Jintai Ding,Alexei Miasnikov,Alexander Ushakov

2015-01-01

Abstract:In this paper we analyze the Kahrobaei-Lam-Shpilrain (KLS) key exchange protocols that use extensions by endomorpisms of matrices over a Galois field proposed in [2]. We show that both protocols are vulnerable to a simple linear algebra attack.

Keita Suzuki,Koji Nuida

DOI: https://doi.org/10.48550/arXiv.2107.05924

2022-05-19

Abstract:Akiyama et al. (Int. J. Math. Indust., 2019) proposed a post-quantum key exchange protocol that is based on the hardness of solving a system of multivariate non-linear polynomial equations but has a design strategy different from ordinary multivariate cryptography. Their protocol has two versions, an original one and a modified one, where the modified one has a trade-off that its security is strengthened while it has non-zero error probability in establishing a common key. In fact, the evaluation in their paper suggests that the probability of failing to establish a common key by the modified protocol with the proposed parameter set is impractically high. In this paper, we improve the success probability of Akiyama et al.'s modified key exchange protocol significantly while keeping the security, by restricting each component of the correct common key from the whole of the coefficient field to its small subset. We give theoretical and experimental evaluations showing that our proposed parameter set for our protocol is expected to achieve both failure probability $2^{-120}$ and $128$-bit security level.

Cryptography and Security

A. Otero Sánchez,J. A. López Ramos,A. Otero Sanchez,J. A. Lopez Ramos

DOI: https://doi.org/10.1142/s0219498825502299

2024-02-28

Journal of Algebra and Its Applications

Abstract:We show that a previously introduced key exchange based on a congruence-simple semiring action is not secure by providing an attack that reveals the shared key from the distributed public information for any of such semirings.

mathematics, applied

Otero Sanchez Alvaro,Lopez Ramos Juan Antonio

2024-02-13

Abstract:We show that a previously introduced key exchange based on a congruence-simple semiring action is not secure by providing an attack that reveals the shared key from the distributed public information for any of such semirings

Cryptography and Security

Dylan Rudy,Chris Monico

DOI: https://doi.org/10.48550/arXiv.2005.04363

2020-09-22

Abstract:We consider a key-exchange protocol based on matrices over a tropical semiring which was recently proposed in \cite{grig19}. We show that a particular private parameter of that protocol can be recovered with a simple binary search, rendering it insecure.

Cryptography and Security

Houzhen Wang,Huanguo Zhang,Shaohua Tang

DOI: https://doi.org/10.1049/iet-ifs.2015.0183

2015-01-01

IET Information Security

Abstract:Eight years ago, Pei et al. described a matrix public-key encryption scheme based on the matrix factorisation over a finite field. Recently, Gu and Zheng also proposed a similar scheme based on the non-abelian factorisation assumption. The security of these schemes is essentially based on a two-side matrices exponentiation (TSME) problem. In this study, the authors show that the TSME problem is susceptible to a very efficient linearisation equations attack. Regardless of the public key parameters, the authors can easily find an equivalent key only in polynomial time O(2n(5)(log n +1)) from the public key alone, and thus it is very practical and can be implemented within less than 1/20 of a second on the recommended system parameters of the schemes.

Simran Tinani,Carlo Matteotti,Joachim Rosenthal

2023-10-08

Abstract:In the recently emerging field of nonabelian group-based cryptography, a prominently used one-way function is the Conjugacy Search Problem (CSP), and two important classes of platform groups are polycyclic and matrix groups. In this paper, we discuss the complexity of the conjugacy search problem (CSP) in these two classes of platform groups using the three protocols in [10], [26], and [29] as our starting point. We produce a polynomial time solution for the CSP in a finite polycyclic group with two generators, and show that a restricted CSP is reducible to a DLP. In matrix groups over finite fields, we usedthe Jordan decomposition of a matrix to produce a polynomial time reduction of an A-restricted CSP, where A is a cyclic subgroup of the general linear group, to a set of DLPs over an extension of Fq. We use these general methods and results to describe concrete cryptanalysis algorithms for these three systems. In particular, we show that in the group of invertible matrices over finite fields and in polycyclic groups with two generators, a CSP where conjugators are restricted to a cyclic subgroup is reducible to a set of O(n2) discrete logarithm problems. Using our general results, we demonstrate concrete cryptanalysis algorithms for each of these three schemes. We believe that our methods and findings are likely to allow for several other heuristic attacks in the general case.

Cryptography and Security,Computational Complexity

Mohammad Eftekhari

DOI: https://doi.org/10.48550/arXiv.1503.04779

2015-03-17

Abstract:We address a cryptanalysis of two protocols based on the supposed difficulty of discrete logarithm problem on (semi) groups of matrices over a group ring. We can find the secret key and break entirely the protocols.

Cryptography and Security

Mariana Durcheva,Kiril Danilchenko

DOI: https://doi.org/10.3390/math12101429

IF: 2.4

2024-05-07

Mathematics

Abstract:In the quest for robust and efficient digital communication, this paper introduces cutting-edge key exchange protocols leveraging the computational prowess of tropical semirings and the structural resilience of block matrices. Moving away from the conventional use of finite fields, these protocols deliver markedly faster processing speeds and heightened security. We present two implementations of our concept, each utilizing a different platform for the set of commuting matrices: one employing tropical polynomials of matrices and the other employing Linde–de la Puente matrices. The inherent simplicity of tropical semirings leads to a decrease in operational complexity, while using block matrices enhances our protocols' security profile. The security of these protocols relies on the Matrix Decomposition Problem. In addition, we provide a comparative analysis of our protocols against existing matrix block-based protocols in finite fields. This research marks a significant shift in cryptographic protocol design, is specifically tailored for demanding engineering applications, and sets a new standard in secure and efficient digital communication.

mathematics

Debiao He,Jianhua Chen,Jin Hu

DOI: https://doi.org/10.31449/inf.v34i3.308

2010-01-01

Informatica

Abstract:Key exchange protocols allow two or more parties communicating over a public network to establish a common secret key called a session key. Due to their significance in building a secure communication channel, a number of key exchange protocols have been suggested over the years for a variety of settings. Among these is the so-called S-3PAKE protocol proposed by Lu and Cao for passwordauthenticated key exchange in the three-party setting. In the current work, we are concerned with the password security of the S-3PAKE protocol. We first show that S-3PAKE is vulnerable to an off-line dictionary attack in which an attacker exhaustively enumerates all possible passwords in an off-line manner to determine the correct one. We then figure out how to eliminate the security vulnerability of S3PAKE.

Jacob Ginesin,Cristina Nita-Rotaru

2024-12-08

Abstract:Secure instant group messaging applications such as WhatsApp, Facebook Messenger, Matrix, and the Signal Application have become ubiquitous in today's internet, cumulatively serving billions of users. Unlike WhatsApp, for example, Matrix can be deployed in a federated manner, allowing users to choose which server manages their chats. To account for this difference in architecture, Matrix employs two novel cryptographic protocols: Olm, which secures pairwise communications, and Megolm, which relies on Olm and secures group communications. Olm and Megolm are similar to and share security goals with Signal and Sender Keys, which are widely deployed in practice to secure group communications. While Olm, Megolm, and Sender Keys have been manually analyzed in the computational model, no symbolic analysis nor mechanized proofs of correctness exist. Using mechanized proofs and computer-aided analysis is important for cryptographic protocols, as hand-written proofs and analysis are error-prone and often carry subtle mistakes. Using Verifpal, we construct formal models of Olm and Megolm, as well as their composition. We prove various properties of interest about Olm and Megolm, including authentication, confidentiality, forward secrecy, and post-compromise security. We also mechanize known limitations, previously discovered attacks, and trivial attacker wins from the specifications and previous literature. Finally, we model Sender Keys and the composition of Signal with Sender Keys in order to draw a comparison with Olm, Megolm, and their composition. From our analysis we conclude the composition of Olm and Megolm has comparable security to the composition of Signal and Sender Keys if Olm pre-keys are signed, and provably worse post-compromise security if Olm pre-keys are not signed.

Cryptography and Security

Xiangjun Xin,Chaoyang Li,Dongsheng Chen,Fagen Li

DOI: https://doi.org/10.14257/ijhit.2016.9.2.11

2016-01-01

International Journal of Hybrid Information Technology

Abstract:In the paper, we analyze the security vulnerability of the key agreement protocol proposed by Lee et al.'s. We present a forgery attack to their protocol. In this attack, the adversary can modify the signed message and forge a new signature, which can pass the verification. Then, we propose a new group key agreement protocol, which overcomes this security drawback. The new protocol can be proved to be secure under Elliptic Curve Discrete Logarithm Problem, Bilinear Computational Diffie–Hellman Problem and Square-Exponent Problem. On the other hand, in the new protocol, only three pairing operations are used, so it is more efficient. Our protocol is also a contributory group key agreement protocol.

Zijian Zhang,Liehuang Zhu,Lejian Liao,Mingzhong Wang

DOI: https://doi.org/10.1016/j.ins.2012.04.029

IF: 8.1

2012-11-01

Information Sciences

Abstract:The security of the group key exchange protocols has been widely studied in the cryptographic community in recent years. Current work usually applies either the computational approach or the symbolic approach for security analysis.The symbolic approach is more efficient than the computational approach, because it can be easily automated. However, compared with the computational approach, it has to overcome three challenges: (1) The computational soundness is unclear; (2) the number of participants must be fixed; and (3) the advantage of efficiency disappears, if the number of participants is large.This paper proposes a computationally sound symbolic security reduction approach to resolve these three issues. On one hand, combined with the properties of the bilinear pairings, the universally composable symbolic analysis (UCSA) approach is extended from the two-party protocols to the group key exchange protocols. Meanwhile, the computational soundness of the symbolic approach is guaranteed. On the other hand, for the group key exchange protocols which satisfy the syntax of the simple protocols proposed in this paper, the security is proved to be unrelated with the number of participants. As a result, the symbolic approach just needs to deal with the protocols among three participants. This makes the symbolic approach has the ability to handle arbitrary number of participants. Therefore, the advantage of efficiency is still guaranteed. The proposed approach can also be applied to other types of cryptographic primitives besides bilinear pairing for computationally sound and efficient symbolic analysis of group key exchange protocols.

computer science, information systems

Jia Yu,Yuan Luo,Minglu Li

DOI: https://doi.org/10.1109/chinagrid.2008.28

2008-01-01

Abstract:Secret key agreement is a major task in network security solutions using secret-key cryptosystems. An information-theoretically secure secret key agreement protocol using LDPC matrices was introduced by Jun Muramatsu. In this paper, the enemy can obtain not only full transmitted messages but also partial side information. We are interested in the equivocation of the generated key to this more powerful enemy. A relation between the security of the secret key agreement protocol and the LDPC matrices used in it is also discussed.

Xin Sun,Jiajia Han,Bang Lv,Changhua Sun,Cheng Zeng

DOI: https://doi.org/10.1371/journal.pone.0312690

IF: 3.7

2024-10-31

PLoS ONE

Abstract:With the rise of the Internet of things, the limitations of traditional PKI certificate authentication technology have progressively emerged. Hence, identity-based public key algorithms have been proposed. In this paper, we propose a new approach to generate an identity key, named identity public key (IPK). IPK identity key generation protocol is based on SM2 elliptic curve cryptography and random matrix theory. It builds upon the concept of combined public key (CPK) and resolves the linear collusion issue of CPK as well as the authenticity verification problem of the declared public key of the simplified TF-CPK by enhancing the identity mapping approach. Another main aim of this paper is to prove the security of the IPK identity key generation protocol. Roughly speaking, we verify the security of each part of the private key and the security of the composite private key. We also increase the function and performance comparison with other schemes, such as IBC(SM9) and TF-CPK. Our scheme has the lowest computation cost, which demonstrates its rationality.

multidisciplinary sciences

Jean-Guillaume Dumas,Pascal Lafourcade,Julio Lopez Fenner,David Lucas,Jean-Baptiste Orfila,Clément Pernet,Maxime Puys

DOI: https://doi.org/10.1007/978-3-030-26834-3_5

2019-01-01

Abstract:This paper presents the first recursive secure multiparty computation protocol for matrix multiplication, based on Strassen-Winograd algorithm. We focus on the setting in which any given player knows only one row of both input matrices and learns the corresponding row of the resulting product matrix. Neither the player initial data, nor the intermediate values, even during the recurrence part of the algorithm, are ever revealed to other players. We use a combination of partial homomorphic encryption schemes and additive masking techniques together with a novel schedule for the location and encryption layout of all intermediate computations that preserves privacy. Compared to state of the art protocols, the asymptotic communication volume and computational time is reduced from $$O(n^3)$$ to $$O(n^{2.81})$$. This improvement in terms of communication volume arises with matrices of dimension as small as $$n=96$$ which is confirmed by experiments.

LIU Duo,DAI Yi-qi

DOI: https://doi.org/10.3969/j.issn.1672-464X.2007.04.003

2007-01-01

Abstract:LUO et al. presented a multi-party protocol of finding eigenvalues of matrix in a secure multi-party computation situation and studied the security of it. The authors of this paper points out that the protocol is insecure in most cases of scientific computation and technological applications. A new protocol solving the same problem and the discussion of its security are also given.

舒剑,许春香

DOI: https://doi.org/10.3969/j.issn.1001-0548.2009.03.018

2009-01-01

Abstract:The security of an authenticated group key exchange is analyzed,the results show that it is insecure due to redundancy of the exchange messages.Based on the protocol of Burmester and Desmedt,an improved protocol is proposed with merits in terms of computation and communication.The improved protocol provides not only the capability of forward secrecy and mutual authentication,but also the capability against man-in-middle attack.The protocol is proven secure in the random-oracle and ideal-cipher models under the computational Diffie-Hellman(CDH) assumption.

Zehong Chang,Fumin Wang,Junliang Jia,Xiaoli Wang,Yi Lv,Pei Zhang

DOI: https://doi.org/10.1364/josab.466304

2022-01-01

Abstract:The recently proposed mutually partially unbiased bases (MPUB)–based protocol, which encodes with Laguerre–Gaussian modes and Hermite–Gaussian modes of the same mode order, can close the security loophole caused by state-dependent diffraction. However, its pessimistic security proof limits the performance, and some practical issues, such as finite-key size and imperfect sources, have not been considered. Here, we improve the key rates of the MPUB-based protocol by accurately estimating the phase error rate. Moreover, the effect of finite-key size and its performance when combined with the decoy state method are demonstrated. Our work broadens the application scope of the MPUB-based protocol, and thereby advances the development of high-dimensional quantum key distribution using spatial modes.

Lina Dindiene,Aleksejus Mihalkovich,Kestutis Luksys,Eligijus Sakalauskas

DOI: https://doi.org/10.3390/math10122123

IF: 2.4

2022-06-19

Mathematics

Abstract:In our previous study, we proposed a perfectly secure Shannon cipher based on the so-called matrix power function. There we also introduced a concept of single round symmetric encryption, i.e., we used the matrix power function together with some rather simple operations to define a three-step encryption algorithm that needs no additional rounds. Interestingly enough, the newly proposed Shannon cipher possesses the option of parallelization—an important property of efficiently performing calculations using several processors. Relying on our previous proposal, in this study we introduce a concept of a one round block cipher, which can be used to encrypt an arbitrary large message by dividing it into several blocks. In other words, we construct a block cipher operating in cipher block chaining mode on the basis of the previously defined Shannon cipher. Moreover, due to the perfect secrecy property of the original algorithm, we show that our proposal is able to withstand the chosen plaintext attack.

mathematics