-
Obtaining physical layer data of latest generation networks for investigating adversary attacks
Authors:
M. V. Ushakova,
Yu. A. Ushakov,
L. V. Legashev
Abstract:
The field of machine learning is develo** rapidly and is being used in various fields of science and technology. In this way, machine learning can be used to optimize the functions of latest generation data networks such as 5G and 6G. This also applies to functions at a lower level. A feature of the use of machine learning in the radio path for targeted radiation generation in modern ultra-massi…
▽ More
The field of machine learning is develo** rapidly and is being used in various fields of science and technology. In this way, machine learning can be used to optimize the functions of latest generation data networks such as 5G and 6G. This also applies to functions at a lower level. A feature of the use of machine learning in the radio path for targeted radiation generation in modern ultra-massive MIMO, reconfigurable intelligent interfaces and other technologies is the complex acquisition and processing of data from the physical layer. Additionally, adversarial measures that manipulate the behaviour of intelligent machine learning models are becoming a major concern, as many machine learning models are sensitive to incorrect input data. To obtain data on attacks directly from processing service information, a simulation model is proposed that works in conjunction with machine learning applications.
△ Less
Submitted 2 May, 2024;
originally announced May 2024.
-
Complexity of Spherical Equations in Finite Groups
Authors:
Caroline Mattes,
Alexander Ushakov,
Armin Weiß
Abstract:
In this paper we investigate computational properties of the Diophantine problem for spherical equations in some classes of finite groups. We classify the complexity of different variations of the problem, e.g., when $G$ is fixed and when $G$ is a part of the input.
When the group $G$ is constant or given as multiplication table, we show that the problem always can be solved in polynomial time.…
▽ More
In this paper we investigate computational properties of the Diophantine problem for spherical equations in some classes of finite groups. We classify the complexity of different variations of the problem, e.g., when $G$ is fixed and when $G$ is a part of the input.
When the group $G$ is constant or given as multiplication table, we show that the problem always can be solved in polynomial time. On the other hand, for the permutation groups $S_n$ (with $n$ part of the input), the problem is NP-complete. The situation for matrix groups is quite involved: while we exhibit sequences of 2-by-2 matrices where the problem is NP-complete, in the full group $GL(2,p)$ ($p$ prime and part of the input) it can be solved in polynomial time. We also find a similar behaviour with subgroups of matrices of arbitrary dimension over a constant ring.
△ Less
Submitted 24 August, 2023;
originally announced August 2023.
-
On subset sum problem in branch groups
Authors:
Andrey Nikolaev,
Alexander Ushakov
Abstract:
We consider a group-theoretic analogue of the classic subset sum problem. In this brief note, we show that the subset sum problem is NP-complete in the first Grigorchuk group. More generally, we show NP-hardness of that problem in weakly regular branch groups, which implies NP-completeness if the group is, in addition, contracting.
We consider a group-theoretic analogue of the classic subset sum problem. In this brief note, we show that the subset sum problem is NP-complete in the first Grigorchuk group. More generally, we show NP-hardness of that problem in weakly regular branch groups, which implies NP-completeness if the group is, in addition, contracting.
△ Less
Submitted 22 June, 2020; v1 submitted 4 June, 2020;
originally announced June 2020.
-
Subset sum problem in polycyclic groups
Authors:
Andrey Nikolaev,
Alexander Ushakov
Abstract:
We consider a group-theoretic analogue of the classic subset sum problem. It is known that every virtually nilpotent group has polynomial time decidable subset sum problem. In this paper we use subgroup distortion to show that every polycyclic non-virtually-nilpotent group has NP-complete subset sum problem.
We consider a group-theoretic analogue of the classic subset sum problem. It is known that every virtually nilpotent group has polynomial time decidable subset sum problem. In this paper we use subgroup distortion to show that every polycyclic non-virtually-nilpotent group has NP-complete subset sum problem.
△ Less
Submitted 21 March, 2017;
originally announced March 2017.
-
Generic case completeness
Authors:
Alexei Miasnikov,
Alexander Ushakov
Abstract:
In this note we introduce a notion of a generically (strongly generically) NP-complete problem and show that the randomized bounded version of the halting problem is strongly generically NP-complete.
In this note we introduce a notion of a generically (strongly generically) NP-complete problem and show that the randomized bounded version of the halting problem is strongly generically NP-complete.
△ Less
Submitted 13 May, 2016;
originally announced June 2016.
-
Non-commutative lattice problems
Authors:
Alexei Myasnikov,
Andrey Nikolaev,
Alexander Ushakov
Abstract:
We consider several subgroup-related algorithmic questions in groups, modeled after the classic computational lattice problems, and study their computational complexity. We find polynomial time solutions to problems like finding a subgroup element closest to a given group element, or finding a shortest non-trivial element of a subgroup in the case of nilpotent groups, and a large class of surface…
▽ More
We consider several subgroup-related algorithmic questions in groups, modeled after the classic computational lattice problems, and study their computational complexity. We find polynomial time solutions to problems like finding a subgroup element closest to a given group element, or finding a shortest non-trivial element of a subgroup in the case of nilpotent groups, and a large class of surface groups and Coxeter groups. We also provide polynomial time algorithm to compute geodesics in given generators of a subgroup of a free group.
△ Less
Submitted 10 August, 2015;
originally announced August 2015.
-
Knapsack problems in products of groups
Authors:
Elizaveta Frenkel,
Andrey Nikolaev,
Alexander Ushakov
Abstract:
The classic knapsack and related problems have natural generalizations to arbitrary (non-commutative) groups, collectively called knapsack-type problems in groups. We study the effect of free and direct products on their time complexity. We show that free products in certain sense preserve time complexity of knapsack-type problems, while direct products may amplify it. Our methods allow to obtain…
▽ More
The classic knapsack and related problems have natural generalizations to arbitrary (non-commutative) groups, collectively called knapsack-type problems in groups. We study the effect of free and direct products on their time complexity. We show that free products in certain sense preserve time complexity of knapsack-type problems, while direct products may amplify it. Our methods allow to obtain complexity results for rational subset membership problem in amalgamated free products over finite subgroups.
△ Less
Submitted 10 August, 2015; v1 submitted 27 August, 2014;
originally announced August 2014.
-
The Post correspondence problem in groups
Authors:
Alexei Myasnikov,
Andrey Nikolaev,
Alexander Ushakov
Abstract:
We generalize the classical Post correspondence problem ($\mathbf{PCP}_n$) and its non-homogeneous variation ($\mathbf{GPCP}_n$) to non-commutative groups and study the computational complexity of these new problems. We observe that $\mathbf{PCP}_n$ is closely related to the equalizer problem in groups, while $\mathbf{GPCP}_n$ is connected to the double twisted conjugacy problem for endomorphisms.…
▽ More
We generalize the classical Post correspondence problem ($\mathbf{PCP}_n$) and its non-homogeneous variation ($\mathbf{GPCP}_n$) to non-commutative groups and study the computational complexity of these new problems. We observe that $\mathbf{PCP}_n$ is closely related to the equalizer problem in groups, while $\mathbf{GPCP}_n$ is connected to the double twisted conjugacy problem for endomorphisms. Furthermore, it is shown that one of the strongest forms of the word problem in a group $G$ (we call it the {\em hereditary word problem}) can be reduced to $\mathbf{GPCP}_n$ in $G$ in polynomial time.
The main results are that $\mathbf{PCP}_n$ is decidable in a finitely generated nilpotent group in polynomial time, while $\mathbf{GPCP}_n$ is undecidable in any group containing free non-abelian subgroup (though the argument is very different from the classical case of free semigroups). We show that the double endomorphism twisted conjugacy problem is undecidable in free groups of sufficiently large finite rank. We also consider the bounded $\mathbf{PCP}$ and observe that it is in $\mathbf{NP}$ for any group with $\mathbf{P}$-time decidable word problem, meanwhile it is $\mathbf{NP}$-hard in any group containing free non-abelian subgroup. In particular, the bounded $\mathbf{PCP}$ is $\mathbf{NP}$-complete in non-elementary hyperbolic groups and non-abelian right angle Artin groups.
△ Less
Submitted 17 November, 2013; v1 submitted 19 October, 2013;
originally announced October 2013.
-
Knapsack Problems in Groups
Authors:
Alexei Myasnikov,
Andrey Nikolaev,
Alexander Ushakov
Abstract:
We generalize the classical knapsack and subset sum problems to arbitrary groups and study the computational complexity of these new problems. We show that these problems, as well as the bounded submonoid membership problem, are P-time decidable in hyperbolic groups and give various examples of finitely presented groups where the subset sum problem is NP-complete.
We generalize the classical knapsack and subset sum problems to arbitrary groups and study the computational complexity of these new problems. We show that these problems, as well as the bounded submonoid membership problem, are P-time decidable in hyperbolic groups and give various examples of finitely presented groups where the subset sum problem is NP-complete.
△ Less
Submitted 22 February, 2013;
originally announced February 2013.
-
Mean-Set Attack: Cryptanalysis of Sibert et al. Authentication Protocol
Authors:
Natalia Mosina,
Alexander Ushakov
Abstract:
We analyze the Sibert et al. group-based (Feige-Fiat-Shamir type) authentication protocol and show that the protocol is not computationally zero-knowledge. In addition, we provide experimental evidence that our approach is practical and can succeed even for groups with no efficiently computable length function such as braid groups. The novelty of this work is that we are not attacking the protocol…
▽ More
We analyze the Sibert et al. group-based (Feige-Fiat-Shamir type) authentication protocol and show that the protocol is not computationally zero-knowledge. In addition, we provide experimental evidence that our approach is practical and can succeed even for groups with no efficiently computable length function such as braid groups. The novelty of this work is that we are not attacking the protocol by trying to solve an underlying complex algebraic problem, namely, the conjugacy search problem, but use a probabilistic approach, instead.
△ Less
Submitted 24 June, 2010;
originally announced June 2010.
-
Power Circuits, Exponential Algebra, and Time Complexity
Authors:
Alexei G. Myasnikov,
Alexander Ushakov,
Dong Wook Won
Abstract:
Motivated by algorithmic problems from combinatorial group theory we study computational properties of integers equipped with binary operations +, -, z = x 2^y, z = x 2^{-y} (the former two are partial) and predicates < and =. Notice that in this case very large numbers, which are obtained as n towers of exponentiation in the base 2 can be realized as n applications of the operation x2^y, so worki…
▽ More
Motivated by algorithmic problems from combinatorial group theory we study computational properties of integers equipped with binary operations +, -, z = x 2^y, z = x 2^{-y} (the former two are partial) and predicates < and =. Notice that in this case very large numbers, which are obtained as n towers of exponentiation in the base 2 can be realized as n applications of the operation x2^y, so working with such numbers given in the usual binary expansions requires super exponential space. We define a new compressed representation for integers by power circuits (a particular type of straight-line programs) which is unique and easily computable, and show that the operations above can be performed in polynomial time if the numbers are presented by power circuits. We mention several applications of this technique to algorithmic problems, in particular, we prove that the quantifier-free theories of various exponential algebras are decidable in polynomial time, as well as the word problems in some "hard to crack" one-relator groups.
△ Less
Submitted 13 June, 2010;
originally announced June 2010.
-
An authentication scheme based on the twisted conjugacy problem
Authors:
Vladimir Shpilrain,
Alexander Ushakov
Abstract:
The conjugacy search problem in a group $G$ is the problem of recovering an $x \in G$ from given $g \in G$ and $h=x^{-1}gx$. The alleged computational hardness of this problem in some groups was used in several recently suggested public key exchange protocols, including the one due to Anshel, Anshel, and Goldfeld, and the one due to Ko, Lee et al. Sibert, Dehornoy, and Girault used this problem…
▽ More
The conjugacy search problem in a group $G$ is the problem of recovering an $x \in G$ from given $g \in G$ and $h=x^{-1}gx$. The alleged computational hardness of this problem in some groups was used in several recently suggested public key exchange protocols, including the one due to Anshel, Anshel, and Goldfeld, and the one due to Ko, Lee et al. Sibert, Dehornoy, and Girault used this problem in their authentication scheme, which was inspired by the Fiat-Shamir scheme involving repeating several times a three-pass challenge-response step.
In this paper, we offer an authentication scheme whose security is based on the apparent hardness of the twisted conjugacy search problem, which is: given a pair of endomorphisms (i.e., homomorphisms into itself) phi, ψof a group G and a pair of elements w, t \in G, find an element s \in G such that t = ψ(s^{-1}) w φ(s) provided at least one such s exists. This problem appears to be very non-trivial even for free groups. We offer here another platform, namely, the semigroup of all 2x2 matrices over truncated one-variable polynomials over F_2, the field of two elements, with transposition used instead of inversion in the equality above.
△ Less
Submitted 17 May, 2008;
originally announced May 2008.
-
Cryptanalysis of shifted conjugacy authentication protocol
Authors:
Jonathan Longrigg,
Alexander Ushakov
Abstract:
In this paper we present the first practical attack on the shifted conjugacy-based authentication protocol proposed by P. Dehornoy. We discuss the weaknesses of that primitive and propose ways to improve the protocol.
In this paper we present the first practical attack on the shifted conjugacy-based authentication protocol proposed by P. Dehornoy. We discuss the weaknesses of that primitive and propose ways to improve the protocol.
△ Less
Submitted 14 August, 2007;
originally announced August 2007.
-
Random subgroups and analysis of the length-based and quotient attacks
Authors:
Alexei G. Myasnikov,
Alexander Ushakov
Abstract:
In this paper we discuss generic properties of "random subgroups" of a given group G. It turns out that in many groups G (even in most exotic of them) the random subgroups have a simple algebraic structure and they "sit" inside G in a very particular way. This gives a strong mathematical foundation for cryptanalysis of several group-based cryptosystems and indicates on how to chose "strong keys"…
▽ More
In this paper we discuss generic properties of "random subgroups" of a given group G. It turns out that in many groups G (even in most exotic of them) the random subgroups have a simple algebraic structure and they "sit" inside G in a very particular way. This gives a strong mathematical foundation for cryptanalysis of several group-based cryptosystems and indicates on how to chose "strong keys". To illustrate our technique we analyze the Anshel-Anshel-Goldfeld (AAG) cryptosystem and give a mathematical explanation of recent success of some heuristic length-based attacks on it. Furthermore, we design and analyze a new type of attacks, which we term the quotient attacks. Mathematical methods we develop here also indicate how one can try to choose "parameters" in AAG to foil the attacks.
△ Less
Submitted 10 July, 2007;
originally announced July 2007.
-
Report on Generic Case Complexity
Authors:
Robert Gilman,
Alexei G. Miasnikov,
Alexey D. Myasnikov,
Alexander Ushakov
Abstract:
This article is a short introduction to generic case complexity, which is a recently developed way of measuring the difficulty of a computational problem while ignoring atypical behavior on a small set of inputs. Generic case complexity applies to both recursively solvable and recursively unsolvable problems.
This article is a short introduction to generic case complexity, which is a recently developed way of measuring the difficulty of a computational problem while ignoring atypical behavior on a small set of inputs. Generic case complexity applies to both recursively solvable and recursively unsolvable problems.
△ Less
Submitted 10 July, 2007;
originally announced July 2007.
-
A new key exchange protocol based on the decomposition problem
Authors:
Vladimir Shpilrain,
Alexander Ushakov
Abstract:
In this paper we present a new key establishment protocol based on the decomposition problem in non-commutative groups which is: given two elements $w, w_1$ of the platform group $G$ and two subgroups $A, B \subseteq G$ (not necessarily distinct), find elements $a \in A, b \in B$ such that $w_1 = a w b$. Here we introduce two new ideas that improve the security of key establishment protocols bas…
▽ More
In this paper we present a new key establishment protocol based on the decomposition problem in non-commutative groups which is: given two elements $w, w_1$ of the platform group $G$ and two subgroups $A, B \subseteq G$ (not necessarily distinct), find elements $a \in A, b \in B$ such that $w_1 = a w b$. Here we introduce two new ideas that improve the security of key establishment protocols based on the decomposition problem. In particular, we conceal (i.e., do not publish explicitly) one of the subgroups $A, B$, thus introducing an additional computationally hard problem for the adversary, namely, finding the centralizer of a given finitely generated subgroup.
△ Less
Submitted 6 December, 2005;
originally announced December 2005.
-
Thompson's group and public key cryptography
Authors:
Vladimir Shpilrain,
Alexander Ushakov
Abstract:
Recently, several public key exchange protocols based on symbolic computation in non-commutative (semi)groups were proposed as a more efficient alternative to well established protocols based on numeric computation. Notably, the protocols due to Anshel-Anshel-Goldfeld and Ko-Lee et al. exploited the conjugacy search problem in groups, which is a ramification of the discrete logarithm problem. Ho…
▽ More
Recently, several public key exchange protocols based on symbolic computation in non-commutative (semi)groups were proposed as a more efficient alternative to well established protocols based on numeric computation. Notably, the protocols due to Anshel-Anshel-Goldfeld and Ko-Lee et al. exploited the conjugacy search problem in groups, which is a ramification of the discrete logarithm problem. However, it is a prevalent opinion now that the conjugacy search problem alone is unlikely to provide sufficient level of security no matter what particular group is chosen as a platform.
In this paper we employ another problem (we call it the decomposition problem), which is more general than the conjugacy search problem, and we suggest to use R. Thompson's group as a platform. This group is well known in many areas of mathematics, including algebra, geometry, and analysis. It also has several properties that make it fit for cryptographic purposes. In particular, we show here that the word problem in Thompson's group is solvable in almost linear time.
△ Less
Submitted 23 May, 2005;
originally announced May 2005.
-
The conjugacy search problem in public key cryptography: unnecessary and insufficient
Authors:
Vladimir Shpilrain,
Alexander Ushakov
Abstract:
The conjugacy search problem in a group G is the problem of recovering an x in G from given g in G and h=x^{-1}gx. This problem is in the core of several recently suggested public key exchange protocols, most notably the one due to Anshel, Anshel, and Goldfeld, and the one due to Ko, Lee at al.
In this note, we make two observations that seem to have eluded most people's attention. The first ob…
▽ More
The conjugacy search problem in a group G is the problem of recovering an x in G from given g in G and h=x^{-1}gx. This problem is in the core of several recently suggested public key exchange protocols, most notably the one due to Anshel, Anshel, and Goldfeld, and the one due to Ko, Lee at al.
In this note, we make two observations that seem to have eluded most people's attention. The first observation is that solving the conjugacy search problem is not necessary for an adversary to get the common secret key in the Ko-Lee protocol. It is sufficient to solve an apparently easier problem of finding x, y in G such that h=ygx for given g, h in G.
Another observation is that solving the conjugacy search problem is not sufficient for an adversary to get the common secret key in the Anshel-Anshel-Goldfeld protocol.
△ Less
Submitted 29 November, 2004;
originally announced November 2004.
