Popping "R-propping": breaking hardness assumptions for matrix groups over GF(2^8)
Vol. 3 No. 1 (2023), Articles
Vol. 3 No. 1 (2023)

Popping "R-propping": breaking hardness assumptions for matrix groups over GF(2^8)

Articles
Published 2023-07-09
Fernando Virdia
ETH Zurich
PDF

Supplementary Files

ZIP

Keywords

public key cryptography
digital signatures
matrix-based
cryptanalysis

How to Cite

Virdia, F. (2023). Popping "R-propping": breaking hardness assumptions for matrix groups over GF(2^8). Mathematical Cryptology, 3(1), 1–10. Retrieved from https://journals.flvc.org/mathcryptology/article/view/131501
ACM ACS APA ABNT Chicago Harvard IEEE MLA Turabian Vancouver

Download Citation

Endnote/Zotero/Mendeley (RIS) BibTeX

Abstract

A recent series of works propose to build post-quantum public-key encapsulation, digital signatures, group key agreement and oblivious transfer from ``R-propped'' variants of the Symmetric Decomposition and Discrete Logarithm problems for matrix groups over $\FF_{2^8}$.
We break all four proposals by presenting a linearisation attack on the Symmetric Decomposition platform, a forgery attack on the signature scheme, and a demonstration of the insecurity of the instances of the Discrete Logarithm Problem used for signatures, group key agreement and oblivious transfer, showing that none of the schemes provides adequate security.

PDF
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Copyright (c) 2023 Fernando Virdia