ebook img

Quasigroup based crypto-algorithms PDF

0.27 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Quasigroup based crypto-algorithms

Quasigroup based crypto-algorithms Victor Shcherbacov January 17, 2012 Abstract 2 1 Modifications of Markovski quasigroup based crypto-algorithm have been proposed. Some of 0 these modifications are based on the systems of orthogonal n-ary groupoids. T-quasigroups 2 based stream ciphers have been constructed. n a 2000 Mathematics Subject Classification: 94A60, 20N05, 20N15 J 4 Key words and phrases: n-ary groupoid, n-ary quasigroup, T-quasigroup, cipher, crypto- 1 graphical primitive, system of orthogonal n-ary groupoids ] R G Contents . h t 1 Introduction 2 a m 1.1 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 [ 1.2 Basic definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1 1.3 Quasigroup based cryptosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 v 1.4 Modifications and generalizations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 6 1 1.5 A modification of Algorithm 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 0 1.6 n-ary analogs of binary algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 3 . 1 2 Ciphers based on orthogonal n-ary groupoids 8 0 2 2.1 Some definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1 2.2 Construction of orthogonal n-ary groupoids . . . . . . . . . . . . . . . . . . . . . . . 9 : v 2.3 Ciphers on base of orthogonal systems of n-ary operation . . . . . . . . . . . . . . . . 10 i X 3 Combined algorithms 10 r a 3.1 Modifications of Algorithm 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.2 Stream cipher on base of orthogonal system of binary parastrophic quasigroups . . . . 12 3.3 T-quasigroup based stream code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 3.4 Some generalization of functions of Algorithm 8 . . . . . . . . . . . . . . . . . . . . . 15 3.5 On quasigroup based cryptcode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 3.6 A comparison of the ”power” of proposed algorithms . . . . . . . . . . . . . . . . . . 19 1 1 Introduction 1.1 Preliminaries This paper is an extended variant and a prolongation of the paper [19]. Information on quasigroups andn-aryquasigroups it is possible to findin [10, 13, 14, 52], onciphers in[43, 35]. Someapplications of quasigroups in cryptology are described in [20, 21, 49, 30, 56]. Two main elementary methods of ciphering the information are known. (i). Symbols in a plaintext (or in its piece (its bit)) are permuted by some law. One of the first known ciphers of such kind is cipher ”Scital” (Sparta, 2500 years ago). (ii). All symbols in a fixed alphabet are changed by a law on other letters of this alphabet. One of the first ciphers of such kind was Cezar’s cipher (x → x+3 for any letter of Latin alphabet, for example a → d,b → e and so on). In many contemporary ciphers (DES, old Russian GOST, Blowfish [44, 23]) the methods (i) and (ii)areusedwithsomemodifications. Therefore, permutationsandsubstitutionsaremainelementary cryptographical procedures. What does the use of quasigroups in cryptography give us? It gives the same permutations and substitutions but easy generated, requiring not very big volume of a device memory, acting ”locally” on only one block of a plain-text. ”Stream ciphers areanimportant class of encryption algorithms. They encrypt individual charac- ters (usually binary digits) of a plaintext message one at a time, using an encryption transformation which varies with time. By contrast, block ciphers tend to simultaneously encrypt groups of characters of a plaintext message using a fixed encryption transformation. Stream ciphers are generally faster than block ciphers in hardware, and have less complex hardware circuitry. They are also more appropriate, and in some cases mandatory (e.g., in some telecommunications applications), when buffering islimited or when characters must beindividually processed asthey are received. Becausetheyhavelimitedornoerrorpropagation,streamciphersmayalsobeadvantageous in situations where transmission errors are highly probable” [43]. Stream-ciphers based on quasigroups and their parastrophes were discovered in the end of the XX-th century [37, 38, 41]. Often by enciphering a block (a letter) Bi of a plaintext the previous ciphered block Ci−1 is used. Notice that Horst Feistel was one of the first who proposed such method of encryption (Feistel net) [28]. It is clear that by the construction of a stream cipher it is impossible to use method (i) (see above). But it is possible to use method (ii) and Feistel schema. Of course these methods cannot be unique. 1.2 Basic definitions We give some definitions. A sequence x ,x ,...,x , where m,n are natural numbers and m ≤ n, m m+1 n will be denoted by xn. If m > n, then xn will be considered empty. The sequence x,...,x (k times) m m will be denoted by xk. The expression 1,n designates the set {1,2,...,n} of natural numbers [13]. A non-empty set Q together with an n-ary operation A : Qn → Q, n ≥ 2 is called n-groupoid and it is denoted by (Q,A). It is convenient to define n-ary quasigroup in the following manner. 2 Definition 1. An n-ary groupoid (Q,A) with n-ary operation A such that in the equality A(x , 1 x ,...,x ) = x the knowledge of any n elements from the elements x ,x ,..., x ,x uniquely 2 n n+1 1 2 n n+1 specifies the remaining one is called n-ary quasigroup [13]. From Definition 1 follows [10, 52, 53] that any quasigroup (Q,A) defines else ((n + 1)! − 1) n-quasigroups, so-called parastrophes of quasigroup (Q,A). In binary case any quasigroup (Q,A) defines else five quasigroups namely (Q,(13)A), (Q,(23)A), (Q,(12)A), (Q,(123)A), (Q,(132)A). See [10, 52, 55] for details. We give classical equational definition of binary quasigroup [26]. Definition 2. A binary groupoid (Q,A) is called a binary quasigroup if on the set Q there exist operations (13)A and (23)A such that in the algebra (Q,A,(13)A,(23)A) the following identities are fulfilled: A((13)A(x,y),y) = x, (1) (13)A(A(x,y),y) = x, (2) A(x,(23)A(x,y)) = y, (3) (23)A(x,A(x,y)) = y. (4) By tradition the operation A is denoted by ·, (23)A by \ and (13)A by /. It is possible to give equational definition of n-ary quasigroup as a generalization of Definition 2. We follow [13, 50]. Definition 3. An n-ary groupoid (Q,A) is called an n-ary quasigroup if on the set Q there exist operations (1,n+1)A, (2,n+1)A, ..., (n,n+1)A such that in the algebra (Q,A,(1,n+1)A,..., (n,n+1)A) the following identities are fulfilled for all i ∈ 1,n: A(xi−1,(i,n+1)A(xn),xn ) = x , (5) 1 1 i+1 i (i,n+1)A(xi−1,A(xn),xn ) = x . (6) 1 1 i+1 i In [29] it is proved that any n-ary quasigroup of order k ≥ 7 is a special kind composition of binary quasigroups isotopic to a fixed quasigroup.1 Definition 4. Let (G,·) be a groupoid and let a be a fixed element in G. Translation maps L (left) a and R (right) are defined by the following equalities L x = a · x, R x = x · a for all x ∈ G. For a a a quasigroups it is possible to define a third kind of translation, namely, middle translations. If P is a a middle translation of a quasigroup (Q,·), then x·P x = a for all x ∈ Q [12]. a It is well known that in a quasigroup (Q,·) any left and right translation is a bijective map of the set Q [10, 52]. 1.3 Quasigroup based cryptosystem We give based on binary quasigroup encoding algorithm. We use [53]. A quasigroup (Q,·) and its (23)-parastrophe (Q,\) satisfy the following identities x·(x\y) = y, x\(x·y) = y. These are identities (3) and (4), respectively. The authors [37, 38] propose to use this quasigroup property to construct the following stream cipher. 1The author thanks Prof. F.M. Sokhatsky that informed his about this result of M.M. Glukhov. 3 Algorithm 1. Let Q be a non-empty finite alphabet, k be a natural number, u ,v ∈ Q, i ∈ {1,...,k}. i i Define a quasigroup (Q,A). It is clear that the quasigroup (Q,(23)A) is defined in a unique way. Take a fixed element l (l ∈ Q), which is called a leader. Let u u ...u be a k-tuple of letters from Q. 1 2 k It is proposed the following ciphering procedure v = A(l,u ), 1 1 vi = A(vi−1,ui), i = 2,...,k. Therefore we obtain the following cipher-text v v ...v . 1 2 k The decipheringalgorithmis constructed inthe followingway: u1 = (23)A(l,v1), ui = (23)A(vi−1,vi), i = 2,...,k. (4) Indeed (23)A(vi−1,vi) = (23)A(vi−1,A(vi−1,ui)) = ui. Notice, the equality A = (23)A is fulfilled if and only if A(x,A(x,y)) = y for all x,y ∈ Q. 1.4 Modifications and generalizations The improvements and researches of Algorithm 1 were carried out intensively. Some information on this process is given in [53]. We thank our colleagues A. Krapez, V. Bakeva, V. Dimitrova and A. Popovska-Mitrovikj for the following new information. Remark 1. In article [5], the authors find the distribution of k-tuples of letters after n applications of quasigroup transformation (k > n) (i.e. Algorithm 1) and give an algorithm for statistical attack in order to discover the original message. Also, they give some conclusions on how to protect the original messages. In work [34], Krapez defines parastrophic quasigroup transformation. In [6], the authors propose a modification of this transformation and give a new classification of quasigroups of order 4. Finally, in [17] the authors presented this transformation and gave relationship between the new classification and the symmetries of quasigroups. Notice, parastrophic transformations from [34, 22] are promising for further applications and researches. In Algorithm 1 it is possible to use also a quasigroup (Q,A) and its (13) -, (123)- , (132)- parastrophe since quasigroup (Q,A) and these parastrophes fulfill the following identities, namely, identities (2), (7), and (8), respectively [55, 34, 22]. (123)A(A(x,y),x) = y (7) (132)A(y,A(x,y)) = x (8) More details in this direction are in [34]. In [38], the authors claimed that this cipher is resistant to the brute force attack (exhaustive search) and to the statistical attack (in many languages some letters meet more frequently, than other letters)2. Later similar results were presented in [49]. In dissertation of Milan Vojvoda [62] has been proved that this cipher is not resistant to chosen ciphertext attack and chosen plaintext attack. It is claimed that this cipher is not resistant to special kind of statistical attack (Slovak language) [62]. 2The author thanks his colleagues A. Krapez, V. Bakeva, V. Dimitrova and A. Popovska-Mitrovikj for this infor- mation (private letter). 4 There exist a few other ways to generalize Algorithm 1. The most obvious way is to increase arity of a quasigroup, i.e. instead of binary to apply n-ary (n ≥ 3) quasigroups. This way was proposed in [53, 54] and was realized in [51, 50]. See below Algorithm 4. Notice Prof. A. Petrescu writes that he found this n-ary generalization independently. In [19], the authors proved that cipher based on Algorithm 4 is not resistant to chosen ciphertext attack and chosen plaintext attack. Some modifications in order to make Algorithm 1 more resistant against known attacks can be found in [34, 22]. One of these attempts, taking into consideration Vojvoda results [62], was proposed in [56]. Namely instead of a binary quasigroup and its parastrophe it was proposed to use a system of n n-ary orthogonal operations (groupoids). Alsoitwasproposedtousethesetwocrypto-primitives togetherinonecryptographicalprocedure. 1.5 A modification of Algorithm 1 Sometimes only the use of other record of a mathematical fact leads to a generalization. We re-write Algorithm 1 using concept of translation in the following way: Algorithm 2. Let Q be a non-empty finite alphabet. Define a quasigroup (Q,·). It is clear that the (23) quasigroup (Q, · ) is defined in a unique way. Take a fixed element l (l ∈ Q), which is called a leader. Let u u ...u be a k-tuple of letters from Q. 1 2 k It is proposed the following ciphering procedure v = l ·u = L u , 1 1 l 1 v = v ·u = L u . 2 1 2 v1 2 vi = vi−1 ·ui = Lvi−1ui, i = 3,...,k. Therefore we obtain the following cipher-text v v ...v . 1 2 k The deciphering algorithm is constructed in the following way. We have the following cipher-text: v v ...v . Recall L(2·3) = (L·)−1 for any a ∈ Q [53]. Below we shall denote translation L(2·3) as L∗, 1 2 k a a a a · translation L as L for any a ∈ Q. Then a a (23) ∗ ∗ u = l · v = L (v ) = L (L u ) = 1 1 l 1 l l 1 L−1(L u ) = u ; l l 1 1 (9) (23) ∗ ∗ ui = vi−1 · vi = Lvi−1 (vi) = Lvi−1 Lvi−1ui = L−1 L u = u vi−1 vi−1 i i (cid:0) (cid:1) (cid:0) (cid:1) for all i ∈ 2,k. From this form of Algorithm 1 we can obtain easily the following generalization. Instead of translations L , x ∈ Q, we propose to use in the enciphering part of this algorithm powers of these x translations, i.e., to use permutations of the form Lk, k ∈ Z, instead of permutations of the form L . x x The proposed modification forces us to use permutations of the form Lk, k ∈ Z, also in the x decryption procedure. Algorithm 3. Let Q be a non-empty finite alphabet. Define a quasigroup (Q,·). It is clear that the (23) quasigroup (Q, · ) is defined in a unique way. Take a fixed element l (l ∈ Q), which is called a leader. 5 Let u u ...u be a k-tuple of letters from Q. 1 2 k It is proposed the following ciphering procedure v = Lau ,a ∈ Z, 1 l 1 v = Lb u ,b ∈ Z, (10) 2 v1 2 v = Lc u ,i ∈ 3,k,c ∈ Z. i vi−1 i Therefore we obtain the following cipher-text v v ...v . The deciphering algorithm is constructed in 1 2 k the following way. We use notations of Algorithm 2. Recall (L∗)a = L−a for all x ∈ Q. Then x x (L∗)a(v ) = (L∗)a(Lau ) = u , l 1 l l 1 1 (L∗ )b(v ) = (L∗ )b Lb u = u , (11) v1 2 v1 v1 2 2 (L∗ )c(v ) = (L∗ )c(Lc u ) = u ,i ∈ 3,k. vi−1 i vi−(cid:0)1 vi−(cid:1)1 i i Notice, the elements a,b,c in equalities (10) should be vary from step to step in order to protect this Algorithm against chosen plain-text and chosen cipher-text attack. It is clear that the right and middle [53] translations are also possible to use in Algorithm 3 instead of the left translations. See below. 1.6 n-ary analogs of binary algorithms We give n-ary analog of Algorithm 1 [51, 19]. Algorithm 4. Let Q be a non-empty finite alphabet, k be a natural number, u ,v ∈ Q, i ∈ {1,...,k}. i i Define an n-ary quasigroup (Q,f). It is clear that any quasigroup (Q,(i,n+1)f) for any fixed value i is defined in a unique way. Below for simplicity we put i = n. (n−1)(n−1) Take fixed elements l (l ∈ Q), which are called leaders. 1 i Let u u ...u be a k-tuple of letters from Q. 1 2 k It is proposed the following ciphering (encryption) procedure v = f(ln−1,u ), 1 1 1 v = f(l2n−2,u ), 2 n 2 ..., (n−1)(n−1) vn−1 = f(ln2−3n+3 ,un−1), (12) v = f(vn−1,u ), n 1 n v = f(vn,u ), n+1 2 n+1 v = f(vn+1,u ), n+2 3 n+2 ... Therefore we obtain the following cipher-text v1v2...,vn−1,vn,vn+1,.... 6 The deciphering algorithm also is constructed similarly with binary case: u = (n,n+1)f(ln−1,v ), 1 1 1 u = (n,n+1)f(l2n−2,v ), 2 n 2 ..., un−1 = (n,n+1)f(ln(n2−−13)n(+n−31),vn−1) (13) u = (n,n+1)f(vn−1,v ), n 1 n u = (n,n+1)f(vn,v ), n+1 2 n+1 u = (n,n+1)f(vn+1,v ), n+2 3 n+2 ... Indeed, for example, (n,n+1)f(vn−1,v ) = (n,n+1)f(vn−1,f(vn−1,u )) (=6) u . 1 n 1 1 n n Remark 2. It is easy to see that in encryption procedure (equalities (12)) and, therefore, in de- cryption procedure (equalities (13)) it is possible to use more than one fixed n-quasigroup operation f. Below we shall denote this encryption algorithm as G(u), because on any step it is enciphered only one element of a plaintext. Probably it makes sense to use in Algorithm 4 irreducible 3-ary or 4-ary finite quasigroup [13, 18, 1, 2]. We give an example of 3-ary irreducible quasigroup (Q,A) of order 4 [13, p. 115]. Example 1. A 0 1 2 3 A 0 1 2 3 A 0 1 2 3 A 0 1 2 3 0 1 2 3 0 0 1 2 3 0 1 0 3 2 0 2 3 0 1 0 3 2 1 0 1 1 2 3 0 1 0 1 2 3 1 3 0 1 2 1 2 3 0 1 2 2 3 0 1 2 3 2 1 0 2 0 1 2 3 2 1 0 3 2 3 3 0 1 2 3 2 3 0 1 3 1 2 3 0 3 0 1 2 3 Notice A(0,1,2) = A (1,2) = 3, A(2,3,2) = A (3,2) = 3. Moreover A(0,1,x) = A(2,3,x) for any 0 2 x ∈ Q. Then translations T(0,1,−) and T(2,3,−) are equal, pairs of leaders (0,1) and (2,3) are equal from cryptographical point of view. Recall there exist two groups of order 4, namely cyclic group Z and Klein group Z ×Z . Any 4 2 2 binary quasigroup of order 4 is a group isotope [3, 4]. Lemma 1. Quasigroup from Example 1 is not an isotope of a 3-ary group (Q,f) with the form f(x3) = x +x +x where (Q,+) is a binary group of order 4. 1 1 2 3 Proof. If a quasigroup is an isotope of a 3-ary group (Q,f) with the form f(x3) = x +x +x where 1 1 2 3 (Q,+) is a binary group, then this quasigroup is reducible [13, Corollary, p. 115]. Atranslationofn-aryquasigroup(Q,f)(n > 2)willbedenotedasT(a1,...,ai−1,−,ai+1,...,an), where a ∈ Q for all i ∈ 1,n and i T(a1,...,ai−1,−,ai+1,...,an)x = f(a1,...,ai−1,x,ai+1,...,an) for all x ∈ Q. From definition of n-ary quasigroup follows that any translation of n-ary quasigroup (Q,f) is a permutation of the set Q. 7 Lemma 2. If fT(a1,...,an−1,−) is a translation of a quasigroup (Q,f), then fT−1(a1,...,an−1,−) = (n,n+1)fT(a1,...,an−1,−) Proof. In the proof we omit the symbol f in the notation of translations of quasigroup (Q,f). We have T−1(a1,...,an−1,−)(T(a1,...,an−1,−)x) = T−1(a1,...,an−1,−)f(a1,...,an−1,x) = (14) (n,n+1)f(a1,...,an−1,f(a1,...,an−1,x)) (=6) x We propose an n-ary analogue of Algorithm 3. Algorithm 5. Let Q be a non-empty finite alphabet. Define an n-ary quasigroup (Q,f). It is clear that the quasigroup (Q,(n,n+1)f) is defined in a unique way. (n−1)(n−1) Take fixed elements l (l ∈ Q), which are called leaders. 1 i Let u u ...u be a k-tuple of letters from Q. 1 2 k It is proposed the following ciphering (encryption) procedure v1 = Ta(l1,l2,...,ln−1,u1), v2 = Tb(ln,ln+1,...,l2n−2,u2), ..., vn−1 = Tc(ln2−3n+3,...,l(n−1)(n−1),un−1), (15) vn = Td(v1,...,vn−1,un), v = Te(v ,...,v ,u ), n+1 2 n n+1 v = Tt(v ,...,v ,u ), n+2 3 n+1 n+2 ... Therefore we obtain the following cipher-text v v ...v . 1 2 k Taking into consideration Lemma 2 we can say that deciphering algorithm is possible, it is con- structed similarly with the deciphering in Algorithm 3. Remark 3. It is easy to see that in Algorithm 5 it is possible to use various quasigroup translations and to take quasigroups of various arity. 2 Ciphers based on orthogonal n-ary groupoids 2.1 Some definitions We give classical definition of orthogonality of n-ary operations [9, 15]. Definition 5. n-ary groupoids (Q,f ), (Q,f ), ..., (Q,f ) are called orthogonal, if for any fixed 1 2 n n-tuple a ,a ,...,a the following system of equations 1 2 n 8 f (x ,x ,...,x ) = a 1 1 2 n 1 f (x ,x ,...,x ) = a  2 1 2 n 2 (16)  ...   f (x ,x ,...,x ) = a n 1 2 n n  has a unique solution.   If the set Q is finite, then any system of n orthogonal n-ary groupoids (Q,f ) i ∈ 1,n, defines i a permutation of the set Qn and vice versa [11, 15, 9]. Therefore if |Q| = q, then there exist (qn)! systems of n-ary orthogonal groupoids defined on the set Q. There exist various generalizations of definition of orthogonality of n-ary operations. Fresh gen- eralizations are in [57, 58]. Definition 6. n-ary groupoids (Q,f ), (Q,f ), ..., (Q,f ) (2 ≤ k ≤ n) given on a set Q of order 1 2 k m are called orthogonal if the system of equations (16) has exactly mn−k solutions for any k-tuple a ,a ,...,a , where a ,a ,...,a ∈ Q (see [16]). 1 2 k 1 2 k If k = n, then from Definition 6 we obtain standard Definition 5. Definition of orthogonality of binary systems has rich and long history [20]. About n-ary case, for example, see [27]. 2.2 Construction of orthogonal n-ary groupoids In the following example sufficiently convenient and general way for the construction of systems of orthogonal n-ary groupoids is given. Example 2. DefineoperationsA (x ,x ,x ),A (x ,x ,x ),A (x ,x ,x )overthesetM = {0, 1, 2} 1 1 2 3 2 1 2 3 3 1 2 3 in the following way. Take all 27 triplets K = {(R , S , T ) | R ,S ,T ∈ M,i ∈ 1,27} in any fixed i i i i i i order and put A (0,0,0) = R ,A (0,0,1) = R ,A (0,0,2) = R ,...,A (2,2,2) = R , 1 1 1 2 1 3 1 27 A (0,0,0) = S ,A (0,0,1) = S ,A (0,0,2) = S ,...,A (2,2,2) = S , 2 1 2 2 2 3 2 27 A (0,0,0) = T ,A (0,0,1) = T ,A (0,0,2) = T ,...,A (2,2,2) = T . 3 1 3 2 3 3 3 27 The operations A , A and A form a system of orthogonal operations. If we take this 27 triplets in 1 2 3 other order, then we obtain other system of orthogonal 3-ary groupoids. This way gives a possibility to construct easily inverse system B of orthogonaln-ary operations to a fixed system A of orthogonal n-ary operations. Recall inverse system means that B(A(xn)) = xn, 1 1 x ∈ Q. i Example 3. [19]. We give example of three orthogonal ternary groupoids that are defined on four- element set {0, 1, 2, 3}. Multiplication table of the first groupoid (in fact, of a quasigroup) is given in Example 1. Below we give multiplication tables of other two 3-ary groupoids. B 0 1 2 3 B 0 1 2 3 B 0 1 2 3 B 0 1 2 3 0 1 2 3 0 3 0 1 3 0 2 1 1 0 0 1 2 0 0 0 3 3 2 2 1 0 2 3 0 1 2 3 3 0 1 2 0 3 1 1 0 1 2 1 2 1 2 1 3 2 0 2 1 3 2 0 2 3 2 2 0 2 0 3 3 1 1 2 2 3 0 0 3 1 3 3 2 1 1 3 3 1 0 3 9 C 0 1 2 3 C 0 1 2 3 C 0 1 2 3 C 0 1 2 3 0 1 2 3 0 3 1 2 0 0 1 2 1 3 0 3 3 0 0 0 2 1 0 0 1 2 1 1 2 1 1 2 3 1 1 2 1 0 1 1 2 0 2 3 2 0 1 0 1 2 0 2 2 0 2 3 3 2 0 2 3 3 2 0 3 3 1 2 3 3 1 3 1 1 3 3 0 2 3 3 2 0 0 3 From formula (qn)! follows that there exist (43)! = 64! orthogonal systems of 3-ary groupoids over a set of order 4. 2.3 Ciphers on base of orthogonal systems of n-ary operation Here we propose to use a system of orthogonal n-ary groupoids as additional procedure in order to construct almost-stream cipher [56]. Orthogonal systems of n-ary quasigroups were studied in [59, 60, 25]. Such systems have more uniform distribution of elements of base set and therefore such systems may be more preferable in protection against statistical cryptanalytic attacks. Algorithm 6. [19]. Let A be a non-empty finite alphabet, k be a natural number, xt be a plain- 1 text. Take a system of n n-ary orthogonal operations (A,f ), i = 1,2,...,n. This system defines a i permutation F of the set An. We propose the following enciphering procedure. • Step 1: yn = F l(xn), where l ≥ 1, l is a natural number, l is vary from one enciphering round 1 1 to other. If t < n, then we can add to plaintext some ”neutral” symbols. • On the Steps ≥ 2 it is possible to use Feistel schema [28, 43]. For example, we can do the following enciphering procedure zn = Fs(y ,y ,...,y ,x ), if arity n ≥ 2, or zn = 1 2 3 n n+1 1 Fs(y ,y ,...,y ,x ,x ), if n ≥ 3. And so on. 3 4 n n+1 n+2 The deciphering algorithm is based on the fact that orthogonal system of n n-ary operations (16) has a unique solution for any tuple of elements a ,...,a . 1 n Algorithm 6 is sufficiently safe relative to chosen ciphertext and plaintext attack since the key is a non-periodic sequence of applications of permutation F, i.e. sequence of powers of permutation F. Therefore any permutation of the group hFi can be used by ciphering information using Algorithm 6. Recall applicationofonlyonestepAlgorithm6isnotverysafesince thisprocedureisnotresistant relatively chosen ciphertext attack and chosen plaintext attack. 3 Combined algorithms 3.1 Modifications of Algorithm 6 By our opinion some modifications of this algorithm are desirable. Following ”vector ideas” [45] we propose as the first step to write any letter u of a plaintext as n-tuple (n-vector) and after that to i apply Algorithm 6. For example it is possible to use a binary representation of characters of the alphabet A. It is possible to divide plain text u ,...,u on parts and to use Algorithm 6 to some parts, to a 1 n text a part of which has been ciphered by Algorithm 6 on a previous ciphering round. 10

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.