Mean-Set Attack: Cryptanalysis of Sibert et al. Authentication Protocol

Natalia Mosina; Alexander Ushakov

arXiv:1006.4850·math.GR·June 25, 2010

Mean-Set Attack: Cryptanalysis of Sibert et al. Authentication Protocol

Natalia Mosina, Alexander Ushakov

PDF

TL;DR

This paper presents a practical probabilistic cryptanalysis of the Sibert et al. authentication protocol, demonstrating it is not zero-knowledge and effective even in complex groups like braid groups.

Contribution

It introduces a novel probabilistic attack method that does not rely on solving the conjugacy search problem, challenging the protocol's assumed security.

Findings

01

The protocol is not computationally zero-knowledge.

02

The attack is effective in braid groups with no efficient length function.

03

The approach is practical and can succeed in real-world scenarios.

Abstract

We analyze the Sibert et al. group-based (Feige-Fiat-Shamir type) authentication protocol and show that the protocol is not computationally zero-knowledge. In addition, we provide experimental evidence that our approach is practical and can succeed even for groups with no efficiently computable length function such as braid groups. The novelty of this work is that we are not attacking the protocol by trying to solve an underlying complex algebraic problem, namely, the conjugacy search problem, but use a probabilistic approach, instead.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.