# bolstad-1 - Braid Group Cryptography Untangled Andrew...

This preview shows pages 1–3. Sign up to view the full content.

x y xy z z -1 w w Braid Group Cryptography Untangled Andrew Bolstad Professor Nigel Boston Math/ECE 842 University of Wisconsin December 15, 2004

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Recently, the class of non-abelian infinite groups known as the braid groups, B n , has attracted attention as a possible source of cryptographic schemes, including key exchange and user verification. The braid groups have very complicated structure, yet have a very nice geometrical interpretation. There are well known solutions to the word problem, and fast algorithms for implementation on digital computers. Though the braid groups have been known and studied for many years, the first braid group cryptosystems appeared in 2000. Shortly thereafter, a polynomial time attack to existing systems was discovered. Despite this attack, there may be some hope for braid groups. There may be some problems that are still hard and some application specific schemes that are still good enough for large enough n . This report will cover an introduction to braid groups including solutions to the word problem, theoretical advantages, computational advantages, proposed systems, and attacks. In order to examine these cryptosystems, it is first necessary to define and introduce the braid groups. 1. Introduction to Braid Groups The natural way to think about the braid groups is through their geometric interpretation. Picture a set of n parallel strings hanging in a line. Number the strings 1 , 2 ,…, n starting on the left. An n-braid is obtained by intertwining the strings and fixing the lower ends in a line. Notice that a pair of strings can be intertwined in two ways: by passing the string on the left over or under the string on the right. Figure 1 illustrates a few braids. Braids will be considered to start at the top and end at the bottom throughout. Figure 1: A few braids. For a given n , called the braid index , the set of all possible n -braids forms a group called the n -braid group, B n . The law of composition for two braids is to match up the ends of the strings on the first braid to the beginnings of strings on the second braid. The identity element is simply the braid formed by letting all strings run parallel with no crossings. The inverse of any braid is its mirror image with the face of the mirror perpendicular to the strings. Two braids are considered equal if one can be obtained from the other by sliding crossings past one another and canceling inverses without adding or removing any other crossings. Examples of composition, inverse, and equality are given in Figure 2. Figure 2: Composition, inversion, and equality. With this basic understanding, some remarks about braid groups can immediately be made. First, the 1-braid group is isomorphic to the trivial group. Also, the 2-braids are isomorphic to the integers under addition, where a positive integer k is equivalent to k half-twists of the pair of strings. Likewise –k e is equivalent to k half-twist with the opposite string crossing over the top of each half-twist. For any
This is the end of the preview. Sign up to access the rest of the document.

## This note was uploaded on 05/09/2008 for the course MATH 363 taught by Professor Langer during the Spring '08 term at Case Western.

### Page1 / 18

bolstad-1 - Braid Group Cryptography Untangled Andrew...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document
Ask a homework question - tutors are online