# GMiMC With Multivariate Key Polynomial Model Demonstration

In [1]:
load("GMiMC_univariate.sage")

## Expanding Round Function

In [2]:
field = GF(101)
n = 3
r = 7
mode = "erf"

gmimc = GMiMC(field=field, n=n, r=r, mode=mode)

GMiMC Parameters
Field: Finite Field of size 101
n: 3
r: 7
Mode: erf
Constants: [26, 41, 23, 17, 77, 58, 89]


In [3]:
V = VectorSpace(gmimc.field, gmimc.n)
plain = V.random_element()
key = gmimc.field.random_element()
cipher = gmimc.encrypt(plain, key)
plain, key, cipher

((79, 69, 85), 68, (10, 59, 49))

In [4]:
polys = gmimc.generate_polynomials(plain=plain, cipher=cipher)

print(70 * "-")

for i in range(0, gmimc.r):
    for j in range(0, gmimc.n):
        print(polys[i * gmimc.n + j])
    print(70 * "-")

Plain: (79, 69, 85)
Cipher: (10, 59, 49)
Order: degrevlex
----------------------------------------------------------------------
y^3 + 12*y^2 - x_1_1 + 48*y + 32
y^3 + 12*y^2 - x_2_1 + 48*y + 48
-x_3_1 - 22
----------------------------------------------------------------------
x_1_1^3 + 3*x_1_1^2*y + 3*x_1_1*y^2 + y^3 + 22*x_1_1^2 + 44*x_1_1*y + 22*y^2 - 7*x_1_1 + x_2_1 - x_1_2 - 7*y + 39
x_1_1^3 + 3*x_1_1^2*y + 3*x_1_1*y^2 + y^3 + 22*x_1_1^2 + 44*x_1_1*y + 22*y^2 - 7*x_1_1 + x_3_1 - x_2_2 - 7*y + 39
x_1_1 - x_3_2
----------------------------------------------------------------------
x_1_2^3 + 3*x_1_2^2*y + 3*x_1_2*y^2 + y^3 - 32*x_1_2^2 + 37*x_1_2*y - 32*y^2 - 29*x_1_2 + x_2_2 - x_1_3 - 29*y + 47
x_1_2^3 + 3*x_1_2^2*y + 3*x_1_2*y^2 + y^3 - 32*x_1_2^2 + 37*x_1_2*y - 32*y^2 - 29*x_1_2 + x_3_2 - x_2_3 - 29*y + 47
x_1_2 - x_3_3
----------------------------------------------------------------------
x_1_3^3 + 3*x_1_3^2*y + 3*x_1_3*y^2 + y^3 - 50*x_1_3^2 + x_1_3*y - 50*y^2 - 42*x_1_3 + x_2_3

In [5]:
polys_lin, polys_subs, gb_subs = gmimc.compute_Groebner_basis(polys)

print(70 * "-")
print("Linear polynomials")
print(70 * "-")
for poly in polys_lin:
    print(poly)

print(70 * "-")
print("Substitution polynomials")
print(70 * "-")
for poly in polys_subs:
    print(poly)

print(70 * "-")
print("Gröbner basis")
print(70 * "-")
for poly in gb_subs:
    print(poly)

(x_subs_3^3, ..., x_subs_n^3) contained in ideal of leading terms: True
All terms of substituted Gröbner basis contained in (x_subs_3, ..., x_subs_n): True
----------------------------------------------------------------------
Linear polynomials
----------------------------------------------------------------------
x_1_1 - x_3_3 + x_3_4 - x_3_5 + x_3_6 - 30
x_2_1 - x_3_3 + x_3_4 - x_3_5 + x_3_6 - 46
x_3_1 + 22
x_1_2 - x_3_3
x_2_2 - x_3_4 + x_3_5 - x_3_6 - 33
x_3_2 - x_3_3 + x_3_4 - x_3_5 + x_3_6 - 30
x_1_3 - x_3_4
x_2_3 - x_3_3 + x_3_4 - 2*x_3_5 + 2*x_3_6 + 3
x_1_4 - x_3_5
x_2_4 - x_3_4 + x_3_5 - 2*x_3_6 - 3
x_1_5 - x_3_6
x_2_5 - x_3_5 + x_3_6 + 3
x_1_6 - 49
x_2_6 - x_3_6 + 49
----------------------------------------------------------------------
Substitution polynomials
----------------------------------------------------------------------
x_3_3 - x_subs_3 + x_subs_7 - 14
x_3_4 - x_subs_4 + x_subs_7 - 20
x_3_5 - x_subs_5 + x_subs_7 + 40
x_3_6 - x_subs_6 + x_subs_7 + 21
y - x_subs_7 + 

In [6]:
ideal(polys_lin + polys_subs + gb_subs).variety()

[{x_subs_7: 4, x_subs_6: 20, x_subs_5: 70, x_subs_4: 8, x_subs_3: 75, x_subs_2: 29, x_subs_1: 94, y: 68, x_3_6: 96, x_2_6: 47, x_1_6: 49, x_3_5: 26, x_2_5: 28, x_1_5: 96, x_3_4: 24, x_2_4: 92, x_1_4: 26, x_3_3: 85, x_2_3: 19, x_1_3: 24, x_3_2: 21, x_2_2: 26, x_1_2: 85, x_3_1: 79, x_2_1: 37, x_1_1: 21}]

## Contracting Round Function

In [7]:
field = GF(101)
n = 3
r = 7
mode = "crf"

gmimc = GMiMC(field=field, n=n, r=r, mode=mode)

GMiMC Parameters
Field: Finite Field of size 101
n: 3
r: 7
Mode: crf
Constants: [29, 19, 39, 26, 77, 13, 4]


In [8]:
V = VectorSpace(gmimc.field, gmimc.n)
plain = V.random_element()
key = gmimc.field.random_element()
cipher = gmimc.encrypt(plain, key)
plain, key, cipher

((82, 68, 31), 9, (1, 93, 42))

In [9]:
polys = gmimc.generate_polynomials(plain=plain, cipher=cipher)

print(70 * "-")

for i in range(0, gmimc.r):
    for j in range(0, gmimc.n):
        print(polys[i * gmimc.n + j])
    print(70 * "-")

Plain: (82, 68, 31)
Cipher: (1, 93, 42)
Order: degrevlex
----------------------------------------------------------------------
-x_1_1 - 33
-x_2_1 + 31
y^3 - 20*y^2 - x_3_1 - 35*y - 31
----------------------------------------------------------------------
x_2_1 - x_1_2
x_3_1 - x_2_2
x_2_1^3 + 3*x_2_1^2*x_3_1 + 3*x_2_1*x_3_1^2 + x_3_1^3 + 3*x_2_1^2*y + 6*x_2_1*x_3_1*y + 3*x_3_1^2*y + 3*x_2_1*y^2 + 3*x_3_1*y^2 + y^3 - 44*x_2_1^2 + 13*x_2_1*x_3_1 - 44*x_3_1^2 + 13*x_2_1*y + 13*x_3_1*y - 44*y^2 + x_1_1 - 28*x_2_1 - 28*x_3_1 - x_3_2 - 28*y - 9
----------------------------------------------------------------------
x_2_2 - x_1_3
x_3_2 - x_2_3
x_2_2^3 + 3*x_2_2^2*x_3_2 + 3*x_2_2*x_3_2^2 + x_3_2^3 + 3*x_2_2^2*y + 6*x_2_2*x_3_2*y + 3*x_3_2^2*y + 3*x_2_2*y^2 + 3*x_3_2*y^2 + y^3 + 16*x_2_2^2 + 32*x_2_2*x_3_2 + 16*x_3_2^2 + 32*x_2_2*y + 32*x_3_2*y + 16*y^2 + x_1_2 + 18*x_2_2 + 18*x_3_2 - x_3_3 + 18*y + 32
----------------------------------------------------------------------
x_2_3 - x_1_4
x_3_3 - x

In [10]:
polys_lin, polys_subs, gb_subs = gmimc.compute_Groebner_basis(polys)

print(70 * "-")
print("Linear polynomials")
print(70 * "-")
for poly in polys_lin:
    print(poly)

print(70 * "-")
print("Substitution polynomials")
print(70 * "-")
for poly in polys_subs:
    print(poly)

print(70 * "-")
print("Gröbner basis")
print(70 * "-")
for poly in gb_subs:
    print(poly)

(x_subs_3^3, ..., x_subs_n^3) contained in ideal of leading terms: True
All terms of substituted Gröbner basis contained in (x_subs_3, ..., x_subs_n): True
----------------------------------------------------------------------
Linear polynomials
----------------------------------------------------------------------
x_1_1 + 33
x_2_1 - 31
x_3_1 - x_1_3
x_1_2 - 31
x_2_2 - x_1_3
x_3_2 - x_1_4
x_2_3 - x_1_4
x_3_3 - x_1_5
x_2_4 - x_1_5
x_3_4 - x_1_6
x_2_5 - x_1_6
x_3_5 - 1
x_2_6 - 1
x_3_6 + 8
----------------------------------------------------------------------
Substitution polynomials
----------------------------------------------------------------------
x_1_3 - x_subs_3 + x_subs_4 - x_subs_5 + x_subs_6 - 25
x_1_4 - x_subs_4 + x_subs_5 - x_subs_6 + x_subs_7 - 34
x_1_5 - x_subs_5 + x_subs_6 - 38
x_1_6 - x_subs_6 + x_subs_7 + 17
y - x_subs_7 - 3
x_subs_1 - x_subs_7 - 32
x_subs_2 - x_subs_3 + x_subs_4 - x_subs_5 + x_subs_6 - x_subs_7 + 23
------------------------------------------------------

In [11]:
ideal(polys_lin + polys_subs + gb_subs).variety()

[{x_subs_7: 6, x_subs_6: 51, x_subs_5: 68, x_subs_4: 72, x_subs_3: 5, x_subs_2: 34, x_subs_1: 38, y: 9, x_3_6: 93, x_2_6: 1, x_1_6: 28, x_3_5: 1, x_2_5: 28, x_1_5: 55, x_3_4: 28, x_2_4: 55, x_1_4: 83, x_3_3: 55, x_2_3: 83, x_1_3: 76, x_3_2: 83, x_2_2: 76, x_1_2: 31, x_3_1: 76, x_2_1: 31, x_1_1: 68}]