On Multivariate Cryptosystems Based on Computable Maps with Invertible Decomposition

Let K be a commutative ring and K^n be a space over K of dimension n. Weintroduce the concept of a family of multivariate maps f(n) of K^n into itself with invertible decomposition.If f(n) is computable in polynomial time then it can be used as the public rule and theinvertible decomposition provides a private key in f(n) based public key infrastructure. Requirementsof polynomial ity of degree and density for f(n) allow to estimate the complexity of encryption procedurefor a public user. The concepts of a stable family and a family of increasing order are motivatedby the studies of discrete logarithm problem in the Cremona group. The statement on the existenceof families of multivariate maps of polynomial degree and polynomial density of increasing order withthe invertible decomposition is proved. The proof is supported by explicite construction which canbe used as a new cryptosystem. The presented multivariate encryption maps are induced by specialwalks in the algebraically dened extremal graphs A(n;K) and D(n;K) of increasing girth

On New Examples of Families of Multivariate Stable Maps and their Cryptographical Applications

Let K be a general finite commutative ring. We refer to a familyg^n, n = 1; 2;... of bijective polynomial multivariate maps of K^n as a family with invertible decomposition gn = g^1^n g^2^n...g^k^n , such that the knowledge of the composition of g^2^nallows computation of g^2^n for O(n^s) (s > 0) elementary steps. Apolynomial map g is stable if all non-identical elements of kind g^t, t > 0 are of the same degree.We construct a new family of stable elements with invertible decomposition.This is the first construction of the family of maps based on walks on the bipartitealgebraic graphs defined over K, which are not edge transitive. We describe theapplication of the above mentioned construction for the development of streamciphers, public key algorithms and key exchange protocols. The absence of edgetransitive group essentially complicates cryptanalysis

On the key exchange and multivariate encryption with nonlinear polynomial maps of stable degree

We say that the sequence g^n, n 3, n ! 1 of polynomial transformation bijective mapsof free module K^n over commutative ring K is a sequence of stable degree if the order of g^n is growingwith n and the degree of each nonidentical polynomial map of kind g^n^k^ is an independent constant c.Transformation b = tgn

On the key exchange with new cubical maps based on graphs

Families of edge transitive algebraic graphs Fn(K), over the commutative ring K were used for the graph based cryptographic algorithms. We introduce a key exchange protocol defined in terms of bipartite graph An(K), n ≥ 2 with point set Pn and line set Ln isomorphic to n-dimensional free module Kn. Graphs A(n, K) are not vertex and edge transitive. There is a well defined projective limit lim A(n, K) = A(K), n → ∞ which is an infinite bipatrtite graph with point set P = lim Pn and line set L = limLn. Let K be a commutative ring contain at least 3 regular elements (not zero divisors). For each pair of (n, d), n ≥ 2, n ≥ 1 and sequence of elements α1, α2, …, α2d, such that α1, αi+αi+1, i = 1, 2, …, 2d, i = 1, 2, … 2d-1 and α2d+α1 are regular elements of the ring K. We define polynomial automorphism hn = hn (d, α1, α2, …, α2d) of variety Ln (or Pn). The existence of projective limit lim An(K) guarantees the existence of projective limit h = h(d, α1, α2, …, α2d) = lim hn, n → ∞ which is cubical automorphism of infinite dimensional varieties L (or P). We state that the order of h is an infinity. There is a constant n0 such that hn, n ≥ n0 is a cubical map. Obviously the order of hn is growing with the growth of n and the degree of polynomial map (hn)k from the Cremona group of all polynomial automorphisms of free module Kn with operation of composition is bounded by 3. Let τ be affine automorphism of Kn i.e. the element of Cremona group of degree 1. We suggest symbolic Diffie Hellman key exchange with the use of cyclic subgroup of Cremona group generated by τ-1hnτ. In the case of K = Fp, p is prime, the order of hn is the power of p. So the order is growing with the growth of p. We use computer simulation to evaluate the orders in some cases of K = Zm, where m is a composite integer.Show Reference

On Multivariate Algorithms of Digital Signatures on Secure El Gamal Type Mode.

The intersection of Non-commutative and Multivariate cryptography contains studies of cryptographic applications of subsemigroups and subgroups of affine Cremona semigroups defined over finite commutative ring K with the unit. We consider special subsemigroups (platforms) in a semigroup of all endomorphisms of K[x_1, x_2, …, x_n]. Efficiently computed homomorphisms between such platforms can be used in Post Quantum key exchange protocols when correspondents elaborate common transformation of (K*)^n. The security of these schemes is based on a complexity of decomposition problem for an element of a semigroup into a product of given generators. We suggest three such protocols (with a group and with two semigroups as platforms) for their usage with multivariate digital signatures systems. The usage of protocols allows to convert public maps of these systems into private mode, i.e. one correspondent uses the collision map for safe transfer of selected multivariate rule to his/her partner. The ‘’ privatisation’’ of former publicly given map allows the usage of digital signature system for which some of cryptanalytic instruments were found ( estimation of different attacks on rainbow oil and vinegar system, cryptanalytic studies LUOV) with the essentially smaller size of hashed messages. Transition of basic multivariate map to safe El Gamal type mode does not allow the usage of cryptanalytic algorithms for already broken Imai - Matsumoto cryptosystem or Original Oil and Vinegar signature schemes proposed by J.Patarin. So even broken digital signatures schemes can be used in the combination with protocol execution during some restricted ‘’trust interval’’ of polynomial size. Minimal trust interval can be chosen as a dimension n of the space of hashed messages, i. e. transported safely multivariate map has to be used at most n times. Before the end of this interval correspondents have to start the session of multivariate protocol with modified multivariate map. The security of such algorithms rests not on properties of quadratic multivariate maps but on the security of the protocol for the map delivery and corresponding NP hard problem

On LDPC codes corresponding to affine parts of generalized polygons

In this paper we describe how to use special induced subgraphs of generalized m-gons to obtain the LDPC error correcting codes. We compare the properties of codes related to the affine parts of q-regular generalised 6-gons with the properties of known LDPC codes corresponding to the graphs D(5, q)

Dynamical systems as the main instrument for the constructions of new quadratic families and their usage in cryptography

Let K be a finite commutative ring and f = f(n) a bijective polynomial map f(n) of the Cartesian power K^n onto itself of a small degree c and of a large order. Let f^y be a multiple composition of f with itself in the group of all polynomial automorphisms, of free module K^n. The discrete logarithm problem with the pseudorandom base f(n) (solvef^y = b for y) is a hard task if n is sufficiently large. We will use families of algebraic graphs defined over K and corresponding dynamical systems for the explicit constructions of such maps f(n) of a large order with c = 2 such that all nonidentical powers f^y are quadratic polynomial maps. The above mentioned result is used in the cryptographical algorithms based on the maps f(n) – in the symbolic key exchange protocols and public keys algorithms

LDPC Codes Based on Algebraic Graphs

In this paper we investigate correcting properties of LDPC codes obtained from families of algebraic graphs. The graphs considered in this article come from the infinite incidence structure. We describe how to construct these codes, choose the parameters and present several simulations, done by using the MAP decoder. We describe how error correcting properties are dependent on the graph structure. We compare our results with the currently used codes, obtained by Guinand and Lodge [1] from the family of graphs D(k; q), which were constructed by Ustimenko and Lazebnik [2]

On the families of algebraic graphs with the fastest growth of cycle indicator and their applications

Symbolic computations with the usage of bipartite algebraic graphs A(n, F_q) and A(n, F_q[x_1, x_2, ..., x_n]) were used for the development of various cryptographic algorithms because the length of their minimal cycle (the girth) tends to infinity when n is growing. It motivates studies of graphs A(n, K) defined over arbitrary integrity ring K. We show that the cycle indicator of A(n, K), i. e. maximal value of minimal cycles through the given vertex is >2n. We justify that the girth indicator of line [0,0,..., 0]$of$A(n, K)$ is > 2n and the girth indicator of point (0,0, ..., 0) of this graph is at least 2n. From this result instantly follows that the girth of known edge transitive graphs D(n, K) defined over integrity ring K is at least 2[(n+5)]/2. We consider some inequalities defined in terms of a girth, a diameter and the girth indicator of homogeneous algebraic graphs and formulate some conjectures