A Public Key Crypto System On Real and Complex Numbers Sami Harari - - PowerPoint PPT Presentation

A Public Key Crypto System On Real and Complex Numbers

Sami Harari

ISITV, Universit´ e du Sud Toulon Var BP 56, 83162 La Valette du Var cedex

May 8, 2011

Sami Harari A Public Key Crypto System On Real and Complex

Motivation

Certain rational interval maps can be used to define a cryptographically difficult problem based on entropy. This is exploited to define a fast and efficient block cipher with a public key, i.e. a Public Key Cryptosystem. The strength of the system will be studied. Parameters requirements will be

• derived. Implementation details will be presented.

Sami Harari A Public Key Crypto System On Real and Complex

Structure of the Presentation

1 The concept of One Way Function for Real Numbers. 2 Trap Door 3 The Interval Maps. 4 The New crypto-system. 5 Complex Field Case Sami Harari A Public Key Crypto System On Real and Complex

One way Functions

The concept of ”one way function” (OWF) was introduced in the seventies, linking mathematical considerations of a mapping and its converse with two different computational complexities. The two most studied OWF are : The discrete exponential and the discrete logarithm function on a finite prime field The RSA problem linking a specific couple of exponentiations

• n a certain finite ring linked to the factorisation problem of

factoring two integers.

Sami Harari A Public Key Crypto System On Real and Complex

One way Functions 2

These OWF are linked to a computationally hard problem. This means that, in each instance, finding a solution requires testing all ( or nearly all) the elements of a set to see if it is a solution to the problem. The set is of very large cardinality, without any possible strategy of converging to a solution and thus reducing the computational effort.

Sami Harari A Public Key Crypto System On Real and Complex

Entropy Based One Way Functions

We introduce another kind of computationally hard problem which relies on another paradigm: The Entropy Based Pre-image Search Problem. It is applied using iterated interval maps. Suppose there is a function f(), real valued defined on the unit interval, computable in polynomial time, such that for any y of the unit interval the set Ay of preimages of y is a set of (arbitarily) large cardinality, with computation parameters that are tractable. Such a mapping is called an entropy based OWF.

Sami Harari A Public Key Crypto System On Real and Complex

Computing the value f(x) is done in polynomial time. Finding a pre-image of a given element is done in polynomial time by the well known algorithms. However, with adequate parameters, finding all the pre-images is not possible with available memory resources, in a fixed reasonable interval of time.

Sami Harari A Public Key Crypto System On Real and Complex

Quadratic Curve

Sami Harari A Public Key Crypto System On Real and Complex

Cubic Curve

Sami Harari A Public Key Crypto System On Real and Complex

The Polynomial Interval Maps

The new scheme requires interval maps with, for each element, a large set of pre-images. The scheme starts with polynomial interval maps: f(x) = α.x2 mod 1 g(x) = β.x3 mod 1 The coefficients must satisfy α > 2 and β > 2. The variable x belongs to the unit interval I = [0, 1]

Sami Harari A Public Key Crypto System On Real and Complex

Properties of f()

The mapping f() has the functional property f(λ.x) = λ2 · f(x) mod 1 for all real valued λ < 1. The mappings f() is surjective (onto).

Sami Harari A Public Key Crypto System On Real and Complex

Properties of g()

The mapping g() has the functional property g(λ.x) = λ3 · g(x) mod 1 for all real valued λ < 1. The mappings g() is surjective (onto). This property will serve as a trap door in the PKC.

Sami Harari A Public Key Crypto System On Real and Complex

Existence and Computational Problems Associated to Interval Maps

To these mappings two algorithmic problems can be deduced. These will be used in a cryptographic context with adequate parameters.

Sami Harari A Public Key Crypto System On Real and Complex

Computational Problem for Iterated Polynomial Maps CPPM

Given a set of values consisting in the evaluation of two points

• n the unit interval with the two mapping f(), g() defined in

the preceding section, Given (f(a), g(a), f(b), g(b)) compute the values (f(a.b), g(a.b)). The solution of the problem is the following. The set of pre-images of an element a in the unit interval for f(), Ef(a) = {x ∈ [0, 1] s.t. f(x) = a} is a set with α points lying in the unit interval. Computation of individual elements is possible in polynomial

• time. The same can be said for the set

Eg(a) = {x ∈ [0, 1]s.t. g(x) = a} for the mapping g(). In this setting the search for the element a is equivalent to computing the intersection of Eg(a) and Ef(a).

Sami Harari A Public Key Crypto System On Real and Complex

Computational Problem for Polynomial Maps CPPM

If another pre-image of f(a) say a′ is used instead of a the inequality g(a′.b) = g(a.b) will be true and the problem will not be solved. The same can be said with b′ another pre-image of b for the mapping g().

Sami Harari A Public Key Crypto System On Real and Complex

The Decisional Problem for Polynomial maps DPPM

The decision problem associated to the iterated interval maps can be defined as follows for a couple of iterated interval maps f() and g(). Given a set of values for three points of the unit interval a, b, c. (f(a), g(a), f(b), g(b), f(c), g(c)) Decide if c = a.b. The decisional problem is solved if an instance of the existence problem are solved. Therefore solving the decision problem is at least as hard as the computational problem.

Sami Harari A Public Key Crypto System On Real and Complex

Encoding Data on the Unit Interval

Suppose that the words of plaintext are n -bit sequences which must be coded. Pre-compute the sequence ai = 2−i+1 i = 0, . . . , n − 1 With the help of the sequence ai, a block of n bits x0, . . . , xn−1 is encoded into the floating point number: y =

n−1

• xi · ai

This coding method is efficient if the ai are pre-computed, since the computation of y involves only sums.

Sami Harari A Public Key Crypto System On Real and Complex

Decoding Numbers into Bit Sequences

To obtain the bit sequence x0, . . . , xn−1 associated to a floating point number y, one uses a knapsack linear decoding algorithm which runs as follows: Input y, output x0, . . . , xn−1 for( i=0,i<n;i++) { if y > ai { xi=1 y=y-ai } else xi=0; } The floating points used to represent the binary data must be coded on at least n bits. However the precision must be 2 · n bits in order that computational noise does not interfere with significant data.

Sami Harari A Public Key Crypto System On Real and Complex

Computing a Random pre -image for f()

The analytical expression for the modular mapping f() can be quite hard to obtain if α is large. However with the non modular version the algorithm becomes quite simple. Suppose you want to compute a pre-image of y for y = α.x2. Choose a random integer r such that 0 < t = y + r < α Compute x =

• (t/α)

the result x is a random pre-image of y Remark One must note that the random integer r can be chosen to be really random since it must never be recomputed.

Sami Harari A Public Key Crypto System On Real and Complex

The associated PKC

With the usual convention we will suppose that Alice wants to encipher a message to Bob in such a way that only Bob can decipher it. The Secret Key Belonging to Bob The secret key and characteristic quantity of the destination of the message is a real number s in the unit interval. They can be associated is associated to 2 different n bit sequences as shown earlier. The real number s is specific to one user and can be used to encipher many plaintext messages. The images f(s) and g(s) must be computed and kept secret. The block size n must be specified by Bob. The usual values are 128,256,512,1024.

Sami Harari A Public Key Crypto System On Real and Complex

The Public Key of Bob

The public key of Bob is made of the following data.

1 The block length n, as well as α and β. 2 (f(s), g(s)) which are the images by the mapping f() ang

g() of the secret key s.

3 The function f(x) = α · x2 and g(x) = β.x3. Sami Harari A Public Key Crypto System On Real and Complex

How Alice computes a cryptogram(Enciphering)

Let M the plaintext (sequence of bits) and rm the real number associated to a block of n bits, less than 1 associated to the message to be enciphered, by the method described. Alice begins by choosing by computing a (random) pre-image x

• f rm for the mapping f().

She then computes g(x.s) using the trap door property of g(). She also computes g(x).

Sami Harari A Public Key Crypto System On Real and Complex

Encrypting 2

The cryptogram of rm is a couple of real numbers:

1 The real number

c1 = x.g(x).g(x.s) .

2 The real number

c2 = g(x.s)

Sami Harari A Public Key Crypto System On Real and Complex

(Deciphering)

Let c1, c2 be the cryptogram of rm, message enciphered for Bob, who has the secret quantity r. The deciphering of cryptogram by Bob has two steps

1 He computes d = g(x) with the trap dooor and 1/s 2 He computes t = c1/(d.c2). The real number t is equal to x. 3 He computes the iterated image of the result using f().

rm = f(t) = f(x) He then extracts the binary plaintext sequence xi from rm with a knapsack algorithm.

Sami Harari A Public Key Crypto System On Real and Complex

Soundness of the System

Any user knowing the public key can encipher a message to

• Bob. Only Bob can perform the first step of the deciphering

algorithm since it involves using the secret key. The second step can which relies on the first one cannot be done.

Sami Harari A Public Key Crypto System On Real and Complex

The Zero Knowledge Property of the PKC

The presented PKC can be made zero knowledge if enough redundancy is introduced. The algorithm becomes Zero knowledge when the entropy of x is as large as the entropy of

• m. This depends on te size of α. If

α > 2n The the number of possible pre-images of rm and hence of cryptograms, is at least as large as the number of possible plaintext. Thus the ZK property is obtained

Sami Harari A Public Key Crypto System On Real and Complex

The Complex Case Setting 1

Let xm, ym be two real numbers less than 1, associated to M a 2.n bit sequence. Let ρm =

• x2

m + y2 m

be the modulus and θm = argcos(x/ρm) be the argument. Le D be the complex disc, centered at 0 with radius √ 2.

Sami Harari A Public Key Crypto System On Real and Complex

The Complex Case Setting 2

Let α and β be two complex numbers with large modulus. Let f(z) = α.z2 Let g(z) = β.z3

Sami Harari A Public Key Crypto System On Real and Complex

The Complex Case Setting 3

Let z = (ρz, θz) and z′ = (ρz′, θz′) be two complex numbers in the disc D. The modular product z.z′ is defined as follows: ρzz′ = ρz.ρz′ mod √ 2 and θzz′ = θz + θz′ mod 2.π

Sami Harari A Public Key Crypto System On Real and Complex

The Complex Case PKC

With the above conventions, the PKC definition is transposed to the complex case.

• The length of the key is 2.n bits for a block length of 2.n bits.
• The number of pre-images for the function f() and g() is

evaluated in the same way for the modulii of the complex numbers involved.

• The cryptogram is made of 2 complex numbers.
• The security analysis is transposable.

Sami Harari A Public Key Crypto System On Real and Complex

The Secret Key Belonging to Bob

The secret key and characteristic quantity of the destination of the message is a couple of real number xs, ys in the unit interval. They can be associated is associated to 2 n bit sequences as shown earlier. The complex numbers zs is specific to one user and can be used to encipher many plaintext messages. The images f(s) and g(s) must be computed. The block size n must be specified by Bob. The usual values are 128,256,512,1024.

Sami Harari A Public Key Crypto System On Real and Complex

The Public Key of Bob

The public key of Bob is made of the following data.

1 The block length n, as well as α and β complex numbers

with large modulii.

2 (f(s), g(s)) which are the images by the mapping f() ang

g() of the secret key s.

3 The function f(x) = α · x2 and g(x) = β.x3. Sami Harari A Public Key Crypto System On Real and Complex

How Alice computes a cryptogram(Enciphering)

Let M the plaintext (sequence of bits) and zm = (xm, ym) the complex number associated to a block of 2.n bits, less than 1 associated to the message to be enciphered, by the method descrided. Alice begins by choosing by computing a (random) pre-image x

• f zm for the mapping f(). She then computes g(x.s) using the

trap door property of g(). She also computes g(x).

Sami Harari A Public Key Crypto System On Real and Complex

Encrypting 2

The cryptogram of zm is a couple of complex numbers:

1 The complex number

c1 = x.g(x).g(x.s) .

2 The complex number

c2 = g(x.s)

Sami Harari A Public Key Crypto System On Real and Complex

(Deciphering)

Let c1, c2 be the cryptogram of zm, message enciphered for Bob, who has the secret quantities r. The deciphering of cryptogram by Bob has two steps

1 He computes d = g(x) with the trap dooor and s−1 2 He computes t = c1/(d.c2). The complex number t is equal

to x.

3 He computes the iterated image of the result using f().

zm = f(t) = f(x) He then extracts the binary plaintext sequence xi yi from ρm, θm with a knapsack algorithm applied to the real and complex part.

Sami Harari A Public Key Crypto System On Real and Complex