After being an open question for sixty years the Tarski conjecture was answered in the affirmative by Olga Kharlampovich and Alexei Myasnikov and independently by Zlil Sela. Both proofs involve long and complicated applications of algebraic geometry over free groups as well as an extension of methods to solve equations in free groups originally developed by Razborov. This book is an examination of the material on the general elementary theory of groups that is necessary to begin to understand the proofs. This material includes a complete exposition of the theory of fully residually free groups or limit groups as well a complete description of the algebraic geometry of free groups. Also included are introductory material on combinatorial and geometric group theory and first-order logic. There is then a short outline of the proof of the Tarski conjectures in the manner of Kharlampovich and Myasnikov.

This book is about relations between three di?erent areas of mathematics and theoreticalcomputer science: combinatorialgroup theory, cryptography, and c- plexity theory. We explorehownon-commutative(in?nite) groups, which arety- callystudiedincombinatorialgrouptheory, canbeusedinpublickeycryptography. We also show that there is a remarkable feedback from cryptography to com- natorial group theory because some of the problems motivated by cryptography appear to be new to group theory, and they open many interesting research - enues within group theory. Then, we employ complexity theory, notably generic case complexity of algorithms, for cryptanalysisof various cryptographicprotocols based on in?nite groups. We also use the ideas and machinery from the theory of generic case complexity to study asymptotically dominant properties of some in?nite groups that have been used in public key cryptography so far. It turns out that for a relevant cryptographic scheme to be secure, it is essential that keys are selected from a "very small" (relative to the whole group, say) subset rather than from the whole group. Detecting these subsets ("black holes") for a part- ular cryptographic scheme is usually a very challenging problem, but it holds the keyto creatingsecurecryptographicprimitives basedonin?nite non-commutative groups. The book isbased onlecture notesfor the Advanced Courseon Group-Based CryptographyheldattheCRM, BarcelonainMay2007. Itisagreatpleasureforus to thank Manuel Castellet, the HonoraryDirector of the CRM, for supporting the idea of this Advanced Course. We are also grateful to the current CRM Director, JoaquimBruna, and to the friendly CRM sta?, especially Mrs. N. PortetandMrs. N. Hern andez, for their help in running the Advanced Course and in preparing the lecture notes."