# Feistel-erf and Feistel-crf Polynomial Model Demonstration

In [1]:
load("Feistel.sage")

## Expanding Round Function (erf)

In [2]:
field = GF(101)
n = 3
r = 4
mode = "erf"

feistel = Feistel(field=field, 
                  n=n, 
                  rounds=r,
                  mode=mode)

Feistel Parameters
Field: Finite Field of size 101
n: 3
Rounds: 4
Mode: erf
Matrix:
[0 0 1]
[1 0 0]
[0 1 0]
Constants: [(97, 43, 36), (96, 31, 28), (95, 42, 55), (51, 100, 72)]


In [3]:
V = VectorSpace(feistel.field, feistel.n)

plain = V.random_element()
key = V.random_element()
cipher = feistel.encryption(plain, key)

plain, key, cipher, plain == feistel.decryption(cipher, key)

((36, 79, 28), (36, 80, 9), (12, 94, 12), True)

In [4]:
polynomials = feistel.generate_polynomials(plain=plain, 
                                           cipher=cipher)

print(70 * "-")

for i in range(0, feistel.rounds):
    for j in range(0, feistel.n):
        print(polynomials[i * feistel.n + j])
    print(70 * "-")

Plaintext: (36, 79, 28)
Ciphertext: (12, 94, 12)
Term order: degrevlex
----------------------------------------------------------------------
-x_1__1 + y_1 + y_3 + 24
y_3^2 - x_2__1 + y_1 + y_2 - 45*y_3 - 46
y_3^2 - x_3__1 + y_2 - 44*y_3 - 10
----------------------------------------------------------------------
x_3__1 - x_1__2 + y_1 - 5
x_3__1^2 + x_1__1 - x_2__2 + y_2 + 31
x_3__1^2 + x_2__1 - x_3__2 + y_3 + 28
----------------------------------------------------------------------
x_3__2 - x_1__3 + y_1 - 6
x_3__2^2 + x_1__2 - x_2__3 + y_2 + 42
x_3__2^2 + x_2__2 - x_3__3 + y_3 - 46
----------------------------------------------------------------------
x_3__3 + y_1 + 39
x_3__3^2 + x_1__3 + y_2 + 6
x_3__3^2 + x_2__3 + y_3 - 41
----------------------------------------------------------------------


In [5]:
polys_lin, polys_subs, gb_subs = feistel.compute_Groebner_basis(polynomials)

print(70 * "-")
print("Linear polynomials")
print(70 * "-")
for poly in polys_lin:
    print(poly)

print(70 * "-")
print("Substitution polynomials")
print(70 * "-")
for poly in polys_subs:
    print(poly)

print(70 * "-")
print("Gröbner basis")
print(70 * "-")
for poly in gb_subs:
    print(poly)

Is in generic coordinates: True
Ideal of leading terms equal to (x_subs_1^d, ..., x_subs_n^d): True
All terms of substituted Groebner basis contained in (x_subs_1, ..., x_subs_n): True
----------------------------------------------------------------------
Linear polynomials
----------------------------------------------------------------------
x_1__1 - y_1 - y_3 - 24
x_2__1 - x_2__3 + 50*y_1 - 50*y_2 + 50*y_3 + 47
x_3__1 - x_2__3 - 50*y_1 - 50*y_2 + 49*y_3 + 11
x_1__2 - x_2__3 + 50*y_1 - 50*y_2 + 49*y_3 + 16
x_2__2 - 50*y_1 + 50*y_2 + 50*y_3 - 33
x_3__2 - x_2__3 + y_1 + y_2 - y_3 + 41
x_1__3 - x_2__3 + y_2 - y_3 + 47
x_3__3 + y_1 + 39
----------------------------------------------------------------------
Substitution polynomials
----------------------------------------------------------------------
x_2__3 - 2*x_subs_1 + x_subs_2 + 2*x_subs_4 + 19
y_1 + x_subs_3 + 39
y_2 - 2*x_subs_1 + 2*x_subs_2 - x_subs_3 + x_subs_4 + 21
y_3 - x_subs_4
-------------------------------------------------

In [6]:
ideal(polys_lin + polys_subs + gb_subs).basis_is_groebner()

True

In [7]:
ideal(polys_lin + polys_subs + gb_subs).variety()

[{x_subs_4: 30,
  x_subs_3: 58,
  x_subs_2: 7,
  x_subs_1: 33,
  y_3: 30,
  y_2: 59,
  y_1: 4,
  x_3__3: 58,
  x_2__3: 81,
  x_1__3: 5,
  x_3__2: 7,
  x_2__2: 25,
  x_1__2: 32,
  x_3__1: 33,
  x_2__1: 72,
  x_1__1: 58},
 {x_subs_4: 9,
  x_subs_3: 26,
  x_subs_2: 16,
  x_subs_1: 58,
  y_3: 9,
  y_2: 80,
  y_1: 36,
  x_3__3: 26,
  x_2__3: 63,
  x_1__3: 46,
  x_3__2: 16,
  x_2__2: 9,
  x_1__2: 89,
  x_3__1: 58,
  x_2__1: 49,
  x_1__1: 69}]

## Contracting Round Function (crf)

In [8]:
field = GF(101)
n = 3
r = 4
mode = "crf"

feistel = Feistel(field=field, 
                  n=n, 
                  rounds=r,
                  mode=mode)

Feistel Parameters
Field: Finite Field of size 101
n: 3
Rounds: 4
Mode: crf
Matrix:
[0 0 1]
[1 0 0]
[0 1 0]
Constants: [(36, 64, 57), (47, 18, 65), (26, 79, 12), (28, 80, 20)]


In [9]:
V = VectorSpace(feistel.field, feistel.n)

plain = V.random_element()
key = V.random_element()
cipher = feistel.encryption(plain, key)

plain, key, cipher, plain == feistel.decryption(cipher, key)

((91, 22, 96), (13, 85, 16), (92, 12, 35), True)

In [10]:
polynomials = feistel.generate_polynomials(plain=plain, 
                                           cipher=cipher)

print(70 * "-")

for i in range(0, feistel.rounds):
    for j in range(0, feistel.n):
        print(polynomials[i * feistel.n + j])
    print(70 * "-")

Plaintext: (91, 22, 96)
Ciphertext: (92, 12, 35)
Term order: degrevlex
----------------------------------------------------------------------
y_1^2 + 2*y_1*y_2 + y_2^2 - x_1__1 + 25*y_1 + 24*y_2 + y_3 - 27
-x_2__1 + y_1 + y_2 - 47
-x_3__1 + y_2 + y_3 - 22
----------------------------------------------------------------------
x_1__1^2 + 2*x_1__1*x_2__1 + x_2__1^2 + x_3__1 - x_1__2 + y_1 + 47
x_1__1 - x_2__2 + y_2 + 18
x_2__1 - x_3__2 + y_3 - 36
----------------------------------------------------------------------
x_1__2^2 + 2*x_1__2*x_2__2 + x_2__2^2 + x_3__2 - x_1__3 + y_1 + 26
x_1__2 - x_2__3 + y_2 - 22
x_2__2 - x_3__3 + y_3 + 12
----------------------------------------------------------------------
x_1__3^2 + 2*x_1__3*x_2__3 + x_2__3^2 + x_3__3 + y_1 + 37
x_1__3 + y_2 - 33
x_2__3 + y_3 - 15
----------------------------------------------------------------------


In [11]:
polys_lin, polys_subs, gb_subs = feistel.compute_Groebner_basis(polynomials)

print(70 * "-")
print("Linear polynomials")
print(70 * "-")
for poly in polys_lin:
    print(poly)

print(70 * "-")
print("Substitution polynomials")
print(70 * "-")
for poly in polys_subs:
    print(poly)

print(70 * "-")
print("Gröbner basis")
print(70 * "-")
for poly in gb_subs:
    print(poly)

Is in generic coordinates: True
Ideal of leading terms equal to (x_subs_1^d, ..., x_subs_n^d): True
All terms of substituted Groebner basis contained in (x_subs_1, ..., x_subs_n): True
----------------------------------------------------------------------
Linear polynomials
----------------------------------------------------------------------
x_1__1 - x_3__3 + y_2 + y_3 + 30
x_2__1 - y_1 - y_2 + 47
x_3__1 - y_2 - y_3 + 22
x_1__2 + y_2 + y_3 - 37
x_2__2 - x_3__3 + y_3 + 12
x_3__2 - y_1 - y_2 - y_3 - 18
x_1__3 + y_2 - 33
x_2__3 + y_3 - 15
----------------------------------------------------------------------
Substitution polynomials
----------------------------------------------------------------------
x_3__3 - x_subs_1 + x_subs_3 + x_subs_4 - 24
y_1 - x_subs_1 + x_subs_2 - x_subs_3 + 47
y_2 + x_subs_1 - x_subs_2 + x_subs_3 - x_subs_4 - 47
y_3 - x_subs_1 + x_subs_2 + x_subs_4 - 1
----------------------------------------------------------------------
Gröbner basis
-----------------------

In [12]:
ideal(polys_lin + polys_subs + gb_subs).basis_is_groebner()

True

In [13]:
ideal(polys_lin + polys_subs + gb_subs).variety()

[{x_subs_4: 98,
  x_subs_3: 48,
  x_subs_2: 79,
  x_subs_1: 91,
  y_3: 16,
  y_2: 85,
  y_1: 13,
  x_3__3: 70,
  x_2__3: 100,
  x_1__3: 49,
  x_3__2: 31,
  x_2__2: 42,
  x_1__2: 37,
  x_3__1: 79,
  x_2__1: 51,
  x_1__1: 40},
 {x_subs_4: 62,
  x_subs_3: 63,
  x_subs_2: 55,
  x_subs_1: 87,
  y_3: 72,
  y_2: 14,
  y_1: 48,
  x_3__3: 87,
  x_2__3: 44,
  x_1__3: 19,
  x_3__2: 51,
  x_2__2: 3,
  x_1__2: 52,
  x_3__1: 64,
  x_2__1: 15,
  x_1__1: 72},
 {x_subs_4: 19,
  x_subs_3: 53,
  x_subs_2: 3,
  x_subs_1: 64,
  y_3: 43,
  y_2: 53,
  y_1: 67,
  x_3__3: 16,
  x_2__3: 73,
  x_1__3: 81,
  x_3__2: 80,
  x_2__2: 62,
  x_1__2: 42,
  x_3__1: 74,
  x_2__1: 73,
  x_1__1: 92}]