Volume 61 Issue 2 (2011) - Годишник на ТУ - София - Технически ...

2. Alice chooses a ∈ G and transmits as to Bob.3. Bob chooses b ∈ G and transmits bs to Alice.4. Alice computes k a = a(bs) while Bob computes k b = b(as).The shared common key is thus k = k a = a(bs) = (a·b)s = (b·a)s = b(as) = k b .It is obvious that one can build a cryptosystem based on semigroup action if it isa hard problem.2.3 Semigroup Action Problem (SAP)Given a semigroup G acting on a nite set S and elements x ∈ S and y ∈ Gx,nd g ∈ G such that y = gx.The Die-Hellman key exchange is a special case of the Extended Die-Hellmankey exchange when (G, ·) be a semigroup of integers (Z, ·), S be a cyclic groupH =< s > where the discrete logarithm is believed to be dicult.The action isϕ : Z × H −→ H ,where ϕ(n, s) = s n .The identity s ab = (s a ) b says that ϕ is a commutative G-action.The security of Protocol 2.2 is equivalent to solve SAP.In 2010 was constructed new public key cryptosystem (see [12]) which is developedin [13]:2.4 Extended Die-Hellman Key Exchange Protocol in (G,S,ϕ,ψ)Let G be a monoid, S be a nite set and A and B be submonoids of G.Letϕ : A × S −→ S be an action of A on S and ψ : B × S −→ S be an action of Bon S andϕ(a, ψ(b, s))) = ψ(b, ϕ(a, s))for any elements a ∈ A,b ∈ B and s ∈ S.1. Alice and Bob publicly agree on some element s ∈ S.2. Alice chooses submonoid A of G and an element a ∈ A.Then she transmitsas to Bob (her private key is (A, a) and her public key is as ).3. Bob chooses submonoid B of G and an element b ∈ B.Then he transmits bsto Alice (his private key is (B, b) and his public key is bs ).4. Alice computes k A = ϕ(a, ψ(b, s))) while Bob computes k b = ψ(b, ϕ(a, s)).The shared common key is thusk = k A = ϕ(a, ψ(b, s)) = ψ(b, ϕ(a, s)) = k b .When A = B = G and ϕ = ψ we reach the Protocol 2.2.The given key exchange protocol is related to the following hard problem:31