An improvement of the Diffie-Hellman noncommutative protocol (Q2068386)

\textit{W. Diffie} and \textit{M. E. Hellman} [IEEE Trans. Inf. Theory 22, 644--654 (1976; Zbl 0435.94018)] proposed the first key-exchange protocol which was based on the hardness of the discrete logarithm problem. Subsequently, the commutator key-exchange protocol (AAG) [\textit{I. Anshel} et al., Math. Res. Lett. 6, No. 3--4, 287--291 (1999; Zbl 0944.94012)] and a noncommutative version of the Diffie-Hellman key-exchange protocol (DH-KEP) [\textit{K. H. Ko} et al., Lect. Notes Comput. Sci. 1880, 166--183 (2000; Zbl 0995.94531)] defined on noncommutative algebraic structures were introduced. Both of these protocols are based on the hardness of the conjugacy search problem in Artin's braid groups and are not resistant against attacks using linear algebra methods. In this interesting paper under review, after describing the noncommutative version of the Diffie-Hellman key-exchange protocol by Ko et al. [loc. cit.], the author proposes a new version of DH-KEP, based on a new hard computational problem, which exploits the notion of marginal subsets of a group with respect to a given word and its value. This new concept is introduced in a previous paper of the author [Groups Complex. Cryptol. 11, No. 1, 35--41 (2019; Zbl 1452.94082)] and formally generalizes the well-known notion of marginal subgroup introduced by \textit{P. Hall} [J. Reine Angew. Math. 182, 156--157 (1940; Zbl 0023.29902)]. Moreover, an analogue definition of marginal set is given also for subsets of associative algebras. A very simple algorithm for constructing a marginal set is also presented. Finally, in the last two sections of the paper, the author explains the reason why the attacks based on linear algebra, against which the AAG scheme and the DH-KEP by Ko et al. [loc. cit.] are not resistant, cannot work against the proposed scheme and he discusses two more possibilities for enhancing its security.