreement over an insecure channel, using a novel hybrid of infinite and finite noncommutative groups. They also introduced the Colored Burau Key Agreement Protocol (CBKAP), a concrete realization of this scheme. We present general, efficient heuristic algorithms, which extract the shared key out of the public information provided by CBKAP. These algorithms are, according to heuristic reasoning and according to massive experiments, successful for all sizes of the security parameters, assuming that the keys are chosen with standard distributions. Our methods come from probabilistic group theory (permutation group actions and expander graphs). In particular, we provide a simple algorithm for finding short expressions of permutations in Sn, as products of given random permutations. Heuristically, our algorithm gives expressions of length O( n2logn), in time and space O( n3). Moreover, this is provable from the Minimal Cycle Conjecture, a simply stated hypothesis concerning the uniform distribution on Sn. Experiments show that the constants in these estimations are small. This is the first practical algorithm for this problem for n≥256. Algebraic Eraser is a trademark of SecureRF. The variant of CBKAP actually implemented by SecureRF uses proprietary distributions, and thus our results do not imply its vulnerability.",

keywords = "Algebraic Eraser, Colored Burau Key Agreement Protocol (CBKAP), Expander, Expressions of permutations, Minimal Cycle Conjecture, Symmetric group",

author = "Arkadius Kalka and Mina Teicher and Boaz Tsaban",

note = "Funding Information: This research was partially supported by the Oswald Veblen Fund, the Emmy Noether Research Institute for Mathematics, and the Minerva Foundation of Germany. We thank John Dixon for his proof of Theorem 8. We thank L{\'a}szl{\'o} Babai, Dorian Goldfeld, Stephen Miller, {\'A}kos Seress, and Adi Shamir, for fruitful discussions. A special thanks is owed to Martin Kassabov, for comprehensive suggestions which improved the presentation of this paper, and for pointing out to us the present version of Step 2 of our algorithm. This version seems to be folklore, but we have initially used a less efficient variant. We also thank Alexander Hulpke and Stefan Kohl for useful information about GAP. Our full attack on the Algebraic Eraser was implemented using MAGMA [8].",

year = "2012",

month = jul,

doi = "10.1016/j.aam.2012.03.001",

language = "الإنجليزيّة",

volume = "49",

pages = "57--76",

journal = "Advances in Applied Mathematics",

issn = "0196-8858",

publisher = "Academic Press Inc.",

number = "1",

}

TY - JOUR

T1 - Short expressions of permutations as products and cryptanalysis of the Algebraic Eraser

AU - Kalka, Arkadius

AU - Teicher, Mina

AU - Tsaban, Boaz

N1 - Funding Information: This research was partially supported by the Oswald Veblen Fund, the Emmy Noether Research Institute for Mathematics, and the Minerva Foundation of Germany. We thank John Dixon for his proof of Theorem 8. We thank László Babai, Dorian Goldfeld, Stephen Miller, Ákos Seress, and Adi Shamir, for fruitful discussions. A special thanks is owed to Martin Kassabov, for comprehensive suggestions which improved the presentation of this paper, and for pointing out to us the present version of Step 2 of our algorithm. This version seems to be folklore, but we have initially used a less efficient variant. We also thank Alexander Hulpke and Stefan Kohl for useful information about GAP. Our full attack on the Algebraic Eraser was implemented using MAGMA [8].

PY - 2012/7

Y1 - 2012/7

N2 - On March 2004, Anshel, Anshel, Goldfeld, and Lemieux introduced the Algebraic Eraser scheme for key agreement over an insecure channel, using a novel hybrid of infinite and finite noncommutative groups. They also introduced the Colored Burau Key Agreement Protocol (CBKAP), a concrete realization of this scheme. We present general, efficient heuristic algorithms, which extract the shared key out of the public information provided by CBKAP. These algorithms are, according to heuristic reasoning and according to massive experiments, successful for all sizes of the security parameters, assuming that the keys are chosen with standard distributions. Our methods come from probabilistic group theory (permutation group actions and expander graphs). In particular, we provide a simple algorithm for finding short expressions of permutations in Sn, as products of given random permutations. Heuristically, our algorithm gives expressions of length O( n2logn), in time and space O( n3). Moreover, this is provable from the Minimal Cycle Conjecture, a simply stated hypothesis concerning the uniform distribution on Sn. Experiments show that the constants in these estimations are small. This is the first practical algorithm for this problem for n≥256. Algebraic Eraser is a trademark of SecureRF. The variant of CBKAP actually implemented by SecureRF uses proprietary distributions, and thus our results do not imply its vulnerability.

AB - On March 2004, Anshel, Anshel, Goldfeld, and Lemieux introduced the Algebraic Eraser scheme for key agreement over an insecure channel, using a novel hybrid of infinite and finite noncommutative groups. They also introduced the Colored Burau Key Agreement Protocol (CBKAP), a concrete realization of this scheme. We present general, efficient heuristic algorithms, which extract the shared key out of the public information provided by CBKAP. These algorithms are, according to heuristic reasoning and according to massive experiments, successful for all sizes of the security parameters, assuming that the keys are chosen with standard distributions. Our methods come from probabilistic group theory (permutation group actions and expander graphs). In particular, we provide a simple algorithm for finding short expressions of permutations in Sn, as products of given random permutations. Heuristically, our algorithm gives expressions of length O( n2logn), in time and space O( n3). Moreover, this is provable from the Minimal Cycle Conjecture, a simply stated hypothesis concerning the uniform distribution on Sn. Experiments show that the constants in these estimations are small. This is the first practical algorithm for this problem for n≥256. Algebraic Eraser is a trademark of SecureRF. The variant of CBKAP actually implemented by SecureRF uses proprietary distributions, and thus our results do not imply its vulnerability.

KW - Algebraic Eraser

KW - Colored Burau Key Agreement Protocol (CBKAP)

KW - Expander

KW - Expressions of permutations

KW - Minimal Cycle Conjecture

KW - Symmetric group

UR - http://www.scopus.com/inward/record.url?scp=84861596547&partnerID=8YFLogxK

U2 - 10.1016/j.aam.2012.03.001

DO - 10.1016/j.aam.2012.03.001

M3 - مقالة

SN - 0196-8858

VL - 49

SP - 57

EP - 76

JO - Advances in Applied Mathematics

JF - Advances in Applied Mathematics

IS - 1

ER -

Short expressions of permutations as products and cryptanalysis of the Algebraic Eraser

Abstract

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this