Abstract
The length-based approach is a heuristic for solving randomly generated equations in groups that possess a reasonably behaved length function. We describe several improvements of the previously suggested length-based algorithms, which make them applicable to Thompson’s group with significant success rates. In particular, this shows that the Shpilrain-Ushakov public key cryptosystem based on Thompson’s group is insecure, and suggests that no practical public key cryptosystem based on the difficulty of solving an equation in this group can be secure.
Original language | English |
---|---|
Pages (from-to) | 359-372 |
Number of pages | 14 |
Journal | Journal of Mathematical Cryptology |
Volume | 1 |
Issue number | 4 |
DOIs | |
State | Published - Dec 2007 |
Bibliographical note
Publisher Copyright:© de Gruyter 2007.
Keywords
- Combinatorial group theory
- Cryptography
- Length-based cryptanalysis
- Noncommutative cryptography