TY - GEN
T1 - An authentication scheme based on the twisted conjugacy problem
AU - Shpilrain, Vladimir
AU - Ushakov, Alexander
PY - 2008
Y1 - 2008
N2 - The conjugacy search problem in a group G is the problem of recovering an x∈ ∈G from given g∈ ∈G and h∈=∈x -∈1 gx. The alleged computational hardness of this problem in some groups was used in several recently suggested public key exchange protocols, including the one due to Anshel, Anshel, and Goldfeld, and the one due to Ko, Lee et al. Sibert, Dehornoy, and Girault used this problem in their authentication scheme, which was inspired by the Fiat-Shamir scheme involving repeating several times a three-pass challenge-response step. In this paper, we offer an authentication scheme whose security is based on the apparent hardness of the twisted conjugacy search problem which is: given a pair of endomorphisms (i.e., homomorphisms into itself) φ,ψ of a group G and a pair of elements w, t ∈ G, find an element s ∈ G such that t = ψ(s -1wφ(s) provided at least one such s exists. This problem appears to be very non-trivial even for free groups. We offer here another platform, namely, the semigroup of all 2 ×2 matrices over truncated one-variable polynomials over F2, the field of two elements, with transposition used instead of inversion in the equality above.
AB - The conjugacy search problem in a group G is the problem of recovering an x∈ ∈G from given g∈ ∈G and h∈=∈x -∈1 gx. The alleged computational hardness of this problem in some groups was used in several recently suggested public key exchange protocols, including the one due to Anshel, Anshel, and Goldfeld, and the one due to Ko, Lee et al. Sibert, Dehornoy, and Girault used this problem in their authentication scheme, which was inspired by the Fiat-Shamir scheme involving repeating several times a three-pass challenge-response step. In this paper, we offer an authentication scheme whose security is based on the apparent hardness of the twisted conjugacy search problem which is: given a pair of endomorphisms (i.e., homomorphisms into itself) φ,ψ of a group G and a pair of elements w, t ∈ G, find an element s ∈ G such that t = ψ(s -1wφ(s) provided at least one such s exists. This problem appears to be very non-trivial even for free groups. We offer here another platform, namely, the semigroup of all 2 ×2 matrices over truncated one-variable polynomials over F2, the field of two elements, with transposition used instead of inversion in the equality above.
UR - http://www.scopus.com/inward/record.url?scp=45749093800&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=45749093800&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-68914-0_22
DO - 10.1007/978-3-540-68914-0_22
M3 - Conference contribution
AN - SCOPUS:45749093800
SN - 3540689133
SN - 9783540689133
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 366
EP - 372
BT - Applied Cryptography and Network Security - 6th International Conference, ACNS 2008, Proceedings
T2 - 6th International Conference on Applied Cryptography and Network Security, ACNS 2008
Y2 - 3 June 2008 through 6 June 2008
ER -