Exponentiation-based key generation using noncommutative groups

Diffie and Hellman (1976) proposed to use exponentiation module a prime for constructing the key generation system. A security of this system is based on the supposed hardness of the following problem (A): given η^x and η^y compute η^xy. Sidelnikov, Cherepniov, and Yaschenko (1993) considered a system based on the noncommutative group G. We assume that G is a certain subgroup of the group GL_n(F_p) of n×n matrices over the finite field F_p. We consider the representation of the group GL_n(F_p) with the aid of exponentiation in a subsidiary cyclic group U of order p and investigate of the security of the resulting key generation systems. The group of F_q-rational point on elliptic curve and the subgroup U=⟨η⟩ of the multiplicative group of the subsidiary finite field F_q, where p|q-1, η∈F_q, η^p =1, η≠1, are the examples of the group U. We consider the group 𝒰 of affine transformations of the field F_p which is isomorphic to a certain subgroup of GL₂(F_p). In this case the security of the key generation system under certain conjecture (which simplifies the task of adversary) is based on the hardness of the following problem (B): given η^x,η^y,β^z compute η^xyz/. It seems impossible reduce this problem to several Diffie-Hellman problems (A). The system being considered uses a universal key, which does not exist in the Diffie-Hellman system and is presumably a new element for key generation systems. The knowledge of k is supposed to be a necessary condition to compute the private key