Cryptanalysis of an MOR cryptosystem based on a finite associative algebra

The Shor algorithm is effective for public-key cryptosystems based on an abelian group. At CRYP- TO 2001, Paeng （2001） presented a MOR cryptosystem using a non-abelian group, which can be considered as a candidate scheme for post-quantum attack. This paper analyses the security of a MOR cryptosystem based on a finite associative algebra using a quantum algorithm. Specifically, let L be a finite associative algebra over a finite field F. Consider a homomorphism Ф ： Aut（L） → Aut（H） × Aut（I）, where I is an ideal of L and H ≌ L/I. We compute dim Im（Ф） and dim Ker（Ф）, and combine them by dim Aut（L） = dim Ira（C） ＋ dim Ker（Ф）. We prove that Im（Ф） = Stabcomp（H,l）（μ ＋ B2（H, I）） and Ker（Ф） ≌ ZI（H, I）. Thus, we can obtain dimlm（Ф）, since the algorithm for the stabilizer is a standard algorithm among abelian hidden subgroup algorithms. In addition, Z1 （H, I） is equivalent to the solution space of the linear equation group over the Galois fields GF（p）, and it is possible to obtain dim Ker（Ф） by the enumeration theorem. Furthermore, we can obtain the dimension of the automorphism group Aut（L）. When the map φ ∈ Aut（L）, it is possible to effectively compute the cyclic group （φ） and recover the private key a. Therefore, the MOR scheme is insecure when based on a finite associative algebra in quantum computation.