An Application of Algebraic Geometry to Encryption: Tame Transformation Method

Abstract

Let $K$ be a finite field of $2^{\ell}$ elements. Let $\phi_4,\phi_3, \phi_2,\phi_1$ be tame mappings of the $n\!+r$-dimensional affine space $K^{n+r}$. Let the composition $\phi_4\phi_3\phi_2\phi_1$ be $\pi$. The mapping $\pi$ and the $\phi_i$'s will be hidden. Let the component expression of $\pi$ be $(\pi_1(x_1,\dots,x_{n+r}),\dots \pi_{n+r}(x_1,\dots,x_{n+r}))$. Let the restriction of $\pi$ to a subspace be $\hat\pi$ as $\hat\pi=(\pi_1(x_1,\dots,x_n,0,\dots,0),\dots,\pi_{n+r}(x_1,\dots, x_n,0,\dots,0))=(f_1,\dots,f_{n+r}) : K^n\ mapsto K^{n+r}$. The field $K$ and the polynomial map ($f_1,\dots,f_{n+r}$) will be announced as the public key. Given a plaintext $(x'_1,\dots,x'_n)\in K^n$, let $y'_i=f_i(x'_1,\dots,x'_n)$, then the ciphertext will be $(y'_1,\dots,y'_{n+r})\in K^{n+r}$. Given $\phi_i$ and ($y'_1,\dots,y'_{n+r}$), it is easy to find $\phi_i^{-1}(y'_1,\dots,y'_{n+r})$. Therefore the plaintext can be recovered by $(x'_1,\dots,x'_n,0,\dots,0) = \phi_1^{-1}\phi_2^{-1} \phi_3^{-1}\phi_4^{-1}\,\hat\pi\,(x'_1,\dots,x'_n)=\phi_1^{-1} \phi_2^{-1}\phi_3^{-1}\phi_4^{-1}(y'_1,\dots, y'_{n+r})$. The private key will be the set of maps $\{\phi_1,\phi_2,\phi_3,\phi_4\}$. The security of the system rests in part on the difficulty of finding the map $\pi$ from the partial informations provided by the map $\hat\pi$ and the factorization of the map $\pi$ into a product (i.e., composition) of tame transformations $\phi_i$'s.