The method of the finite state machine (FSM) for public key cryptosystem is allows to reduce key's length of the cryptosystem without reducing сryptographic strength. A reconfigurable finite state machine is entered into public key cryptosystem's model. A reduced key is used for adjustment of the reconfigured finite state machine. Each adjustment of the reconfigurable model generates some finite state machines which sets process of the encryption/decryption. Software implementation includes the finite state machines generator and a translator for transfer the table description of the finite automaton to the hardware description language VHDL. This project was implemented on XStend board containing FPGA XC4010XL of Xilinx. Definition 2.3. A finite automaton M = (X, Y, S, δ, λ) is said to be invertible with delay τ, where τ ∈ N 0 , if ∀s, s′ ∈ S, ∀x, x′ ∈ X, ∀α, α′ ∈ X τ , )) for any x ∈ X and (s 1 , s 2 ) ∈ S 1 × S 2 . Composition M 1 • M 2 is a structure corresponding serial connection machines M 1 and M 2 , ie. the input automaton M 2 comes output automaton M 1 . If M 1 is invertible with delay τ 1 , and M 2 is reversible automatic delay τ 2 , then the automaton M 1 • M 2 will have a delay τ 1 + τ 2 .
Introduction
Public key cryptosystem based on finite automata has been proposed Chinese cryptographer Renji Tao [1] and was named FAPKC (Fnite Automaton Public Key Cryptosystem). Algorithm is based on the composition of two finite automatas with some initial memories and reversible states. Task degradation of finite automata composition into components is such a difficult task, as well as the product factoring of two large numbers [2] . Cryptosystem is FAPKC stream cipher does not require partitioning the plaintext and the block has a high speed (higher than RSA). There are a few modifications: FAPKC0 [1] , FAPKC1 and FAPKC2 [3] , FAPKC3 [4, 5] and FAPKC4 [6] . FAPKC can be used for both encryption and digital signature.
The disadvantages include the cryptosystem FAPKC large key size. For example, key length that provides resistance to the algorithm is achieved by using 512 bits -key RSA, 2792 bits for power FAPKC [2] . Furthermore, there is a problem generating random keys and equally as key space algorithm FAPKC given the description of properties of its elements. For practical use requires algorithm with generating the strongly coupled machines, allowing software and/or hardware implementation.
Automatic generation algorithm depends on the initial key of acceptable length. Initialization key is used to adjust tunable machine. Each setting tunable machine affects the encrypting machine that implements a cryptographic transformation.
Modifiability is achieved by combining the advantages of the proposed models of finite automata with means technology FPGA (Field Programmable Gate Array). Software implementation includes a generator and automatic translator, which allows to translate the description to hardware description language VHDL. The logical structure of a tunable machine implements some fixed setting the output function. The transition function is built through the transition function of basic state machines. In this regard, the design redundancy n Î ¥ , and X 0 ={ε}, where ε denotes the empty word. We will also use * 0 n n XX ³ =È the set of all finite words, and X ω will denote the set of infinite words [7] .
• X is a nonempty finite set called the input alphabet of the finite automaton;
• Y is a nonempty finite set called the output alphabet of the finite automaton;
• S is a nonempty finite set called the set of states of the finite automaton;
• δ is a function from S × X to S called the state transition function of the finite automaton;
• λ is a function from S × X to Y called the output function.
Let M = (X, Y, S, δ, λ) be a finite automaton. The state transition function δ and the output function λ can be extended to words, i.e. elements of X * , recursively, as follows:
where s ∈ S, n Î ¥ and x 0 x 1 · · · x n ∈ X n+1 . In an analogous way, λ may be extended to X ω .
From these definitions it follows that one has, for all s ∈ S, α ∈ X * , and for all β ∈ X * ∪ X ω , ( , ) ( , ) ( ( , ), ) s s s l a b l a l d a b = . (1) An important class of finite automata, providing an infinite number of examples, is given by the following: A central notion, essential for cryptographic purposes, is the notion of invertibility. We start with a concept related to the determination of the inputs by the outputs.
That is, for any s ∈ S and α ∈ X τ , x can be uniquely determined by λ(s, xα).
Invertible automata should have inverses of some sort. The following definition introduces the apropriate concept that we will see is closely related to the previous one. Remark: In the previous definition one may replace X ω by X * , but then one must take into account that on the right one only gets the first |α| − τ characters of α.
Proposition 2.5. If (s′, s) is a match pair with delay τ and β = λ(s, α) for some α ∈ X * , then (δ′(s′, β), δ(s, α)) is also a match pair with delay τ.
Proof. Assume that (s′, s) is a match pair with delay τ, and let β = λ(s, α) for some α ∈ X * . Let α′ ∈ X ω . By (1), one has:
But, λ′(s′, β) ∈ X |α| . So, λ′(δ(s′, λ(s, α), λ(δ(s, α), α′)) = φα′, for some φ ∈ X τ . That is, (δ(s′, β), δ(s, α)) is a match pair with delay τ.
Definition 2.6. M′ is called an inverse with delay τ of M, if ∀s ∈ S and ∀s′ ∈ S′, (s′, s) is a match pair with delay τ. M′ is called an inverse with delay τ, if M′ is an inverse with delay τ of some finite automaton. M′ is called an inverse, if M′ is an inverse with delay τ, for some τ.
Part of the important role of the automata determined by a function as defined above, in definition 2.2, is revealed by the following result.
Theorem 2.7. If M is invertible with delay τ, then there exists a finite automaton with τ -order input memory Mf that is an inverse with delay τ of M.
Proof. Suppose that M = (X, Y, S, δ, λ) is invertible automaton with delay τ. Then ∀s ∈ S, ∀x ∈ X, ∀α ∈ X τ , x can be uniquely determined by the value of λ(s, xα). Let f : Y τ+1 → X be the function defined in the following way: if ∃s ∈ S, ∃x ∈ X, ∃α ∈ X τ : y 0 y 1 . . . y τ = λ(s, xα), then f is defined at y 0 y 1 . . . y τ by f(y 0 y 1 . . . y τ ) = x; otherwise one defines f arbitrarily. Let M f = (Y, X, Y τ , δ f , λ f ) be the finite automaton with τ -order input memory determined by f. To prove the claimed result, one must show that, for all y 1 . . . y τ ∈ Y τ , for all s ∈ S and for all α=x 0 x 1 x 1 · · · ∈ X ω , there exists an γ ∈ X τ , such that λ f (y 1 . . . y τ , λ(s, α)) = γα.
Putting: 0 ss = , 1 ( , ) 
One has that λ(s, α) = z 0 z 1 z 2 . . . , and (1) yields
. . x i+τ ), and therefore it follows from the definition of f that f(z i z i+1 . . . z i+τ ) = x i , which finishes the proof. It immediately follows that
Corollary 2.8. M is invertible with delay τ if and only if there exist a finite automaton M′ such that M′ is an inverse with delay τ of M.
A weaker form of invertibility is described in the following definition. 
Description Cryptographic System FAPKC
Finite state machines, which will be considered in the future, have the form M = (X, Y, S, δ, λ), where X = Y = Z 2 ll -dimensional linear space over the field 2 {0,1} = ¢ . In practice, the typical value of l = 8 (so that encryption is performed byte), and the functions δ and λ are determined by the mapping f: Y t x X r+1 → Y and can be defined by the following formula: 1 1 ( ) ( , ,..., , ,..., ),
Automatic represented by formula (1) is called a finite automaton with the procedure memory (r, t), where (x -1 , ..., x -r , y -1 , ..., y -t ) -initial state. If t = 0, then this machine is called a finite automaton with input memory of order r. Finite state machine defined by formula (2) is called linear if f is linear. For linear automaton, formula (2) takes on the following form
The coefficients A 0 , ..., A r , B 0 , ..., B t are l × l matrix over the field 2 ¢ , x(i) -column vectors, A j x(i -j) -the usual vector matrix multiplication column. As M 1 machine uses a linear reversible automaton with input memory having a delay τ = r, for which the formula (3) takes on the following form This machine is uniquely determined by the coefficients A 0 , ..., A τ , Representing an l × l matrix over the field 2 ¢ . If M 1 is reversible automaton with delay τ, it can be easily obtained from its inverse delay τ as follows 
Here the coefficients B 0 , ... B r and B 0 ', ..., B' r-1 is a matrix of l × l over the field 2 ¢ ,
wherein the matrix to be invertible B 0 (this ensures that the zero delay). Then, multiplying both sides of equation (6) (7) For every initial state s 0 = (x(-1), x(-2), ..., x(-r) ) automaton M 0 consistent state automaton M 0 -1 are also equal to ( x(-1), x(-2), ..., x(-r) ). Automatic encryption M, representing the composition of automata M 0 and M 1 , may be obtained by substituting (4) into (6) and written in the following form. 1 ' -1) , ..., x(-r)) and s 1 = (y(-1), ..., y(-τ) ). Formula (8) can be simplified to (9) 
Model of Tunable Machine
As mentioned above, the private key of the components A 0 , ..., A r , B 0 , ..., B t represents an l × l matrix over the field 2 ¢ . And the component to the public key C j , C' j are matrix polynomials, the size of which also depends on the parameters l and τ. corresponding dimensions are shown in bits N 1 and N 2 of public key FAPKC with τ 2 ≤ r 2 = μ(f 2 ), τ 1 ≤ r 1 = μ(f 1 ), respectively , and linear and nonlinear function f 1 [9, 11] .
Table 1. Dependence of the size of the key parameters of the cryptosystem FAPKC [9]
Necessary is for practical to use of the cryptosystem FAPKC, on the one hand, to keep the size of the public key within acceptable limits, on the other hand, does not reduce cryptosystem parameters, thereby lowering the Cipher.
To solve this problem, we propose to use the model of a tunable automaton [8] .
Automatic is tunable if its transition and output functions are not only depend on the input alphabet and the set of states, but also on a parameter k ∈ K, where K -finite set of settings. In [18] it is shown that a finite automaton with modifiable behavior can be created based on statically or dynamically reconfigurable matrix FPGA using blocks of memory. Cascade model proposed by the reprogrammable finite automaton consists of two blocks of memory, register and programmable multiplexer. To configure the machine using a tunable initialization key, which is a boolean vector.
Let us consider an example. Fig. 1 depicts four state transition graphs for FSMs that permit to perform the following operations with Boolean vectors of size S: a) Detecting three or more successive ones in the Boolean vector; b) Counting the number of ones in the Boolean vector; c) Testing if the vector contains just one position with value "1" and returning an index of this position in the counter (see also fig. 1 ). If vector does not satisfy this requirement the counter is set to "0"; d) Testing if the vector contains either odd (in this case counter =1) or even (in this case counter =0) number of values "1". 
Figure 1. A circuit that detects three or more successive ones in Boolean vector
The structure in Figure 1 can be modeled by the following C++ class, which we call Boolean_vector:
class Boolean_vector 
Implementation of Cryptosystems FAPKC
Cryptosystem values also affect the amount of computation involved with the generation of weakly nonlinear reversible automata. Generating technique of nonlinear reversible automaton is suitable and invulnerable species to attack with the chosen plaintext is described in [6, 10] .
Using this method, and a class library functions for C++, implementing basic and derivative operations in various groups, rings, fields, designed generator ciphering machines for cryptosystems FAPKC3. The result of the generator are the values of public and private keys, as well as tables of states and transitions ciphering machines.
To move from the abstract machine to a structural part in the program implemented encryption algorithm encrypts the state machine. Each setting tunable machine generates an automaton that specifies the process encryption/ decryption. According to the results of the synthesis system allows to receive output code in VHDL. Subsequent automatic synthesis and final implementation on FPGA implemented by StateCAD ISE Xilinx.
The logical structure of the proposed hardware implementation cryptosystem FAPKC modeled using two machines work together, one (encoded machine) of which is rigidly fixed behavior, and the behavior of other tunable machine specified by the user using an initialization key. Output function system is fixed and the transition function is constructed from two transition functions automata. In this regard, the design and implementation on XStend board containing FPGA XC4010XL of Xilinx level redundancy overlapping elements implementing the transition function.
As already mentioned, the shortcomings can be attributed cryptosystem FAPKC large size of the keys. At the same time a large amount of computation to generate ciphering machine, and the need for frequent rekeying make cryptosystems finitely automata models unsuitable for practical widespread use. Implementation of the proposed model with adjustable machine allows use once generated automatic encryption for a long time with frequent change shorter initialization key.
Configuring each machine k ∈ K automaton M = (X, Y, S, K, δ, λ), in correspondence oneto-one put vector values of the transition δ k : S × X × K → S. It is a Boolean vector of length |S × X|, so the key length of the proposed implementation FAPKC cryptosystem does not exceed the number mn, Herein n = |S|, m = |X| = |Y|. For example, when m = 32, n = 20, this number is 640 bits.
Conclusions
The paper presents a novel technique for the design of FSMs with statically and dynamically modifiable behavior and demonstrates the use of such FSMs for finite automaton public key cryptosystem. It is shown that reconfigurable FSM can be constructed in such a way that it might be used for reducing the length of the key cryptosystems preserving stability. The paper examines some models of reconfigurable FSMs and demonstrates their implementation in software and in hardware. The results of hardware implementation based on FPGA XC4010XL of Xilinx have shown that the respective circuits require very limited FPGA resources and they can be reprogrammed much like we are doing this for software development.
