Cryptoanalysis of a key exchange protocol based on a congruence-simple semiring action
Otero Sanchez Alvaro, Lopez Ramos Juan Antonio
TL;DR
This work investigates the security of a Diffie-Hellman–type key exchange built from a congruence-simple semiring action. By exploiting a bounded-degree assumption on private polynomials, the authors derive a universal attack: for additively idempotent congruence-simple semirings, they construct a polynomial $F[X,Y,Z]$ from a set $W$ that yields the shared key via $F[M_1,M_2,B]$, with complexity $O(m^2 n^3)$. When the semiring is isomorphic to a matrix ring over a finite field, the problem reduces to linear algebra over $\mathbb{F}_q$ using Cayley–Hamilton to recover the key. The remaining cases are shown to be degenerate or reducible to the same attacks, implying that the proposed protocol is insecure across all congruence-simple semirings. These results underscore that congruence-simplicity alone does not guarantee hardness of the Semigroup Action Problem and have implications for the viability of related post-quantum key exchange constructions.
Abstract
We show that a previously introduced key exchange based on a congruence-simple semiring action is not secure by providing an attack that reveals the shared key from the distributed public information for any of such semirings