基于半直积的密钥交换协议的群论密码分析

群论密码学被认为是抗量子计算机攻击的一种现代密码候选解决方案,而因特网上的密钥交换协议是保障通信安全的基元之一.不同于所有Diffie-Hellman类协议的工作原理,2016年Habeeb等人基于两群的半直积而安全性基于比目前"离散对数难题"更强的计算群论假设,提出了一个带宽高效的密钥交换协议.严格证明其代数系统成群,并构建该群到经典定义的半直积群之间的一个同构.结果表明,其半直积系统并非真正创新的代数系统,从而其被动安全性在未来具有一定的脆弱性.

Group-based cryptanalysis of a key exchange protocol based on semidirect products

Abstract: Group-based cryptography is viewed as a modern cryptographic candidate solution to blocking quantum computer attacks, and key exchange protocols on the Internet are one of the primitives to ensure the security of communication. Unlike all the operating principles of the existing Diffie-Hellman-like protocols, in 2016 Habeeb et al proposed a bandwidth-efficient key exchange protocol based on the semidirect product of two groups whose security is based on a stronger computational group-theoretic assumption than the current assumptions of hardness of discrete logarithm problems. In this paper, the algebraic system of their protocol is strictly proven to be a group, and an isomorphism from this group onto a classically defined semidirect product group is constructed. Our result shows that their semidirect product system is not a really innovative algebraic system, and therefore its passive security will bear certain vulnerability in the future.