582 Computational and Combinatorial Group Theory and Cryptography AMS Special Sessions: Computational Algebra, Groups, and Applications April 30–May 1, 2011 University of Nevada, Las Vegas, NV Mathematical Aspects of Cryptography and Cyber Security September 10–11, 2011 Cornell University, Ithaca, NY Benjamin Fine Delaram Kahrobaei Gerhard Rosenberger Editors AmericanMathematicalSociety Computational and Combinatorial Group Theory and Cryptography AMS Special Sessions: Computational Algebra, Groups, and Applications April 30–May 1, 2011 University of Nevada, Las Vegas, NV Mathematical Aspects of Cryptography and Cyber Security September 10–11, 2011 Cornell University, Ithaca, NY Benjamin Fine Delaram Kahrobaei Gerhard Rosenberger Editors 582 Computational and Combinatorial Group Theory and Cryptography AMS Special Sessions: Computational Algebra, Groups, and Applications April 30–May 1, 2011 University of Nevada, Las Vegas, NV Mathematical Aspects of Cryptography and Cyber Security September 10–11, 2011 Cornell University, Ithaca, NY Benjamin Fine Delaram Kahrobaei Gerhard Rosenberger Editors AmericanMathematicalSociety Providence,RhodeIsland EDITORIAL COMMITTEE Dennis DeTurck, Managing Editor Michael Loss Kailash Misra Martin J. Strauss 2000 Mathematics Subject Classification. Primary 20-XX, 68-XX. Library of Congress Cataloging-in-Publication Data Computational and combinatorial group theory and cryptography : AMS Special Session on ComputationalAlgebra,Groups,andApplications,April30–May1,2011,UniversityofNevada, LasVegas,Nevada: AMSSpecialSessiononMathematicalAspectsofCryptographyandCyber Security,September10–11,2011,CornellUniversity,Ithaca,NewYork/BenjaminFine,Delaram Kahrobaei,GerhardRosenberger,editors. p.cm. –(Contemporarymathematics;volume582) Includesbibliographicalreferences. ISBN978-0-8218-7563-6(alk.paper) 1. Group theory–Congresses. 2. Cryptography–Congresses. I. Fine, Benjamin (1948–), editorofcompilation. II.Kahrobaei,Delaram(1975–),editorofcompilation. III.Rosenberger, Gerhard, editor of compilation. IV. AMS Special Session on Computational Algebra, Groups, and Applications (2011 : University of Nevada). V. AMS Special Session on Mathematical AspectsofCryptographyandCyberSecurity(2011: CornellUniversity) QA174.C645 2012 512(cid:2).2–dc23 2012023441 Copying and reprinting. Materialinthisbookmaybereproducedbyanymeansfor edu- cationaland scientific purposes without fee or permissionwith the exception ofreproduction by servicesthatcollectfeesfordeliveryofdocumentsandprovidedthatthecustomaryacknowledg- ment of the source is given. This consent does not extend to other kinds of copying for general distribution, for advertising or promotional purposes, or for resale. Requests for permission for commercialuseofmaterialshouldbeaddressedtotheAcquisitionsDepartment,AmericanMath- ematical Society, 201 Charles Street, Providence, Rhode Island 02904-2294, USA. Requests can [email protected]. Excludedfromtheseprovisionsismaterialinarticlesforwhichtheauthorholdscopyright. In suchcases,requestsforpermissiontouseorreprintshouldbeaddresseddirectlytotheauthor(s). (Copyrightownershipisindicatedinthenoticeinthelowerright-handcornerofthefirstpageof eacharticle.) (cid:2)c 2012bytheAmericanMathematicalSociety. Allrightsreserved. TheAmericanMathematicalSocietyretainsallrights exceptthosegrantedtotheUnitedStatesGovernment. Copyrightofindividualarticlesmayreverttothepublicdomain28years afterpublication. ContacttheAMSforcopyrightstatusofindividualarticles. PrintedintheUnitedStatesofAmerica. (cid:2)∞ Thepaperusedinthisbookisacid-freeandfallswithintheguidelines establishedtoensurepermanenceanddurability. VisittheAMShomepageathttp://www.ams.org/ 10987654321 171615141312 Contents Preface vii Weyl Gr¨obner Basis Cryptosystems Rashid Ali and Martin Kreuzer 1 A New Look at Finitely Generated Metabelian Groups Gilbert Baumslag, Roman Mikhailov, and Kent E. Orr 21 IA-Automorphisms of Groups with Almost Constant Upper Central Series Marianna Bonanome, Margaret H. Dean, and Marcos Zyman 39 A Proposed Alternative to the Shamir Secret Sharing Scheme Chi Sing Chum, Benjamin Fine, Gerhard Rosenberger, and Xiaowen Zhang 47 Improving Latin Square Based Secret Sharing Schemes Chi Sing Chum and Xiaowen Zhang 51 A Hand-Computation Involving Surface Groups, the Reidemeister-Schreier Rewriting Process and Kurosh Subgroup Theorem Anthony E. Clement 65 Adjunction of Roots in Exponential A-Groups Margaret H. Dean, Stephen Majewicz, and Marcos Zyman 71 Logspace Computations in Coxeter Groups and Graph Groups Volker Diekert, Jonathan Kausch, and Markus Lohrey 77 Collection by Polynomials in Finite p-groups Bettina Eick 95 All Finite Generalized Tetrahedron Groups II Benjamin Fine, Alexander Hulpke, and Gerhard Rosenberger 105 The Classification of One Relator Limit Groups and the Surface Group Conjecture Benjamin Fine and Gerhard Rosenberger 107 Discrimination and Separation in the Metabelian Variety Anthony M. Gaglione, Seymour Lipschutz, and Dennis Spellman 129 v vi CONTENTS A Secret Sharing Scheme Based on Group Presentations and the Word Problem Maggie Habeeb, Delaram Kahrobaei, and Vladimir Shpilrain 143 Authenticated Key Agreement with Key Re-Use in the Short Authenticated Strings Model Stanislaw Jarecki and Nitesh Saxena 151 Publicly Verifiable Secret Sharing Using Non-Abelian Groups Delaram Kahrobaei and Elizabeth Vidaurre 175 A Note on the Hyperbolicity of Strict Pride Groups Matthias Neumann-Brosig 181 An Algorithm to Express Words as a Product of Conjugates of Relators Ellen Ziliak 187 Preface This volume consists of contributions by participants and speakers at special sessionsattwoAMSConferences. TheseconferencesconcernedComputationaland Combinatorial Group Theory as well as various aspects of Group-Based Cryptog- raphy. One of these sessions was at Cornell University in September of 2011 and the other was the University of Nevada, Las Vegas in May of 2011. Over the past twenty yearsCombinatorial and Infinite GroupTheory hasbeen energized by three developments: the emergence of Geometric and Asymptotic Group Theory, the development of Algebraic Geometry over Groups leading to the solution of the Tarski problems, and the development of Group-Based Cryptogra- phy. These three areas in turn have had an impact on computational algebra and complexity theory. The papers in this volume, both survey and research, exhibit the tremendous vitality that is at the heart of Group Theory in the beginning of the twenty-first century as well as the diversity of interests in the field. We are grateful to the American Mathematical Society for their help in publi- cation of this volume. In particular, we thank Christine Thivierge for her patience and diligence in assembling this volume. Bejamin Fine Delaram Kahrobaei Gerhard Rosenberger vii ContemporaryMathematics Volume582,2012 http://dx.doi.org/10.1090/conm/582/11554 Weyl Gro¨bner Basis Cryptosystems Rashid Ali and Martin Kreuzer Abstract. The main purpose of this paper is to propose ways of construct- ing Gro¨bner basis cryptosystems based on left ideals or two-sided ideals in Weyl algebras. The main advantage of using Weyl algebras over commuta- tivepolynomialringsisthatWeylmultiplicationincreasesthesupportofthe standardformofthepolynomials,slowsdowntheGr¨obnerbasiscomputation, and changes many coefficients in the ciphertext polynomials. Special care is takentoprovideconcretedirectionsforconstructingsecureinstancesofWeyl Gr¨obner basis cryptosystems (WGBC). Their security and possible defences against chosenciphertext attacks, linear algebraattacks and partial Gr¨obner basis attacks are analysed. Based on these guidelines, we construct several actual instances of left and two-sided WGBC of which we believe that they arereasonablysecureandefficient. 1. Introduction In1994,M.FellowsandN.Koblitzintroducedin[7]anewtypeofcryptosystem which became known as Polly Cracker cryptosystem and was based on (commu- tative) polynomials and the difficulty of computing Gro¨bner bases for polynomial ideals. Although these cryptosystems could, in principle, encode NP-hard prob- lems, it turned out to be very difficult to construct hard instances. Many methods of attacking Polly Cracker cryptosystems were proposed and carried out success- fully. To counter these attacks, it was suggested in [22] and [1] to use Gro¨bner basesfornon-commutative algebraicstructures. Inthispaperweconstructspecific instancesofthegeneralGro¨bnerbasiscryptosystemdefinedin[1]. WeuseGro¨bner bases for left and two-sided ideals in Weyl algebras. We analyse the resistance of these cryptosystems to some standard attacks and provide computational evidence that secure instances can be built using left and two-sided Gro¨bner bases in Weyl algebras. Recall that the Weyl algebra A of index n over a field K is the associa- n tive algebra A = K(cid:3)x ,...,x ,∂ ,...,∂ (cid:4) such that [x ,x ] = [∂ ,∂ ] = 0 and n 1 n 1 n i j i j [∂ ,x ] = δ . For a variety of reasons, it appears beneficial to use a finite base i j ij field K. Since Weyl algebras in characteristic p have properties which differ from the well-known case char(K) = 0, we start in Section 2 by recalling them (see 2010MathematicsSubjectClassification. Primary94A60;Secondary14G15,16Z05,68W30. Keywordsandphrases. Algebraiccryptography,Groebnerbasiscryptosystem,Weylalgebra, non-commutativecryptosystem. ThefirstauthorwassupportedbytheHEC-DAADFellowshipProgramme. (cid:3)c2012 American Mathematical Society 1