A Practical Cryptanalysis of the Algebraic Eraser
Adi Ben-Zvi, Simon R. Blackburn, Boaz Tsaban
TL;DR
This paper presents a practical cryptanalysis of the Algebraic Eraser scheme, demonstrating that its purported 128-bit security can be compromised with modest computational resources.
Contribution
It provides the first effective cryptanalysis of the Algebraic Eraser, challenging its security claims and exposing vulnerabilities in its implementation.
Findings
Shared key recovered in under 8 CPU hours
Less than 64MB memory required for attack
Questions raised about the scheme's 128-bit security claim
Abstract
Anshel, Anshel, Goldfeld and Lemieaux introduced the Colored Burau Key Agreement Protocol (CBKAP) as the concrete instantiation of their Algebraic Eraser scheme. This scheme, based on techniques from permutation groups, matrix groups and braid groups, is designed for lightweight environments such as RFID tags and other IoT applications. It is proposed as an underlying technology for ISO/IEC 29167-20. SecureRF, the company owning the trademark Algebraic Eraser, has presented the scheme to the IRTF with a view towards standardisation. We present a novel cryptanalysis of this scheme. For parameter sizes corresponding to claimed 128-bit security, our implementation recovers the shared key using less than 8 CPU hours, and less than 64MB of memory.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Cryptographic Implementations and Security · graph theory and CDMA systems