TY - JOUR
T1 - Mean-set attack
T2 - Cryptanalysis of Sibert et al. authentication protocol
AU - Mosina, Natalia
AU - Ushakov, Alexander
PY - 2010/10
Y1 - 2010/10
N2 - We analyze the Sibert et al. group-based (Feige-Fiat-Shamir type) authentication protocol and show that the protocol is not computationally zero-knowledge. In addition, we provide experimental evidence that our approach is practical and can succeed even for groups with no efficiently computable length function such as braid groups. The novelty of this work is that we are not attacking the protocol by trying to solve an underlying complex algebraic problem, namely, the conjugacy search problem, but use a probabilistic approach, instead.
AB - We analyze the Sibert et al. group-based (Feige-Fiat-Shamir type) authentication protocol and show that the protocol is not computationally zero-knowledge. In addition, we provide experimental evidence that our approach is practical and can succeed even for groups with no efficiently computable length function such as braid groups. The novelty of this work is that we are not attacking the protocol by trying to solve an underlying complex algebraic problem, namely, the conjugacy search problem, but use a probabilistic approach, instead.
KW - Authentication protocol
KW - Braid group
KW - Group-based cryptography
KW - Mean-set
KW - Mean-set attack principle
KW - Probability on graphs and groups
KW - Shift search problem
KW - Zero knowledge
UR - http://www.scopus.com/inward/record.url?scp=84858383281&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84858383281&partnerID=8YFLogxK
U2 - 10.1515/JMC.2010.006
DO - 10.1515/JMC.2010.006
M3 - Article
AN - SCOPUS:84858383281
SN - 1862-2976
VL - 4
SP - 149
EP - 174
JO - Journal of Mathematical Cryptology
JF - Journal of Mathematical Cryptology
IS - 2
ER -