1 Introduction
In this paper new conjugacy key exchange scheme is proposed. This protocol based on conjugacy problem in non-commutative group [2, 3, 4, 5, 10]. We slightly generalize Ko Lee’s [6] protocol of key exchange. Public key cryptographic schemes based on the new systems are established. The conjugacy search problem in a group is the problem of recovering an from given and . This problem is in the core of several recently suggested public key exchange protocols. One of them is most notably due to Anshel, Anshel, and Goldfeld [2] and another due to Ko et al. [6]. As we know if CCP problem is tractable in then problem of finding by given , , for an arbitrary fixed such that is not from center of , is the common key that Alice and Bob have to generate.
Recently, a novel approach to public key encryption based on the algorithmic difficulty of solving the word and conjugacy problems for finitely presented groups has been proposed in [1, 2]. The method is based on having a canonical minimal length form for words in a given finitely presented group, which can be computed rather rapidly, and in which there is no corresponding fast solution for the conjugacy problem. A key example is the braid group.
We denote by the conjugated element
. We show that efficient algorithm that can distinguish between two probability distributions of
and does not exist. Also, an efficient algorithm which recovers from , and does not exist. This group has representationAs a generators can be chosen two arbitrary commuting elements [8, 10, 7].
Consider non-metacyclic group of Millera Moreno. This group has representation
To find a length of orbit of action by conjugation by we consider the class of conjugacy of elements of form . This class has length because of action as well as increase the power of on 1. Thus, the first repetition of initial power in occurs though conjugations of this word by , where . Therefore, the length of the orbit is .
We need to have an effective algorithm for computation of conjugated elements, if we want to design a key exchange algorithm based on non-commutative DH problem [5]. Due to the relation in metacyclic group, which define the homomorphism to the automorphism group of the , we obtain a formula for finding a conjugated element. Using this formula, we can efficiently calculate the conjugated to element by using the raising to the -th power, where .
There is effective method of checking the equality of elements due to cyclic structure of group and in this group .
We have an effective method of checking the equality of elements in the additive group because of reducing by finite modulo .
2 Proof that conjugacy problem is -hard in . Size of a conjugacy class
The orbit of the given base element must must be long enough if we want to have problem of DL or equally problem of conjugacy in non-commutative group like -hard problem.
Let elements of act by conjugation on , where .
Theorem 1.
The length of conjugacy class of non-central element is equal to .
Proof.
Recall the inner automorphism in is determined by the formula . Let us recall the structure of minimal non-abelian Metacyclic group, namely , where and are finite cyclic groups. Therefore, the formula defines a homomorphism in the subgroup of inner automorphisms . It is well-known that each finite cyclic group is isomorphic to the correspondent additive cyclic group modulo residue . In this group equality of elements can be checked effectively due to reducing the elements of the module group.
Consider the orbit of element under action by conjugation. The length of such orbit can be found from equality as minimal power for which this equality will be true. We apply Newton binomial formula to the expression and taking into account the relation . We obtain
only if with because if . It means that the minimal when this congruence start to holds is equal to . The prime number can be chosen as big as we need [17] which completes the proof. ∎
Let us evaluate the size of subsets with mutually commutative elements. Each of this subset of generated by them subgroups can be chosen as the subgroups of center of group . It is well-known that the semidirect product is closely related to wreath product. The center of the wreath product with non-faithful action were recently studied [11].
Proposition 1.
As it was proved by the author a center of the restricted wreath product with non-trivial coordinates is direct product of normal closure of center of diagonal of , i.e. , trivial an element, and intersection of with . In other words,
where .
Taking into consideration that a semidirect product is the partial case of wreath product the diagonal of degenerates in . Thus, we obtain such formula for the center of semidirect product:
This structure lead to constructive method of finding elements of the center. As it was noted above the elements and are parts of elements of secret key. Therefore as greater a size of center of a considered group as greater a size of a key space of this protocol.
Also commutator subgroup of Sylow 2-subgroup of alternating groups can be used as a support of CSP problem [12, 13, 15].
Definition 2.1.
For an arbitrary we call a -coordinate subgroup a subgroup, which is determined by -coordinate sets , , if this subgroup consists of all Kaloujnine’s tableaux for which .
We denote by a level subgroup of , which consists of the tuples of v.p. from , of any .
As a sets and consisting of mutually commutative elements we can use the set of elements of -coordinate subgroup of , where , or the elements of that is isomorphic to this subgroup. As it was proved by the author [12] the order of is . therefore the growth of mutually commutative sets of elements and is exponential function has.
According to [9] index of center of metacyclic group has index , therefore the order of . Thus, we have possibilities to choose an element as an element of the open key, which is in the protocol of key exchange.
3 Key exchange protocol
Let be subsets from consisting of mutually commutative elements. We make a generalisation of CDH by taking into consideration the subgroups and instead of using . We can do this because the groups and have generating sets and which commute. Because of these mutually commutative generating sets, we know that the subgroups are additionally mutually commutative.
4 Consideration of base steps of the protocol
Input: Elements , and .
Alice selects a private as the random element from the subgroup and computes . The she sends it to Bob. Bob selects a private as the random element from the subgroup and computes . Then he sends it to Alice. Bob computes and Alice computes . Taking into consideration that and are mutually commutative groups we obtain that . Therefore, we have that .
Output: that is the common key of Alice and Bob.
Resistance to a cryptanalysis. But if an analytic use for a cryptanalysis will use for cryptoanalysys solving of conjugacy search problem the method of reduction to solving of decomposition problem [16], then it lead us to solving of discrete logarithm problem in the multiplicative cyclic group . This problem is NP-hard for big .
5 Conclusion
We can choose mutually commutative as subgroups of . As we said above, are chosen from as components of key. According to [8] so size of key-space is . It should be noted that the size of key-space can be chosen as arbitrary big number by choosing the parameters . As an element for exponenting we can choose an arbitrary element but , because the size of orbit in result of action of inner automorphism is always not less than .
References
- [1] Iris Anshel, Michael Anshel, Benji Fisher, and Dorian Goldfeld. New key agreement protocols in braid group cryptography. In Cryptographers’ Track at the RSA Conference, pages 13–27. Springer, 2001.
- [2] Iris Anshel, Michael Anshel, and Dorian Goldfeld. An algebraic method for public-key cryptography. Mathematical Research Letters, 6(3):287–291, 1999.
- [3] Jens-Matthias Bohli, Benjamin Glas, and Rainer Steinwandt. Towards provably secure group key agreement building on group theory. Cryptology ePrint Archive, Report 2006/079, 2006. https://eprint.iacr.org/2006/079.
- [4] Lize Gu, Licheng Wang, Kaoru Ota, Mianxiong Dong, Zhenfu Cao, and Yixian Yang. New public key cryptosystems based on non-abelian factorization problems. Security and Communication Networks, 6(7):912–922, 2013.
- [5] Lize Gu and Shihui Zheng. Conjugacy systems based on nonabelian factorization problems and their applications in cryptography. Journal of Applied Mathematics, 2014, 2014.
- [6] Ki Hyoung Ko, Sang Jin Lee, Jung Hee Cheon, Jae Woo Han, Ju-sung Kang, and Choonsik Park. New public-key cryptosystem using braid groups. In Mihir Bellare, editor, Advances in Cryptology — CRYPTO 2000, pages 166–183, Berlin, Heidelberg, 2000. Springer Berlin Heidelberg.
- [7] Ayoub Otmani, Jean-Pierre Tillich, and Léonard Dallot. Cryptanalysis of two mceliece cryptosystems based on quasi-cyclic codes. Mathematics in Computer Science, 3(2):129–140, 2010.
- [8] I Raievska, M Raievska, and Ya Sysak. Finite local nearrings with split metacyclic additive group. Algebra and discrete mathematics, 22(22, 1):129–152, 2016.
- [9] László Rédei. Das “schiefe produkt” in der gruppentheorie. Commentarii Mathematici Helvetici, 20(1):225–264, 1947.
- [10] Ruslan Viacheslavovich Skuratovskii. Employment of minimal generating sets and structure of sylow 2-subgroups alternating groups in block ciphers. In Advances in Computer Communication and Computational Sciences, pages 351–364. Springer, 2019.
- [11] Ruslan Viacheslavovich Skuratovskii and Aled Williams. Minimal generating set and a structure of the wreath product of groups, and the fundamental group of the orbit morse function. Bulletin of Donetsk National University. Series A: Natural Sciences, 0(1-2):76–96, 2019.
- [12] Skuratovskii R., Commutators subgroups of sylow subgroups of alternating and symmetric groups their minimal generating sets. The XII International Algebraic Conference in Ukraine (2019) Vinnytsia, p. 75.
- [13] Skuratovskii R.V., Generating set of wreath product non faithful action. International Journal of Analysis and Applications Volume 18, No. 1 (2020), pp. 104–116.
- [14] R. V. Skuratovskii, Structure of commutant and centralizer, minimal generating sets of. Sylow 2-subgroups of alternating and symmetric groups. International conference in Ukraine, ATA12. (2017). https://www.imath.kiev.ua/ topology/…/skuratovskiy.pdf
- [15] Skuratovskii R. V., Structure and minimal generating sets of Sylow 2-subgroups of alternating groups. Source: https://arxiv.org/abs/1702.05784v2
- [16] V Shpilrain, A. Ushakov The Conjugacy Search Problem in Public Key Cryptography: Unnecessary and Insufficient. Applicable Algebra in Engineering, Communication and Computing. (2006), volume 17, p. 285 - 289.
- [17] Ivan Matveevich Vinogradov. Elements of number theory. Courier Dover Publications, 2016.
Comments
There are no comments yet.