\(\renewcommand{\P}{\mathcal{P}} \newcommand{\B}{\mathcal{B}} \newcommand{\C}{\mathcal{C}} \newcommand{\E}{\mathcal{E}} \newcommand{\R}{\mathcal{R}} \newcommand{\Z}{\mathcal{Z}} \newcommand{\lt}{ < } \newcommand{\gt}{ > } \newcommand{\amp}{ & } \)

Section3Cryptography

In the early 2000s a number of public key cryptosystems based on combinatorial group theory problems, including those concerning braid groups, were proposed. Part of this push to diversify the tools for encryption was that as quantum computers come closer to reality many current systems will be able to be broken in subexponential time.

As such, in combination with a desire to prevent wide scale security failure should the current cryptosystem(s) be broken, there is an increasing need for a wider range of more secure cryptosystems. In essence, we should not be placing all of our encryption keys in one basket.

The cryptosystem seeming to be the most written upon using braid groups was introduced by Ko et. al. [11] in 2000. The problem used as the base of the cryptosystem was base on a Diffie-Hellman like problem: for \(a \in \B_n, x \in G_1, y \in G_1\) where \(G_1, G_2 \subset \B_n\) commute with each other, given \((a, x^{-1} a x, y^{-1} a y)\), find \(y^{-1} x^{-1} a x y\).

After an algorithm was proposed to solve this problem in a reasonable time frame with relative accuracy a revised problem was released which can be roughly stated as: given \((a, x_1 a x_2)\) find \(z_1, z_2\) such that \(z_1 a z_2 = x_1 a x_2\) where \(a \in \B_n\) and \(x_1, x_2, z_1, z_2 \in G \subset \B_n\).

Lee and Park's paper [12] proposes two improvements to the algorithm solving the original problem, one of which is more efficient with the same success rate, while the other has a higher success rate at a lower efficiency. While the details of solving the BPKE problem proposed by Ko et. al. is outside the scope of this paper we will give an outline.

The general approach to solving group theoretic problems in braid groups, as it pertains to cryptosystems, is to transform the given braid representation into an equivalent representation in which the problem is easier to solve and then lifting the result back to the initial representation. There are a number of ways to do this, one way which was addressed in Lee and Park's paper was to utilize a braid representation called the “Burau Representation” which utilize matrices