Simran Tinani,Carlo Matteotti,Joachim Rosenthal

2023-10-08

Abstract:In the recently emerging field of nonabelian group-based cryptography, a prominently used one-way function is the Conjugacy Search Problem (CSP), and two important classes of platform groups are polycyclic and matrix groups. In this paper, we discuss the complexity of the conjugacy search problem (CSP) in these two classes of platform groups using the three protocols in [10], [26], and [29] as our starting point. We produce a polynomial time solution for the CSP in a finite polycyclic group with two generators, and show that a restricted CSP is reducible to a DLP. In matrix groups over finite fields, we usedthe Jordan decomposition of a matrix to produce a polynomial time reduction of an A-restricted CSP, where A is a cyclic subgroup of the general linear group, to a set of DLPs over an extension of Fq. We use these general methods and results to describe concrete cryptanalysis algorithms for these three systems. In particular, we show that in the group of invertible matrices over finite fields and in polycyclic groups with two generators, a CSP where conjugators are restricted to a cyclic subgroup is reducible to a set of O(n2) discrete logarithm problems. Using our general results, we demonstrate concrete cryptanalysis algorithms for each of these three schemes. We believe that our methods and findings are likely to allow for several other heuristic attacks in the general case.

Cryptography and Security,Computational Complexity

Delaram Kahrobaei,Carmine Monetta,Ludovic Perret,Maria Tota,Martina Vigorito

2023-09-25

Abstract:There are many group-based cryptosystems in which the security relies on the difficulty of solving Conjugacy Search Problem (CSP) and Simultaneous Conjugacy Search Problem (SCSP) in their underlying platform groups. In this paper we give a cryptanalysis of these systems which use certain semidirect product of abelian groups.

Group Theory,Cryptography and Security

DANIEL J. KELLEHER,BENJAMIN A. STEINHURST,CHUEN-MING M. WONG

DOI: https://doi.org/10.1142/s0218196712500567

2012-11-01

International Journal of Algebra and Computation

Abstract:We explore the relationship between the limit spaces of contracting self-similar groups and self-similar structures. We give the condition on a contracting group such that its limit space admits a self-similar structure, and also the condition such that this self-similar structure is post-critically finite (p.c.f.). We then give necessary and sufficient conditions for a p.c.f. self-similar structure to be the limit space of a contracting self-similar group. When these conditions hold we give a construction of the contracting group. Finally, we illustrate our results with several examples.

mathematics

Salim Ali Altug,Yilei Chen

DOI: https://doi.org/10.48550/arXiv.1810.00022

2019-05-15

Abstract:We initiate the study of computational problems on elliptic curve isogeny graphs defined over RSA moduli. We conjecture that several variants of the neighbor-search problem over these graphs are hard, and provide a comprehensive list of cryptanalytic attempts on these problems. Moreover, based on the hardness of these problems, we provide a construction of groups with infeasible inversion, where the underlying groups are the ideal class groups of imaginary quadratic orders. Recall that in a group with infeasible inversion, computing the inverse of a group element is required to be hard, while performing the group operation is easy. Motivated by the potential cryptographic application of building a directed transitive signature scheme, the search for a group with infeasible inversion was initiated in the theses of Hohenberger and Molnar (2003). Later it was also shown to provide a broadcast encryption scheme by Irrer et al. (2004). However, to date the only case of a group with infeasible inversion is implied by the much stronger primitive of self-bilinear map constructed by Yamakawa et al. (2014) based on the hardness of factoring and indistinguishability obfuscation (iO). Our construction gives a candidate without using iO.

Number Theory,Cryptography and Security,Algebraic Geometry

Nathan Keller,Noam Lifshitz,Ohad Sheinfeld

2023-10-27

Abstract:We study covering numbers of subsets of the symmetric group $S_n$ that exhibit closure under conjugation, known as \emph{normal} sets. We show that for any $\epsilon>0$, there exists $n_0$ such that if $n>n_0$ and $A$ is a normal subset of the symmetric group $S_n$ of density $\ge e^{-n^{2/5 - \epsilon}}$, then $A^2 \supseteq A_n$. This improves upon a seminal result of Larsen and Shalev (Inventiones Math., 2008), with our $2/5$ in the double exponent replacing their $1/4$. Our proof strategy combines two types of techniques. The first is `traditional' techniques rooted in character bounds and asymptotics for the Witten zeta function, drawing from the foundational works of Liebeck--Shalev, Larsen--Shalev, and more recently, Larsen--Tiep. The second is a sharp hypercontractivity theorem in the symmetric group, which was recently obtained by Keevash and Lifshitz. This synthesis of algebraic and analytic methodologies not only allows us to attain our improved bounds but also provides new insights into the behavior of general independent sets in normal Cayley graphs over symmetric groups.

Combinatorics,Representation Theory,Group Theory

Gorjan Alagic,Cristopher Moore,Alexander Russell

DOI: https://doi.org/10.48550/arXiv.quant-ph/0603251

2007-01-26

Abstract:Daniel Simon's 1994 discovery of an efficient quantum algorithm for solving the hidden subgroup problem (HSP) over Z_2^n provided one of the first algebraic problems for which quantum computers are exponentially faster than their classical counterparts. In this paper, we study the generalization of Simon's problem to arbitrary groups. Fixing a finite group G, this is the problem of recovering an involution m = (m_1, ..., m_n) in G^n from an oracle f with the property that f(x) = f(xy) iff y equals m or the identity. In the current parlance, this is the hidden subgroup problem (HSP) over groups of the form G^n, where G is a nonabelian group of constant size, and where the hidden subgroup is either trivial or has order two. Although groups of the form G^n have a simple product structure, they share important representation-theoretic properties with the symmetric groups S_n, where a solution to the HSP would yield a quantum algorithm for Graph Isomorphism. In particular, solving their HSP with the so-called ``standard method'' requires highly entangled measurements on the tensor product of many coset states. Here we give quantum algorithms with time complexity 2^O(sqrt(n log n)) that recover hidden involutions m = (m_1, ..., m_n) in G^n where, as in Simon's problem, each m_i is either the identity or the conjugate of a known element k, and there is a character X of G for which X(k) = -X(1)$. Our approach combines the general idea behind Kuperberg's sieve for dihedral groups with the ``missing harmonic'' approach of Moore and Russell. These are the first nontrivial hidden subgroup algorithms for group families that require highly entangled multiregister Fourier sampling.

Quantum Physics

Joseph Macula,Katherine E. Stange

2024-10-01

Abstract:We introduce a new tool for the study of isogeny-based cryptography, namely pairings which are sesquilinear (conjugate linear) with respect to the $\mathcal{O}$-module structure of an elliptic curve with CM by an imaginary quadratic order $\mathcal{O}$. We use these pairings to study the security of problems based on the class group action on collections of oriented ordinary or supersingular elliptic curves. This extends work of both (Castryck, Houben, Merz, Mula, Buuren, Vercauteren, 2023) and (De Feo, Fouotsa, Panny, 2024).

Number Theory,Cryptography and Security

Rajesh Krishnan,Ravi Sundaram

DOI: https://doi.org/10.48550/arXiv.1403.8137

2014-04-01

Abstract:Confidential Content-Based Publish/Subscribe (C-CBPS) is an interaction (pub/sub) model that allows parties to exchange data while still protecting their security and privacy interests. In this paper we advance the state of the art in C-CBPS by showing how all predicate circuits in NC1 (logarithmic-depth, bounded fan-in) can be securely computed by a broker while guaranteeing perfect information-theoretic security. Previous work could handle only strictly shallower circuits (e.g. those with depth O(\sqrt{\lg n}) [SYY99, V76]. We present three protocols -- UGP-Match, FSGP-Match and OFSGP-Match -- all three are based on (2-decomposable randomized encodings of) group programs and handle circuits in NC1. UGP-Match is conceptually simple and has a clean proof of correctness but it is inefficient and impractical. FSGP-Match uses a "fixed structure" trick to achieve efficiency and scalability. And, finally, OFSGP-Match uses hand-optimized group programs to wring greater efficiencies. We complete our investigation with an experimental evaluation of a prototype implementation.

Cryptography and Security

Delaram Kahrobaei,Marialaura Noce,Emanuele Rodaro

2023-06-18

Abstract:In 1991 the first public key protocol involving automaton groups has been proposed. In this paper we give a survey about algorithmic problems around automaton groups which may have potential applications in cryptography. We then present a new public key protocol based on the conjugacy search problem in some families of automaton groups. At the end we offer open problems that could be of interest of group theorists and computer scientists in this direction.

Group Theory

Yuval Filmus,Guy Kindler,Noam Lifshitz,Dor Minzer

DOI: https://doi.org/10.1017/fms.2023.118

2024-01-09

Forum of Mathematics Sigma

Abstract:The hypercontractive inequality is a fundamental result in analysis, with many applications throughout discrete mathematics, theoretical computer science, combinatorics and more. So far, variants of this inequality have been proved mainly for product spaces, which raises the question of whether analogous results hold over non-product domains. We consider the symmetric group, , one of the most basic non-product domains, and establish hypercontractive inequalities on it. Our inequalities are most effective for the class of global functions on , which are functions whose -norm remains small when restricting coordinates of the input, and assert that low-degree, global functions have small q-norms, for . As applications, we show the following: 1. An analog of the level-d inequality on the hypercube, asserting that the mass of a global function on low degrees is very small. We also show how to use this inequality to bound the size of global, product-free sets in the alternating group . 2. Isoperimetric inequalities on the transposition Cayley graph of for global functions that are analogous to the KKL theorem and to the small-set expansion property in the Boolean hypercube. 3. Hypercontractive inequalities on the multi-slice and stability versions of the Kruskal–Katona Theorem in some regimes of parameters.

mathematics, applied

Claudio Bravo,Benoit Loisel

2024-08-09

Abstract:Let $\mathcal{C}$ be a smooth, projective, geometrically integral curve defined over a perfect field $\mathbb{F}$. Let $k=\mathbb{F}(\mathcal{C})$ be the function field of $\mathcal{C}$. Let $\mathbf{G}$ be a split simply connected semisimple $\mathbb{Z}$-group scheme. Let $\mathcal{S}$ be a finite set of places of $\mathcal{C}$. In this paper, we investigate on the conjugacy classes of maximal unipotent subgroups of $\mathcal{S}$-arithmetic subgroups. These are parameterized thanks to the Picard group of $\mathcal{O}_{\mathcal{S}}$ and the rank of $\mathbf{G}$. Furthermore, these maximal unipotent subgroups can be realized as the unipotent part of natural stabilizer, which are the stabilizers of sectors of the associated Bruhat-Tits building. We decompose these natural stabilizers in terms of their diagonalisable part and unipotent part, and we precise the group structure of the diagonalisable part.

Group Theory,Number Theory

Amy M. Fu,Alain Lascoux

DOI: https://doi.org/10.48550/arXiv.math/0612828

2006-12-28

Abstract:We give non-symmetric versions of the Cauchy kernel and Littlewood's kernels, corresponding to the types $A_n$, $B_n$, $C_n$ and $D_n$, of the classical groups. We show that these new kernels are diagonal in the basis of two families of key polynomials (one of them being Demazure characters) obtained as images of dominant monomials under isobaric divided differences. We define scalar products such that the two families of key polynomials are adjoint to each other.

Combinatorics

Ahmad Erfanian,Francesco G. Russo,Nor Haniza Sarmin

DOI: https://doi.org/10.1142/s1793557111000216

2011-06-01

Abstract:The nonabelian tensor square G ⊗ G of a polycyclic group G is a polycyclic group and its structure arouses interest in many contexts. The same assertion is still true for wider classes of solvable groups. This motivated us to work on two levels in the present paper: on a hand, we investigate the growth of the Hirsch length of G ⊗ G by looking at that of G, on another hand, we study the nonabelian tensor product of pro–p–groups of finite coclass, which are a remarkable class of solvable groups without center, and then we do considerations on their Hirsch length. Among other results, restrictions on the Schur multiplier will be discussed.

English Else

James Belk,Francesco Matucci

2024-05-17

Abstract:We give a short proof that every contracting self-similar group embeds into a finitely presented simple group. In particular, any contracting self-similar group embeds into the corresponding Röver--Nekrashevych group, and this in turn embeds into one of the twisted Brin--Thompson groups introduced by the first author and Matthew Zaremsky. The proof here is a simplification of a more general argument given by the authors, Collin Bleak, and Matthew Zaremsky for contracting rational similarity groups.

Group Theory

Guixin Jiang,Zixian Li,Haibin Wang,Sunil Kumar Jha

DOI: https://doi.org/10.1007/s10773-024-05676-x

2024-05-31

International Journal of Theoretical Physics

Abstract:Secure computational geometry (SCG) is an important type of secure multi-party computation (SMC) problem, which studies how to calculate the relationship of several geometric objects securely. Quantum SCG (QSCG) can achieve higher security than classical SCG protocols, but the achievements of QSCG are still limited at present. In this paper, we define a new SCG problem: the secure clockwise sorting (SCS) problem, and propose a quantum protocol to solve it. We first propose a quantum secure clockwise comparison subprotocol, where the cross and scalar products of two vectors are calculated by using a quantum secure two-party scalar product protocol, and then the relative clockwise order of two points is determined. Based on the subprotocol, we then give a quantum SCS protocol to determine the clockwise order of a series of points. Finally, we show the correctness, security, and efficiency of our protocol through detailed performance analysis.

physics, multidisciplinary

Jan Moritz Petschick,Anitha Thillaisundaram

DOI: https://doi.org/10.48550/arXiv.2201.03266

2022-01-10

Group Theory

Abstract:Spinal groups and multi-GGS groups are both generalisations of the well-known Grigorchuk-Gupta-Sidki (GGS-)groups. Here we give a necessary condition for spinal groups to be conjugate, and we establish a necessary and sufficient condition for multi-GGS groups to be conjugate. We also introduce a natural common generalisation of both classes, which we call polyspinal groups. Our results enable us to give a negative answer to a question of Bartholdi, Grigorchuk and Sunik, on whether every finitely generated branch group is isomorphic to a weakly branch spinal group.

Vladimir Shpilrain

DOI: https://doi.org/10.48550/arXiv.1802.07300

2018-03-05

Abstract:This is a survey of algorithmic problems in group theory, old and new, motivated by applications to cryptography.

Group Theory,Cryptography and Security

Michael Anshel,Delaram Kahrobaei

DOI: https://doi.org/10.48550/arXiv.1309.4519

2013-09-18

Abstract:A method for non-abelian Cramer-Shoup cryptosystem is presented. The role of decision and search is explored, and the platform of solvable/polycyclic group is suggested. In the process we review recent progress in non-abelian cryptography and post some open problems that naturally arise from this path of research.

Group Theory,Cryptography and Security

Shun-Dong Li,Yi-Qi Dai

DOI: https://doi.org/10.1007/s11390-005-0258-z

IF: 1.871

2005-01-01

Journal of Computer Science and Technology

Abstract:Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric problems, and in doing so a building block is developed,the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.

Frederik Armknecht,Tommaso Gagliardoni,Stefan Katzenbeisser,Andreas Peter

DOI: https://doi.org/10.48550/arXiv.1401.2417

2014-01-14

Abstract:Group homomorphic encryption represents one of the most important building blocks in modern cryptography. It forms the basis of widely-used, more sophisticated primitives, such as CCA2-secure encryption or secure multiparty computation. Unfortunately, recent advances in quantum computation show that many of the existing schemes completely break down once quantum computers reach maturity (mainly due to Shor's algorithm). This leads to the challenge of constructing quantum-resistant group homomorphic cryptosystems. In this work, we prove the general impossibility of (abelian) group homomorphic encryption in the presence of quantum adversaries, when assuming the IND-CPA security notion as the minimal security requirement. To this end, we prove a new result on the probability of sampling generating sets of finite (sub-)groups if sampling is done with respect to an arbitrary, unknown distribution. Finally, we provide a sufficient condition on homomorphic encryption schemes for our quantum attack to work and discuss its satisfiability in non-group homomorphic cases. The impact of our results on recent fully homomorphic encryption schemes poses itself as an open question.

Cryptography and Security,Group Theory