As we all know, Shor's quantum algorithm can solve integer factorization problem and DLP [2,31].
However, because Shor' s quantum algorithm can solve integer factorization problem and DLP, many existing PKEwET schemes will be in danger in the quantum computing era.
Teja, "A non-Abelian factorization problem and an associated cryptosystem[J]," IACR Cryptology ePrint Archive, 2011.
In Section 2, we at first recall the definition of nonabelian factorization problem and related extensions, then define some new cryptographic problems (referred to as conjugacy systems), and finally present analysis on the hardness of these problems; in Section 3, we present new constructions on encryption, signature, and signcryption based on the newly introduced conjugacy systems; in Section 4, we discuss the possible implementation platforms and related performance; finally, concluded remarks are given in Section 5.
In this section, we will at first review the so-called nonabelian factorization problem that was firstly formulated in  and then introduce some new cryptographic problems by coupling related problems with conjugate operations.
Nonabelian Factorization Problem and New Cryptographic Problems
In , the platform is the braid group [B.sub.n] and the underlying intractability assumption is the conjugator searching problem (CSP), while in this paper, the platform could be any nonabelian group and the underlying intractability assumption is the subgroup conjugator searching problem (SCSP) that is based on the intractability assumption of the nonabelian factorization problem. In general, we think the SCSP problem is at least as hard as the CSP problem (see Remark 10).
The booming of quantum algorithm casts distrust on many public key cryptosystems based on integer factorization problem, discrete logarithm, and other assumed intractable problems over certain abelian groups.
By the hardness of integer factorization problem given N, it is difficult to its factors p, q and in turn [phi](N).
The security of the system is based on the solvability of multivariate linear congruence equations which is very complex, discrete logarithm problem and integer factorization problem. This cryptosystem also provides authentication by the key agreement and data integrity by assigning the first element of the m -point integer sequence as the hash value of the message.