A Linear Algebraic Attack on the AAFG1 Braid Group Cryptosystem

  • James Hughes
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2384)


Our purpose is to describe a promising linear algebraic attack on the AAFG1 braid group cryptosystem proposed in [2] employing parameters suggested by the authors. Our method employs the well known Burau matrix representation of the braid group and techniques from computational linear algebra and provide evidence which shows that at least a certain class of keys are weak. We argue that if AAFG1 is to be viable the parameters must be fashioned to defend against this attack.


Braid Group Mapping Class Group Conjugacy Problem Artin Group Conjugacy Search 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    I. Anshel, M. Anshel, and D. Goldfeld. “An algebraic method for public-key cryptography”. Mathematical Research Letters 6 (1999), 1–5MathSciNetGoogle Scholar
  2. 2.
    I. Anshel, M. Anshel, B. Fisher, and D. Goldfeld. “New Key Agreement Protocol in Braid Group Cryptography”. Topics in Cryptology-CT-RSA2001. Lecture Notes in Computer Science, Vol. 2020. (Springer-Verlag, 2001), 13–27.CrossRefGoogle Scholar
  3. 3.
    I. Anshel, M. Anshel, and D. Goldfeld. “A Linear Time Matrix Key Agreement Protocol”. Contemporary Methods in Cryptography. Institute for Pure and Applied Mathematics (IPAM), Winter 2002. From URL
  4. 4.
    E. Artin. “Theorie der Zopfe”. Hamburg Abh 4 (1925), 47–72zbMATHCrossRefGoogle Scholar
  5. 5.
    A. Cleary, and J. Dongarra. “Implementation in ScaLAPACK of Divide-and-Conquer Algorithms for Banded and Tridiagonal Systems”. Technical Report CS-97-358, University of Tennessee, Knoxville, TN, April 1997. Available as LAPACK Working Note #125 from URL Google Scholar
  6. 6.
    BOO BARKEE, DEH CAC CAN, JULIA ECKS, THEO MORIARITY, R. F. REE. “Why You Cannot Even Hope to use Grobner Bases in Public Key Cryptography: An Open Letter to Those Who Have Not Yet Failed”. J. Symbolic Computation 18 (1994), 497–501zbMATHCrossRefGoogle Scholar
  7. 7.
    S. Bigelow. “Homological representation of Braid groups”. Ph.D. Thesis, Dept. of Mathematics, Berkeley Univ., 2000Google Scholar
  8. 8.
    S. Bigelow. “Braid Groups Are Linear”. From URL
  9. 9.
    S. Bigelow. “The Burau representation is not faithful for n = 5”. Geometry and Topology. 3 (1999), 397–404zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    E. Brieskorn, and K. Saito. “Artin Gruppen und Coxeter Gruppen”. Invent. Math. 17 (1972), 245–271zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    J. Birman. “Braids, Links, and Mapping Class Groups”. Annals of Mathematics Studies. Princeton University Press, Princeton, New Jersey, 1975Google Scholar
  12. 12.
    J. Birman, K. Ko, and S. Lee. “A new approach to the word and conjugacy problems in the braid groups”. Advances in Math. 139 (1998), 322–353zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    A.V. Borovik, A.G. Myasnikov, and V. Shpilrain. “Measuring sets in infinite groups”, From URL
  14. 14.
    W. Burau. “Ũber Zopfgruppen und gleichsinning verdrillte Verkettungen”. Abh. Math. Sem. Ham. II (1936), 171–178Google Scholar
  15. 15.
    P. Dehornoy. “A fast method for comparing braids”. Advances in Math. 127 (1997), 200–235CrossRefMathSciNetGoogle Scholar
  16. 16.
    E. A. Elrifai and H. R. Morton. “Algorithms for positive braids”. Quart. J. Math. Oxford. 45 (1994), 479–497zbMATHCrossRefMathSciNetGoogle Scholar
  17. 17.
    H. Garside. “The braid group and other groups”. Quart. J. Math. Oxford. 20 (1969), 235–254zbMATHCrossRefMathSciNetGoogle Scholar
  18. 18.
    D. Goldfeld, Private Correspondence, November 17, 2001, Message-ID: < >Google Scholar
  19. 19.
    S.G. Hahn, E.K. Lee, J.H. Park. “The Generalized Conjugacy Search Problem and the Burau Representation”. Preprint, February, 2001, From URL
  20. 20.
    J. Hughes, and A. Tannenbaum. “Length-based attacks for certain group based encryption rewriting systems”. Institute for Mathematics and Its Applications, April, 2000, Minneapolis, MN, Preprint number 1696Google Scholar
  21. 21.
    J. Hughes. “The LeftSSS attack on Ko-Lee-Cheon-Han-Kang-Park Key Agreement Protocol in B45”, Rump Session Crypto 2000, Santa Barbara, CA, May, 2000. From URL
  22. 22.
    K. Ko, S. Lee, J. Cheon, J. Han, J. Kang, and C. Park. “New public-key cryptosystem using braid groups”. Technical Report, Korea Advance Institute of Science and Technology, Taejon, Korea, February 2000Google Scholar
  23. 23.
    R.J. Lawrence. “Homological representations of the Hecke algebra”. Comm. Math. Phys. 135 (1990), pp. 141–191.zbMATHCrossRefMathSciNetGoogle Scholar
  24. 24.
    D. Long and M. Paton. “The Burau representation is not faithful for n=6”. Topology 32 (1993), 439–447.zbMATHCrossRefMathSciNetGoogle Scholar
  25. 25.
    A. Odlyzko. “Cryptanalytic attacks on the multiplicative knapsack cryptosystem and on Shamir’s fast signature scheme”. IEEE Trans. Inform. Theory. 30 (1984), 594–601.zbMATHCrossRefMathSciNetGoogle Scholar
  26. 26.
    R.L. Rivest. “Cryptography”, Chapter 13 of Handbook of Theoretical Computer Science, (ed. J. Van Leeuwen). 1 (Elsevier, 1990), 717–755.
  27. 27.
    M. Abadi, and P. Rogaway. “Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)”. Journal of Cryptology. 15 (2002), 103–127zbMATHMathSciNetGoogle Scholar
  28. 28.
    V Shpilrain. “Average Case Complexity of the Word and Conjugacy Problems in the Braid Groups”. From URL
  29. 29.
    N. Franco, and J. Gonzalez-Meneses. “Computation of Normalizers in Braid groups and Garside Groups”. From URL
  30. 30.
    A. Joux and J. Stern. “Cryptanalysis of another knapsack cryptosystem”. Advances in Cryptology: Proceedings of AsiaCrypt’91, Volume 739 Lecture Notes in Computer Science, (Springer Verlag, 1991), 470–476Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • James Hughes
    • 1
  1. 1.Storage Technology CorporationMinneapolisUSA

Personalised recommendations