Rational Interval Maps and Cryptography

Abstract

In Eurocrypt 1991 Habutsu, Nishio, Sasase, Mori [4] introduced a cryptosystem using tent maps (denoted HNSM in the sequel). Though the functions that are used have good chaotic properties this system seems to has many weaknesses [7]. A general framework for such cryptosystems can be described as follow. Let ε = {E _i ; i = 0,..., M} be a family of so-called plaintext-spaces and for each i = 1,..., M, let L _i be an integer ≥ 2 and let T _i = {T _i,ℓ ; ℓ = 1,...,L _i } be a family of cipher-maps T _i,ℓ : E _iℒ1 → E _i . We assume that there exist maps S _i : E _i →E _i−1 such that for all ℓ ∈ {1,..., L _i } one has S _i o T _i,ℓ = Id _Ei−1. The key is given by {S ₁,..., S _M ) and the cryptogram of a given paintext y ∈ E ₀ is any element in

$$$$

where the union is taken over all finite sequences (ℓ ₁,..., ℓ _M ) in $$. Usually all the plaintext-spaces are identical to a same space E and we choose the same family of enciphering maps. Therefore, the system is given by a deciphering map Σ: E → E and a family of right inverse maps of Σ: T ₁,..., T _L , L ≥ 2. The integer M corresponds to the number of iterations and the key is (Σ, M). To avoid attacks on the enciphering algorithm, the choice of the cryptogram depends on a random process which produces a uniform-like distribution of the ciphertext in E _M . It seem that the firt use of such a scheme was considered in terms of cellular automata by S. Wolfram in Crypto’85 [8] and recently H. Gutowitz in [3] proposed a scheme, according to this model, of an enciphering/deciphering system at high rate. The HNSM system uses tent maps Φ _t for keys, namely t is a parameter in]0,1[ and Φ _t is the piecewise linear map defined by Φ _t (x) = x/t for 0 ≤ x ≤ t and $$ for t < x ≤ 1.