Length-based cryptanalysis: The case of Thompson’s group

Dima Ruinskiy, Adi Shamir, Boaz Tsaban, Rainer Steinwandt

Research output: Contribution to journalArticlepeer-review

15 Scopus citations

Abstract

The length-based approach is a heuristic for solving randomly generated equations in groups that possess a reasonably behaved length function. We describe several improvements of the previously suggested length-based algorithms, which make them applicable to Thompson’s group with significant success rates. In particular, this shows that the Shpilrain-Ushakov public key cryptosystem based on Thompson’s group is insecure, and suggests that no practical public key cryptosystem based on the difficulty of solving an equation in this group can be secure.

Original languageEnglish
Pages (from-to)359-372
Number of pages14
JournalJournal of Mathematical Cryptology
Volume1
Issue number4
DOIs
StatePublished - Dec 2007

Bibliographical note

Publisher Copyright:
© de Gruyter 2007.

Keywords

  • Combinatorial group theory
  • Cryptography
  • Length-based cryptanalysis
  • Noncommutative cryptography

Fingerprint

Dive into the research topics of 'Length-based cryptanalysis: The case of Thompson’s group'. Together they form a unique fingerprint.

Cite this