Length-based conjugacy search in the Braid group

Several key agreement protocols are based on the following "Generalized Conjugacy Search Problem": Find, given elements b_1,...,b_n and xb_1x^{-1},...,xb_nx^{-1} in a nonabelian group G, the conjugator x. In the case of subgroups of the braid group B_N, Hughes and Tannenbaum suggested a length-based approach to finding x. Since the introduction of this approach, its effectiveness and successfulness were debated. We introduce several effective realizations of this approach. In particular, a new length function is defined on B_N which possesses significantly better properties than the natural length associated to the Garside normal form. We give experimental results concerning the success probability of this approach, which suggest that very large computational power is required for this method to successfully solve the Generalized Conjugacy Search Problem when its parameters are as in existing protocols.