# GMiMC With Multivariate Key Polynomial Model Demonstration

In [1]:
load("GMiMC.sage")

## Expanding Round Function

In [2]:
field = GF(101)
n = 3
r = 7
mode = "erf"

gmimc = GMiMC(field=field, n=n, r=r, mode=mode)

GMiMC Parameters
Field: Finite Field of size 101
n: 3
r: 7
Mode: erf
Key schedule matrix:
[49 50  5]
[61 35 37]
[33  1 86]
Admissible key schedule matrix: False
Constants: [96, 51, 92, 66, 51, 98, 64]


In [3]:
V = VectorSpace(gmimc.field, gmimc.n)
plain = V.random_element()
key = V.random_element()
cipher = gmimc.encrypt(plain, key)
plain, key, cipher

((93, 64, 17), (79, 44, 37), (1, 39, 69))

In [4]:
polys = gmimc.generate_polynomials(plain=plain, cipher=cipher)

print(70 * "-")

for i in range(0, gmimc.r):
    for j in range(0, gmimc.n):
        print(polys[i * gmimc.n + j])
    print(70 * "-")

Plain: (93, 64, 17)
Cipher: (1, 39, 69)
Order: degrevlex
----------------------------------------------------------------------
y_1^3 - 39*y_1^2 - x_1_1 + 2*y_1 - 12
y_1^3 - 39*y_1^2 - x_2_1 + 2*y_1 + 42
-x_3_1 - 8
----------------------------------------------------------------------
x_1_1^3 + 3*x_1_1^2*y_2 + 3*x_1_1*y_2^2 + y_2^3 - 49*x_1_1^2 + 3*x_1_1*y_2 - 49*y_2^2 + 26*x_1_1 + x_2_1 - x_1_2 + 26*y_2 + 38
x_1_1^3 + 3*x_1_1^2*y_2 + 3*x_1_1*y_2^2 + y_2^3 - 49*x_1_1^2 + 3*x_1_1*y_2 - 49*y_2^2 + 26*x_1_1 + x_3_1 - x_2_2 + 26*y_2 + 38
x_1_1 - x_3_2
----------------------------------------------------------------------
x_1_2^3 + 3*x_1_2^2*y_3 + 3*x_1_2*y_3^2 + y_3^3 - 27*x_1_2^2 + 47*x_1_2*y_3 - 27*y_3^2 + 41*x_1_2 + x_2_2 - x_1_3 + 41*y_3 - 22
x_1_2^3 + 3*x_1_2^2*y_3 + 3*x_1_2*y_3^2 + y_3^3 - 27*x_1_2^2 + 47*x_1_2*y_3 - 27*y_3^2 + 41*x_1_2 + x_3_2 - x_2_3 + 41*y_3 - 22
x_1_2 - x_3_3
----------------------------------------------------------------------
x_1_3^3 + 46*x_1_3^2*y_1 + 32*x_1_

In [5]:
polys_lin, polys_subs, gb_subs = gmimc.compute_Groebner_basis(polys)

print(70 * "-")
print("Linear polynomials")
print(70 * "-")
for poly in polys_lin:
    print(poly)

print(70 * "-")
print("Substitution polynomials")
print(70 * "-")
for poly in polys_subs:
    print(poly)

print(70 * "-")
print("Gröbner basis")
print(70 * "-")
for poly in gb_subs:
    print(poly)

Ideal of leading terms equal to (x_subs_1^3, ..., x_subs_n^3): True
All terms of substituted Groebner basis contained in (x_subs_1, ..., x_subs_n): True
----------------------------------------------------------------------
Linear polynomials
----------------------------------------------------------------------
x_1_1 - x_3_3 + x_3_4 - x_3_5 + x_3_6 + 28
x_2_1 - x_3_3 + x_3_4 - x_3_5 + x_3_6 - 26
x_3_1 + 8
x_1_2 - x_3_3
x_2_2 - x_3_4 + x_3_5 - x_3_6 + 34
x_3_2 - x_3_3 + x_3_4 - x_3_5 + x_3_6 + 28
x_1_3 - x_3_4
x_2_3 - x_3_3 + x_3_4 - 2*x_3_5 + 2*x_3_6 - 6
x_1_4 - x_3_5
x_2_4 - x_3_4 + x_3_5 - 2*x_3_6 + 6
x_1_5 - x_3_6
x_2_5 - x_3_5 + x_3_6 - 6
x_1_6 + 32
x_2_6 - x_3_6 + 38
----------------------------------------------------------------------
Substitution polynomials
----------------------------------------------------------------------
x_3_3 - 48*x_subs_1 - 40*x_subs_2 + 39*x_subs_3 - 40*x_subs_4 + 40*x_subs_5 - 40*x_subs_6 - 2*x_subs_7 - 41
x_3_4 + 17*x_subs_1 + 2*x_subs_2 - 2*x_subs

In [6]:
ideal(polys_lin + polys_subs + gb_subs).basis_is_groebner()

True

## Contracting Round Function

In [7]:
field = GF(101)
n = 3
r = 7
mode = "crf"

gmimc = GMiMC(field=field, n=n, r=r, mode=mode)

GMiMC Parameters
Field: Finite Field of size 101
n: 3
r: 7
Mode: crf
Key schedule matrix:
[95 65 95]
[33  8 34]
[29 47 36]
Admissible key schedule matrix: True
Constants: [7, 70, 33, 8, 89, 97, 80]


In [8]:
V = VectorSpace(gmimc.field, gmimc.n)
plain = V.random_element()
key = V.random_element()
cipher = gmimc.encrypt(plain, key)
plain, key, cipher

((32, 85, 22), (78, 2, 16), (19, 28, 97))

In [9]:
polys = gmimc.generate_polynomials(plain=plain, cipher=cipher)

print(70 * "-")

for i in range(0, gmimc.r):
    for j in range(0, gmimc.n):
        print(polys[i * gmimc.n + j])
    print(70 * "-")

Plain: (32, 85, 22)
Cipher: (19, 28, 97)
Order: degrevlex
----------------------------------------------------------------------
-x_1_1 - 16
-x_2_1 + 22
y_1^3 + 39*y_1^2 - x_3_1 + 2*y_1 + 7
----------------------------------------------------------------------
x_2_1 - x_1_2
x_3_1 - x_2_2
x_2_1^3 + 3*x_2_1^2*x_3_1 + 3*x_2_1*x_3_1^2 + x_3_1^3 + 3*x_2_1^2*y_2 + 6*x_2_1*x_3_1*y_2 + 3*x_3_1^2*y_2 + 3*x_2_1*y_2^2 + 3*x_3_1*y_2^2 + y_2^3 + 8*x_2_1^2 + 16*x_2_1*x_3_1 + 8*x_3_1^2 + 16*x_2_1*y_2 + 16*x_3_1*y_2 + 8*y_2^2 + x_1_1 - 46*x_2_1 - 46*x_3_1 - x_3_2 - 46*y_2 + 4
----------------------------------------------------------------------
x_2_2 - x_1_3
x_3_2 - x_2_3
x_2_2^3 + 3*x_2_2^2*x_3_2 + 3*x_2_2*x_3_2^2 + x_3_2^3 + 3*x_2_2^2*y_3 + 6*x_2_2*x_3_2*y_3 + 3*x_3_2^2*y_3 + 3*x_2_2*y_3^2 + 3*x_3_2*y_3^2 + y_3^3 - 2*x_2_2^2 - 4*x_2_2*x_3_2 - 2*x_3_2^2 - 4*x_2_2*y_3 - 4*x_3_2*y_3 - 2*y_3^2 + x_1_2 + 35*x_2_2 + 35*x_3_2 - x_3_3 + 35*y_3 - 19
----------------------------------------------------------

In [10]:
polys_lin, polys_subs, gb_subs = gmimc.compute_Groebner_basis(polys)

print(70 * "-")
print("Linear polynomials")
print(70 * "-")
for poly in polys_lin:
    print(poly)

print(70 * "-")
print("Substitution polynomials")
print(70 * "-")
for poly in polys_subs:
    print(poly)

print(70 * "-")
print("Gröbner basis")
print(70 * "-")
for poly in gb_subs:
    print(poly)

Ideal of leading terms equal to (x_subs_1^3, ..., x_subs_n^3): True
All terms of substituted Groebner basis contained in (x_subs_1, ..., x_subs_n): True
----------------------------------------------------------------------
Linear polynomials
----------------------------------------------------------------------
x_1_1 + 16
x_2_1 - 22
x_3_1 - x_1_3
x_1_2 - 22
x_2_2 - x_1_3
x_3_2 - x_1_4
x_2_3 - x_1_4
x_3_3 - x_1_5
x_2_4 - x_1_5
x_3_4 - x_1_6
x_2_5 - x_1_6
x_3_5 - 19
x_2_6 - 19
x_3_6 - 28
----------------------------------------------------------------------
Substitution polynomials
----------------------------------------------------------------------
x_1_3 - 36*x_subs_1 + 6*x_subs_2 - 7*x_subs_3 + 7*x_subs_4 - 7*x_subs_5 + 7*x_subs_6 - 47*x_subs_7 - 1
x_1_4 - 15*x_subs_1 - 41*x_subs_2 + 41*x_subs_3 - 42*x_subs_4 + 42*x_subs_5 - 42*x_subs_6 - 31*x_subs_7 - 48
x_1_5 - 5*x_subs_1 - x_subs_2 + x_subs_3 - x_subs_4 - 31*x_subs_7 - 1
x_1_6 + 36*x_subs_1 - 22*x_subs_2 + 22*x_subs_3 - 22*x_subs

In [11]:
ideal(polys_lin + polys_subs + gb_subs).basis_is_groebner()

True