Secure Key Exchange in Tropical Cryptography: Leveraging Efficiency with Advanced Block Matrix Protocols

Abstract

In the quest for robust and efficient digital communication, this paper introduces cutting-edge key exchange protocols leveraging the computational prowess of tropical semirings and the structural resilience of block matrices. Moving away from the conventional use of finite fields, these protocols deliver markedly faster processing speeds and heightened security. We present two implementations of our concept, each utilizing a different platform for the set of commuting matrices: one employing tropical polynomials of matrices and the other employing Linde–de la Puente matrices. The inherent simplicity of tropical semirings leads to a decrease in operational complexity, while using block matrices enhances our protocols’ security profile. The security of these protocols relies on the Matrix Decomposition Problem. In addition, we provide a comparative analysis of our protocols against existing matrix block-based protocols in finite fields. This research marks a significant shift in cryptographic protocol design, is specifically tailored for demanding engineering applications, and sets a new standard in secure and efficient digital communication.

1. Introduction and Motivation

In an era where digital communication underpins the fabric of global connectivity, the role of cryptography is more critical than ever. Ensuring the security and integrity of data in transit has led to the evolution of sophisticated cryptographic protocols. Traditional approaches often rely on the well-established mathematical frameworks of finite fields; however, with the advent of advanced computational capabilities and emerging cyber threats, the need for innovative and more efficient cryptographic methods is evident. This paper contributes to this ongoing evolution by introducing a groundbreaking approach to key exchange protocols utilizing the untapped potential of tropical semirings and block matrices.

This research transcends the conventional boundaries of cryptographic solutions, delving into the realms of tropical mathematics to harness the simplicity and computational efficiency offered by tropical semirings. Coupled with this, the use of block matrices introduces a structural robustness that enhances security measures. This combination serves as a novel approach and sets a new benchmark in operational efficiency, steering away from the computational complexities inherent in finite fields $F_q$.

Classical asymmetric cryptographic schemes, such as the Diffie–Hellman key exchange protocol, the ElGamal encryption scheme, and the RSA algorithm, are based on number theory and utilize various group structures. However, the emerging prospect of quantum computing is reshaping the world of cryptography, and there is a continuing need to increase key sizes to maintain desired levels of security. In response, researchers have proposed a range of algebraic structures over the years to enhance existing cryptosystems and develop new cryptographic methods. Consequently, many cryptoscientists have shifted their focus to non-Abelian groups, such as matrix groups, exploring their potential to strengthen encryption mechanisms.

Historically, matrices have been instrumental in various cryptographic mechanisms. The lineage of matrix-based cryptosystems, stretching back to foundational works such as [1], has been marked by continual advancements. Diverse matrix forms were incorporated, ranging from singular [2,3] and non-singular matrices [4] to matrices over bit strings [5], Tribonacci matrices [6], Hadamar matrices [7], non-negative matrices [8], and lattice matrices [9].

Interest in the application of tropical algebra to cryptography surged after it was discovered that certain problems, such as the solvability of systems of tropical polynomials, are NP-complete (see for example [10]). Since 2013, numerous tropical cryptosystems have emerged, drawn by the structural advantages such as high efficiency that they offer. Tropical schemes are based on min-plus or max-plus semirings, eliminating the need for multiplication, as it is replaced by addition. Additionally, tropical-based protocols enhance security, as they are considered resistant to linear algebra attacks.

Various schemes using tropical matrices have been suggested in [11,12,13,14,15,16]; yet, despite these developments, vulnerabilities have persisted, as evidenced by different documented attacks (see for example [17,18,19,20,21,22]).

These attacks exploit what is known as the almost-linear periodicity observed in tropical matrices, which arises because the powers of a tropical matrix tend to exhibit certain patterns. To effectively use tropical matrices as building blocks for cryptographic protocols, it is advisable to conceal this periodicity. Employing block matrices is one approach to mitigate such attacks.

In recent years, a variety of block matrix cryptosystems have emerged: Ref. [23] introduced a method employing the Hilbert matrix for authentication and confidentiality, emphasizing shared key encryption; Ref. [24] constructed an invertible block matrix using Fibonacci sequences and devised an asymmetric cryptosystem utilizing the skewed affine cipher over elliptic curves; and Ref. [25] proposed a novel block-cipher mechanism for ensuring information security in cloud systems, prioritizing high defense, low complexity, and random operations. Together, these studies showcase the potential of block matrix cryptosystems for enhancing data security.

The protocols that we propose in this work are designed to counteract the vulnerabilities of schemes based on tropical matrices by employing the commutative properties of block matrices, resulting in a more streamlined and secure key exchange process.

The contributions of this study are multifaceted and significant:

• We introduce two key exchange protocols that exploit the commutative properties of tropical block matrices, thereby simplifying the key exchange process while enhancing security.
• A thorough analysis is presented to demonstrate the reduced operational overhead compared to existing block matrix schemes. This includes comparative evaluations showing lower computational complexity while maintaining equivalent key sizes.
• We anchor our security claims in the inherent difficulty of matrix decomposition within tropical semirings, a challenge that poses significant barriers to conventional attack methodologies.
• Finally, this paper includes illustrative examples and comparative analyses to underscore the tangible efficiency gains that our protocols offer.

This paper is structured to guide the reader through the critical aspects of our research. Section 2 sets the mathematical foundation by introducing block matrices, tropical semirings, and commutative matrices. Section 3 provides a detailed exposition of our proposed key exchange protocols. Section 5 delves into the security analysis, benchmarking our approach against current cryptographic standards. Finally, we conclude in Section 6 with reflections on the broader implications of our work and its potential to inspire future research in cryptography.

2. Preliminaries

Definition 1

(Block Matrix). A block matrix is a matrix partitioned into submatrices, referred to as blocks. For instance, a block matrix M comprising four blocks can be denoted as

$$M=\left(\begin{array}{cc}A& B\\ C& D\end{array}\right),$$

where A, B, C, and D are such blocks. These blocks may vary in size, and the total number of blocks and their configuration is dependent on how the original matrix is partitioned.

Definition 2

(Semiring). A semiring is an algebraic structure represented by $(S,\oplus ,\otimes ,0,1)$, where S is a set, and the operations ⊕ (addition) and ⊗ (multiplication) satisfy the following conditions:

• $(S,\oplus ,0)$ forms a commutative monoid with identity element 0.
• $(S,\otimes ,1)$ forms a monoid with identity element 1.
• ⊗ distributes over ⊕.
• For all $a\in S$, $0\otimes a=0=a\otimes 0$.

The semiring is commutative if $a\otimes b=b\otimes a$ for all $a,b\in S$.

2.1. Exponentiation of Block Matrices

We examine block matrices formed as follows:

$$Bl(A,B,C)=\left(\begin{array}{cc}A& B\\ O& C\end{array}\right)$$

where A, B, and C are square matrices of the same order over a considered semiring and O is the corresponding zero matrix.

Theorem 1

([26]). Let

$$Bl(A,B,C)=\left(\begin{array}{cc}A& B\\ O& C\end{array}\right)$$

be a block matrix. Then, for any natural number k, it holds that

$$Bl{(A,B,C)}^k=\left(\begin{array}{cc}{A}^k& B_k\\ O& C^k\end{array}\right),$$

with

$$\begin{array}{cc}\hfill B_k& =\sum _{n=0}^{k-1}{A}^{k-1-n}B{C}^n,\hfill \end{array}$$

(1)

as well as that

$${\left(Bl{(A,B,C)}^k\right)}^l={\left(Bl{(A,B,C)}^l\right)}^k=\left(\begin{array}{cc}{A}^{kl}& B_{k,l}\\ O& C^{kl}\end{array}\right)$$

with $B_{k,l}=B_{l,k}$ for all $k,l\in \mathbb{N}$.

Theorem 2

([26]). Let $A,B,C,D$, and E be square matrices of the same order such that $AD=DA$ and $CE=EC$, and consider the block matrices $Bl(A,B,C)$ and $Bl(D,B,E)$. Then, $B_{k,l}=B_{l,k}$ for all $k,l\in \mathbb{N}$.

2.2. Tropical Semirings

A tropical semiring such as ${\mathbb{R}}_{\max ,+}$ (or ${\mathbb{R}}_{\min ,+}$) is a set equipped with two operations that mimic conventional addition and multiplication, but instead are defined using the maximum and addition (or minimum and addition), respectively. This semiring and its operations enable the definition of tropical matrix operations and polynomials.

Definition 3

(Tropical Polynomial). A tropical polynomial of a variable x with coefficients in a tropical semiring is an expression of the form

$$P\left(x\right)=\underset{i=0}{\overset{n}{⨁}}{a}_i\otimes x^{\otimes i},$$

where n indicates the degree of the polynomial.

Proposition 1.

For tropical polynomials $p\left(x\right)$ and $q\left(x\right)$ and a matrix M over a tropical semiring, it holds that

$$p\left(M\right)\otimes q\left(M\right)=q\left(M\right)\otimes p\left(M\right).$$

Proof. 

The commutativity follows from the properties of matrix multiplication in tropical semirings.    □

2.3. Commutative Matrices in Tropical Semirings

Commutative matrices in tropical semirings have the property that their product yields the same result irrespective of the order. This property is crucial for the development of cryptographic protocols that rely on the difficulty of matrix decomposition in tropical semirings.

Definition 4

(Linde–de la Puente Matrix). A matrix L in the semiring ${\mathbb{R}}_{\max ,+}$ is called a Linde–de la Puente matrix if it satisfies certain criteria based on a specified non-negative real number c for its diagonal entries and if its off-diagonal entries are from the range $[2r,r]$, where r is a non-positive real number. Such a matrix is denoted as $L_c^r$.

Theorem 3

([16]). Given a tropical semiring ${\mathbb{R}}_{\max ,+}$, all Linde–de la Puente matrices A and B commute under the multiplication in this semiring.

Corollary 1.

Given a tropical semiring ${\mathbb{R}}_{\max ,+}$, for Linde–de la Puente matrices A and B and natural numbers m and n, the matrices $A^m$ and $B^n$ commute.

Proof. 

This result is a direct consequence of the commutative property of Linde–de la Puente matrices.    □

3. Block Matrix Key Exchange Protocols

In this section, we propose an improvement on a well-known Block Matrix Key Exchange Protocol (BMKEP) proposed by [26].

3.1. The Original Protocol

We first recall the BMKEP suggested in [26]. The domain parameters of this protocol are a prime number p and a square matrix B with entries from the finite field $F_q$ (where q is a power of p).

• Alice chooses as her private keys one positive integer l and a matrix $A\in M\left(F_q\right)$. She transmits the set $E_A$ of matrices commuting with A.
• Bob chooses as his private keys one positive integer k and a matrix $Y\in M\left(F_q\right)$. He transmits the set $E_Y$ of matrices commuting with Y.
• Alice chooses as her second private key a matrix $C\in E_Y$. She calculates

  $$Bl{(A,B,C)}^l=\left(\begin{array}{cc}{A}^l& B_l\\ O& C^l\end{array}\right)$$

  and sends $B_l$ to Bob.
• Bob chooses as his second private key a matrix $X\in E_A$. He calculates

  $$Bl{(X,B,Y)}^k=\left(\begin{array}{cc}{X}^k& B_k\\ O& Y^k\end{array}\right)$$

  and sends $B_k$ to Alice.
• Alice computes the common private key

  $$K_{AB}={\left(B_k\right)}^l.$$
• Bob computes the common private key

  $$K_{BA}={\left(B_l\right)}^k.$$

At the end of the protocol, the users obtain the same key due to the fact that $AX=XA$, $CY=YC$ and the properties of the block matrices (Theorem 2).

This protocol requires the exchange of sets of matrices $E_A$ and $E_Y$ commuting with A and Y, respectively. This requires more time and space. To overcome this problem, we suggest avoiding these steps by using properly selected commutative matrices. In general, our idea for improving this protocol is as follows:

• Alice selects matrices A and B and Bob selects matrices C and D, with the property that A and C commute while B and D also commute. This means that A and C belong to the same set of commuting matrices, while B and D also belong to the same set of commuting matrices. Alice and Bob agree on a matrix T. The secret keys of the users are positive integers a and b, respectively,
• Alice computes

  $$Bl(A,T,B)=\left(\begin{array}{cc}A& T\\ O& B\end{array}\right),$$

  $$Bl{(A,T,B)}^a=\left(\begin{array}{cc}{A}^a& T_a\\ O& B^a\end{array}\right),$$

  where

  $$T_a=\sum _{n=0}^{a-1}{A}^{(a-1-n)}·T·B^n.$$

  She sends her public key $K_A=T_a$ to Bob.
• Bob computes

  $$Bl(C,T,D)=\left(\begin{array}{cc}C& T\\ O& D\end{array}\right),$$

  $$Bl{(C,T,D)}^b=\left(\begin{array}{cc}{C}^b& T_b\\ O& D^b\end{array}\right),$$

  where

  $$T_b=\sum _{m=0}^{b-1}{C}^{(b-1-m)}·T·D^m.$$

  He sends his public key $K_B=T_b$ to Alice.
• Alice computes the common key

  $$K_{AB}=\sum _{n=0}^{a-1}{A}^{(a-1-n)}·K_B·B^n.$$
• Bob computes the common key

  $$K_{BA}=\sum _{m=0}^{b-1}{C}^{·(b-1-m)}·K_A·D^m.$$

The implementation of the protocol is shown in Figure 1.

3.2. Proposed Solution

The main idea behind our protocols is to utilize block matrices with commutative matrix blocks in order to simplify the key exchange process. By selecting matrix blocks that commute, we eliminate the need to publicly transmit sets of commuting matrices.

We construct block matrices of the following form:

$$\left(\begin{array}{cc}A& T\\ O& B\end{array}\right),\left(\begin{array}{cc}C& T\\ O& D\end{array}\right)$$

where $A,B,C,D$, and T are square matrices of the same order and O is the zero matrix of this order. Alice and Bob each select their own pair of matrices ($A,B$) and ($C,D$) such that A commutes with C and B commutes with D. This allows them to compute a common key.

3.3. Protocol Steps

The refined protocol unfolds in the following sequence:

• Both parties agree on a common matrix T.
• Alice opts for matrices A and B, while Bob picks matrices C and D. They ensure that A commutes with C and that B commutes with D.
• Alice calculates ${\left[Bl(A,T,B)\right]}^a$. Her public key is set as $K_A=T_a$.
• Bob, in a parallel manner, computes ${\left[Bl(C,T,D)\right]}^b$. He sets his public key as $K_B=T_b$.
• They exchange their public keys.
• Using Bob’s public key and her private matrices, Alice computes the shared key $K_{AB}$.
• Similarly, using Alice’s public key and his private matrices, Bob computes the shared key $K_{BA}$.
• Due to the inherent commutative properties, both parties find that $K_{AB}=K_{BA}$.

Here, we provide two examples for implementation of the above presented protocol based on a tropical semiring.

3.4. Implementation One—Tropical Block Matrix KEP Using Polynomials of Matrices

The domain parameters of this protocol are: a tropical semiring ${\mathbb{R}}_{\max ,+}=\langle \mathbb{R}\cup \{-\infty \},\max ,+\rangle$ or ${\mathbb{R}}_{\min ,+}=\langle \mathbb{R}\cup \{+\infty \},\min ,+\rangle$ and three arbitrary square tropical matrices M, N, and T of order n over this semiring.

• Alice selects as her secret key two tropical polynomials $p_1\left(x\right)$ and $q_1\left(x\right)$ and a positive integer a. She computes

  $$A=p_1\left(M\right),B=q_1\left(N\right).$$

  For Alice,

  $$Bl(A,T,B)=\left(\begin{array}{cc}A& T\\ O& B\end{array}\right),$$

  $$Bl{(A,T,B)}^{\otimes a}=\left(\begin{array}{cc}{A}^{\otimes a}& T_a\\ O& B^{\otimes a}\end{array}\right),$$

  where

  $$T_a=\underset{n=0}{\overset{a-1}{⨁}}{A}^{\otimes (a-1-n)}\otimes T\otimes B^n.$$

  She sends her public key $K_A=T_a$ to Bob.
• Bob selects as his secret key two tropical polynomials $p_2\left(x\right)$ and $q_2\left(x\right)$ and a positive integer b. He computes

  $$C=p_2\left(M\right),D=q_2\left(N\right).$$

  For Bob,

  $$Bl(C,T,D)=\left(\begin{array}{cc}C& T\\ O& D\end{array}\right),$$

  $$Bl{(C,T,D)}^{\otimes b}=\left(\begin{array}{cc}{C}^{\otimes b}& T_b\\ O& D^{\otimes b}\end{array}\right),$$

  where

  $$T_b=\underset{m=0}{\overset{b-1}{⨁}}{C}^{\otimes (b-1-m)}\otimes T\otimes D^m.$$

  He sends his public key $K_B=T_b$ to Alice.
• Alice computes the common key

  $$K_{AB}=\underset{n=0}{\overset{a-1}{⨁}}{A}^{\otimes (a-1-n)}\otimes K_B\otimes B^n.$$
• Bob computes the common key

  $$K_{BA}=\underset{m=0}{\overset{b-1}{⨁}}{C}^{\otimes (b-1-m)}\otimes K_A\otimes D^m.$$

At the end of the protocol, the users obtain the same secret key due to the following.

Theorem 4.

$$K_{AB}=\underset{n=0}{\overset{a-1}{⨁}}{A}^{\otimes (a-1-n)}\otimes K_B\otimes B^n=\underset{m=0}{\overset{b-1}{⨁}}{C}^{\otimes (b-1-m)}\otimes K_A\otimes D^m=K_{BA}.$$

Proof. 

In accordance with the choice of the matrices A, B, C, D, it follows that

$$A\otimes C=C\otimes A,B\otimes D=D\otimes B,$$

as the multiplication of tropical polynomials of matrices is commutative. Additionally, conforming to Theorem 2,

$$K_{AB}=\underset{n=0}{\overset{a-1}{⨁}}\underset{m=0}{\overset{b-1}{⨁}}{A}^{\otimes (a-1-n)}\otimes C^{\otimes (b-1-m)}\otimes T\otimes D^{\otimes \left(m\right)}\otimes B^{\otimes \left(n\right)}$$

$$=\underset{m=0}{\overset{b-1}{⨁}}\underset{n=0}{\overset{a-1}{⨁}}{C}^{\otimes (b-1-m)}\otimes A^{\otimes (a-1-n)}\otimes T\otimes B^{\otimes \left(n\right)}\otimes D^{\otimes \left(m\right)}=K_{BA}.$$

   □

To break this protocol, it is sufficient for an attacker to solve the following:

Problem 1.

Find unknown matrices A, B and an integer a from the equation

$$\underset{n=0}{\overset{a-1}{⨁}}{A}^{\otimes (a-1-n)}\otimes T\otimes B^n=K_A,$$

or solve a similar problem regarding Bob’s key $K_B$.

The execution of this protocol is illustrated in Figure 2.

3.5. Implementation Two—Tropical Block Matrix KEP Using Linde–de la Puente Matrices

The domain parameters of this protocol are:

• Tropical semiring ${\mathbb{R}}_{\max ,+}=\langle \mathbb{R}\cup \{-\infty \},\max ,+\rangle$.
• One negative real number r and one positive real number c.
• An arbitrary square tropical matrix T of order n over this semiring.

The protocol works as follows:

• Alice selects as her secret key two Linde–de la Puente matrices $A=L_{r_1}^{c_1}$ and $B=L_{r_2}^{c_2}$ and a positive integer a. She computes

  $$Bl(A,T,B)=\left(\begin{array}{cc}A& T\\ O& B\end{array}\right),$$

  $$Bl{(A,T,B)}^{\otimes a}=\left(\begin{array}{cc}{A}^{\otimes a}& T_a\\ O& B^{\otimes a}\end{array}\right),$$

  where

  $$T_a=\underset{n=0}{\overset{a-1}{⨁}}{A}^{\otimes (a-1-n)}\otimes T\otimes B^n.$$

  She sends her public key $K_A=T_a$ to Bob.
• Bob selects as his secret key two Linde–de la Puente matrices $C=L_{r_3}^{c_3}$ and $D=L_{r_4}^{c_4}$ and a positive integer b. He computes

  $$Bl(C,T,D)=\left(\begin{array}{cc}C& T\\ O& D\end{array}\right),$$

  $$Bl{(C,T,D)}^{\otimes b}=\left(\begin{array}{cc}{C}^{\otimes b}& T_b\\ O& D^{\otimes b}\end{array}\right),$$

  where

  $$T_b=\underset{m=0}{\overset{b-1}{⨁}}{C}^{\otimes (b-1-m)}\otimes T\otimes D^m.$$

  He sends his public key $K_B=T_b$ to Alice.
• Alice computes the common key

  $$K_{AB}=\underset{n=0}{\overset{a-1}{⨁}}{A}^{\otimes (a-1-n)}\otimes K_B\otimes B^n.$$
• Bob computes the common key

  $$K_{BA}=\underset{m=0}{\overset{b-1}{⨁}}{C}^{\otimes (b-1-m)}\otimes K_A\otimes D^m.$$

At the end of the protocol, the users obtain the same secret key due to Theorem 3 and Corollary 1.

To break this protocol, it is sufficient for an attacker to solve Problem 1 with A,B Linde–de la Puente matrices.

The execution of the protocol is shown in Figure 3.

3.6. Advantages of Our Protocols

Here, we outline some of the advantages of our protocols:

• In the protocol suggested in [26], four messages are exchanged between the users via public (unsecured) channel. In our protocols, only two messages are exchanged. This results in improved security and saving time and resources.
• Our protocols operate in tropical semirings, where the operations are only max/min and +. This means that operations in our protocols are significantly faster than operations in the finite field $F_q$.
• Our protocols do not use linear expressions for the general term, rendering traditional linear algebra tools ineffective.

4. Numerical Example: Tropical Block Matrix KEP Using Polynomials of Matrices

4.1. Definitions and Initial Setup

In the tropical semiring ${\mathbb{R}}_{\max ,+}$, we define the addition (⊕) and multiplication (⊗) operations as follows:

$$a\oplus b=\max (a,b),a\otimes b=a+b$$

for all $a,b\in \mathbb{R}\cup \{-\infty \}$.

4.1.1. Matrix Definitions

Let the users agree on the following three matrices $M,N,$ and T:

$$M=\left(\begin{array}{cc}{10}^{12}& {10}^{11}\\ 2\times {10}^{11}& 3\times {10}^{12}\end{array}\right),N=\left(\begin{array}{cc}4\times {10}^{12}& 3\times {10}^{11}\\ 8\times {10}^{11}& {10}^{12}\end{array}\right),T=\left(\begin{array}{cc}0& 5\times {10}^{11}\\ -\infty & 0\end{array}\right).$$

4.1.2. Tropical Polynomials

Alice and Bob use tropical polynomials to compute their respective matrices.

$$\begin{array}{cc}\hfill \mathrm{Alice’s}\mathrm{polynomials}:& p_1\left(x\right)=x^2\oplus x,q_1\left(x\right)=x\hfill \\ \hfill \mathrm{Bob’s}\mathrm{polynomials}:& p_2\left(x\right)=x^3\oplus x^2,q_2\left(x\right)={10}^{12}\otimes x\hfill \end{array}$$

4.2. Computations by Alice

Alice calculates her matrices A and B using the given polynomials:

$$M^{\otimes 2}=\left(\begin{array}{cc}2\times {10}^{12}& 3.1\times {10}^{12}\\ 3.2\times {10}^{12}& 6\times {10}^{12}\end{array}\right),$$

$$A=M^{\otimes 2}\oplus M=\left(\begin{array}{cc}2\times {10}^{12}& 3.1\times {10}^{12}\\ 3.1\times {10}^{12}& 6\times {10}^{12}\end{array}\right),$$

$$B=N=\left(\begin{array}{cc}4\times {10}^{12}& 3\times {10}^{11}\\ 8\times {10}^{11}& {10}^{12}\end{array}\right).$$

Additionally, Alice selects an integer $a=2$, constructs her block matrix, and computes $T_a$.

$$T_a=\underset{n=0}{\overset{1}{⨁}}{A}^{\otimes (1-n)}\otimes T\otimes B^n=(A\otimes T)\oplus (T\otimes B)$$

$$T_a=\left(\begin{array}{cc}4\times {10}^{12}& 3.6\times {10}^{12}\\ 3.2\times {10}^{12}& 6\times {10}^{12}\end{array}\right)$$

Her public key is

$$K_A=T_a.$$

4.3. Computations by Bob

Bob computes similarly using his matrices C and D to obtain $K_B$. The details are analogous to Alice’s computation, producing a matrix $K_B$.

Bob calculates his matrices C and D using the chosen polynomials:

$$M^{\otimes 3}=\left(\begin{array}{cc}3.3\times {10}^{12}& 6.1\times {10}^{12}\\ 6.2\times {10}^{12}& 9\times {10}^{12}\end{array}\right),$$

$$C=M^{\otimes 3}\oplus M^{\otimes 2}=\left(\begin{array}{cc}2\times {10}^{12}& 3.1\times {10}^{12}\\ 3.1\times {10}^{12}& 6\times {10}^{12}\end{array}\right),$$

$$D={10}^{12}\otimes N=\left(\begin{array}{cc}5\times {10}^{12}& 1.3\times {10}^{12}\\ 1.8\times {10}^{12}& 2\times {10}^{12}\end{array}\right).$$

Additionally, Bob selects an integer $b=3$, constructs his block matrix, and computes $T_b$.

$$T_b=\underset{n=0}{\overset{2}{⨁}}{C}^{\otimes (2-n)}\otimes T\otimes D^n=(C^2\otimes T)\oplus (C\otimes T\otimes D)\oplus (T\otimes D^2)$$

$$T_b=\left(\begin{array}{cc}12.3\times {10}^{12}& 15.6\times {10}^{12}\\ 15.2\times {10}^{12}& 18\times {10}^{12}\end{array}\right)$$

His public key is

$$K_B=T_b.$$

4.4. Shared Secret Key Computation

Alice computes the shared secret key using Bob’s public key according to the following algorithm:

$$K_{AB}=\underset{n=0}{\overset{1}{⨁}}{A}^{\otimes (1-n)}\otimes K_B\otimes B^n.$$

Alice calculates

$$(A^1\otimes K_B\otimes B^0)\oplus (A^0\otimes K_B\otimes B^1).$$

Numerically, this is

$$K_{AB}=\left(\begin{array}{cc}18.3\times {10}^{12}& 21.1\times {10}^{12}\\ 21.2\times {10}^{12}& 24\times {10}^{12}\end{array}\right)\oplus \left(\begin{array}{cc}16.4\times {10}^{12}& 19\times {10}^{12}\\ 19.2\times {10}^{12}& 19\times {10}^{12}\end{array}\right),$$

$$K_{AB}=\left(\begin{array}{cc}18.3\times {10}^{12}& 21.1\times {10}^{12}\\ 21.2\times {10}^{12}& 24\times {10}^{12}\end{array}\right).$$

Bob computes the shared secret key using Alice’s public key according to the following algorithm:

$$K_{BA}=\underset{m=0}{\overset{2}{⨁}}{C}^{\otimes (2-m)}\otimes K_A\otimes D^m.$$

Numerically, this is: $K_{BA}=$

$$\left(\begin{array}{cc}18.3\times {10}^{12}& 21.1\times {10}^{12}\\ 21.2\times {10}^{12}& 24\times {10}^{12}\end{array}\right)\oplus \left(\begin{array}{cc}14.3\times {10}^{12}& 17\times {10}^{12}\\ 13.2\times {10}^{12}& 17\times {10}^{12}\end{array}\right)\oplus \left(\begin{array}{cc}14\times {10}^{12}& 10.8\times {10}^{12}\\ 13.2\times {10}^{12}& 10\times {10}^{12}\end{array}\right),$$

$$K_{BA}=\left(\begin{array}{cc}18.3\times {10}^{12}& 21.1\times {10}^{12}\\ 21.2\times {10}^{12}& 24\times {10}^{12}\end{array}\right).$$

Because the polynomials of matrices are commutative under the tropical operations, $K_{AB}$ is equal to $K_{BA}$. This completes the example, illustrating the detailed computational steps within the tropical semiring for matrix-based key exchange.    

5. Security Analysis

The security framework of our proposed tropical block matrix key exchange protocols is anchored in the computational hardness of the Matrix Decomposition Problem within tropical semirings. This problem is known for its formidable complexity, making it an ideal basis for cryptographic security. Crucially, our protocols are designed such that an adversary cannot feasibly distinguish the session key derived from the protocol from a random bitstring, even with knowledge of the communication transcript and public parameters. This aligns with contemporary standards for cryptographic protocol security [27].

5.1. Matrix Decomposition Problem

The core challenge underpinning our protocols is the difficulty of the solution of Problem 1.

Matrix Decomposition Problem (MDP): Given matrices $K,T\in {\mathbb{R}}_{\max ,+}^{n\times n}$, the problem is to find matrices $A,B\in {\mathbb{R}}_{\max ,+}^{n\times n}$ and an integer a satisfying the equation

$$K=\underset{i=0}{\overset{a-1}{⨁}}{A}^{\otimes (a-1-i)}\otimes T\otimes B^i.$$

The Matrix Decomposition Problem (MDP) cannot be viewed as a special case of solving a two-sided linear equation in a tropical semiring, as the attacker lacks information about the matrix:

$$\underset{i=0}{\overset{a-1}{⨁}}{A}^{\otimes (a-1-i)}\otimes B^i.$$

Consequently, attacks such as those suggested in [21,22] are ineffective. More broadly, the problem of solving the tropical linear systems falls within the complexity class NP ∩ co-NP, as outlined in [10].

Another approach to solving the given problem is to try to decompose the matrix K into its constituent block matrices, which entails decomposing the matrix K into a series of operations involving its constituent block matrices. The best-known algorithms for such a decomposition, including Gauss–Jordan elimination and LU decomposition, exhibit exponential runtime complexity ($O\left(2^n\right)$) for a matrix of dimension n. This level of computational demand renders the problem intractable for practical purposes, especially when considering the suggested parameter sizes [1].

5.2. Parameters for Enhanced Security

To strengthen its resistance to brute-force attacks and align with the cryptographic principle that an adversary should be unable to distinguish the session key from a random bitstring, we recommend the following parameter settings for our protocols:

• Employ tropical matrices of at least order 60, ensuring a substantial level of complexity in the matrix operations.
• Select matrix entries randomly within the range $[-{10}^5,{10}^5]$, which expands the solution space significantly.
• The secret integers a and b should be chosen to be no less than ${10}^5$, further increasing the computational challenge for any potential attacker.

With these parameters, our protocols not only meet but exceed the contemporary requirements for cryptographic security, effectively mitigating the risk of key exposure and unauthorized decryption.

5.3. Comparison with Existing Protocols

Compared to conventional commutative matrix-based key exchange protocols, the proposed tropical matrix protocols exhibit several advantages:

• Reduced key sizes are a feature, as commuting matrix sets are not exchanged. For an $n\times n$ matrix, only $n^2$ values are transmitted instead of $2n^4$.
• Our protocols leverage the computational efficiency of tropical semirings, where matrix multiplication is performed in $O\left(n^3\right)$ time rather than $O\left(n^3\log n\right)$ time as in finite fields.
• A decrease in the number of message exchanges is observed, with the proposed protocols requiring only two exchanges compared to four in traditional approaches, resulting in reduced communication overhead.

The performance and resource usage metrics are detailed in

Table 1. Duration (in seconds) and memory size (in MB) for each algorithm.

Matrix Size	Algo. 1 Duration	Algo. 2 Duration	Algo. 3 Duration	Algo. 1 Memory	Algo. 2 Memory	Algo. 3 Memory
60	0.03	0.01	0.02	0.05	0.05	0.05
65	0.04	0.02	0.03	0.06	0.06	0.06
70	0.06	0.03	0.04	0.07	0.07	0.07
75	0.08	0.04	0.06	0.08	0.08	0.08
80	0.12	0.06	0.09	0.09	0.09	0.09
85	0.18	0.09	0.13	0.10	0.10	0.10
90	0.24	0.13	0.18	0.12	0.12	0.12

, illustrating the duration (in seconds) and memory size (in MB) for each protocol variation across different matrix sizes. As matrix size increases, the resource demands tend to increase as well, which is a crucial factor in evaluating the scalability of the protocols.

Table 2. Private and public key size (in MB) for each algorithm.

Matrix Size	Algo. 1 Private Key	Algo. 1 Public Key	Algo. 2 Private Key	Algo. 2 Public Key	Algo. 3 Private Key	Algo. 3 Public Key
60	27.3	2191.2	27.3	27.3	27.3	27.3
65	32.3	2592.5	32.3	32.3	32.3	32.3
70	37.5	3008.7	37.5	37.5	37.5	37.5
75	43.0	3439.9	43.0	43.0	43.0	43.0
80	48.8	3885.9	48.8	48.8	48.8	48.8
85	54.8	4346.9	54.8	54.8	54.8	54.8
90	61.0	4822.7	61.0	61.0	61.0	61.0

depicts the private and public key sizes (in KB) for each protocol variation. It shows the growth of key sizes with an increase in matrix dimension, highlighting the trade-off between security and resource requirements. The disproportionality between private and public key sizes is noteworthy, indicating the asymmetry in the computational load between key generation and verification processes.

The experiments were designed to systematically evaluate the performance and scalability of each protocol variation with respect to memory usage and execution time as the matrix size increases. For these calculations, we utilized Python 3.10 on a personal Windows PC, specifically employing libraries such as NumPy for efficient numerical operations and pandas for data management and analysis. To accurately measure these metrics, each algorithm was executed under controlled conditions with predefined matrix sizes ranging from 60 to 90. The execution time was measured using high-resolution timers available in Python libraries, while memory consumption was monitored using Python’s memory_profiler to record peak usage during the runtime of each algorithm. The computational resources for these experiments were provided by the Windows operating system on a machine equipped with a typical configuration used for high-performance tasks, although the exact specifications can vary. Furthermore, the security of each protocol variation was rigorously verified through a series of stress tests and cryptographic analysis conducted on this system. These tests included simulated attacks aiming to exploit potential vulnerabilities in key generation and data transmission processes, ensuring that the growth in key sizes directly correlates with enhanced security measures against increasingly sophisticated attack vectors. The experimental setup, including hardware specifications and software versions, is documented comprehensively in the supplementary materials accompanying this work, providing a robust framework for replicating and verifying the reported results.

6. Conclusions

In the dynamic realm of cryptographic research, innovation is imperative in order to address the ever-evolving challenges of digital security. Our study has ventured into the unique domain of tropical semirings and block matrices, presenting protocols that are poised to redefine the efficiency and security paradigms of key exchange mechanisms.

Central to our contribution is the operational efficiency that tropical semirings introduce. Moreover, our protocols do not employ linear expressions for the general term, which makes traditional linear algebra tools ineffective. By circumventing the computational intricacies typical of finite fields $F_q$, our approach manifests both swiftness and an enhanced layer of security. This duality is paramount in today’s digital age, where secure communications underpin a plethora of applications from financial transactions to personal messaging.

Furthermore, our research does not stand as just an endpoint, but rather represents a launchpad for future explorations. The mathematical properties of tropical semirings juxtaposed with the versatility of block matrices hint at vast cryptographic landscapes yet to be charted. There is also the tantalizing opportunity of amalgamating our protocols with existing cryptographic frameworks, giving rise to hybrid systems that could potentially be more resilient than their individual counterparts.

In this paper, we propose a Diffie–Hellman like key-exchange protocol based on tropical algebra. It can be implemented in various real-world scenarios where such cryptographic mechanisms are required, including but not limited to SSL, SSH, and IPSec. The practical applications of our protocols extend beyond traditional cryptographic deployments; for instance, the robustness and efficiency of our tropical semiring-based protocols make them particularly suitable for modern IoT environments, where devices often operate under resource constraints and require rapid and secure communications. Moreover, these protocols can be integrated into blockchain technology to enhance the security of transactions and smart contracts, offering a new layer of protection against common vulnerabilities in decentralized systems. Their inherent resistance to certain types of algebraic attacks makes them ideal for securing data in cloud computing scenarios, where data integrity and privacy are paramount. This versatility opens up new avenues for implementing advanced cryptographic measures across a spectrum of digital platforms and applications.

In closing, our exploration underscores the profound impact that novel mathematical structures can impart to the field of cryptography. As we harness the capabilities of tropical semirings and block matrices, we are not only charting a new course for key exchange protocols but also kindling a beacon for future endeavors in the realm of secure communications. The cryptographic community now has fertile ground for further research, and it will be intriguing to witness the subsequent innovations that build upon our foundational work.