In [7]:
import numpy as np
import math
from Crypto.Util.number import getPrime, inverse, bytes_to_long, long_to_bytes
import random

In [8]:
def isqrt(n):
    x = n
    y = (x + 1) // 2
    while y < x:
        x = y
        y = (x + n // x) // 2
    return x

In [9]:
def gcd(a, b):
    if b == 0:
        return a
    else:
        return gcd(b, a%b)

In [10]:
def egcd(a, b):
    if a == 0:
        return (b, 0, 1)
    else:
        gcd, x, y = egcd(b%a, a) #compute gcd first
        return (gcd, y - b//a *x , x)

$S$ = set, $|S| = n$  => 
1. permutations  => $n!$
2. combinations of $r$ objects => ${n \choose r} = \frac{n!}{r!(n-r)!} = n(n-1)(n-2)...(n-r+1)$

**Binomial theorem**  
$(x+y)^n = \sum_{k=1}^{n} {n \choose k} x^k y^{n-k}$


## Vigenere cipher

In [11]:
alphabet = list('abcdefghijklmnopqrstuvwxyz')
text = 'the rain in spain stays mainly in the plain'
key = 'flamingo'

In [12]:
def vigenere_cipher(m, key, set_of_characters):
    m = ''.join(m.split()) #remove whitespace
    c = ''
    for i in range(len(m)):
        index = (set_of_characters.index(m[i]) + set_of_characters.index(key[i % len(key)])) % len(set_of_characters)
        c+= set_of_characters[index]
    return c

In [13]:
vigenere_cipher(text, key,alphabet)

'ysedivtwsdpmqayhfjsyivtzdtnfprvzftn'

In [14]:
# solve dis ( too lazy)

In [15]:
c = 'zpgdl rjlaj kpylx zpyyg lrjgd lrzhz qyjzq repvm swrzy rigzhzvreg kwivs saolt nliuw oldie aqewf iiykh bjowr hdogc qhkwajyagg emisr zqoqh oavlk bjofr ylvps rtgiu avmsw lzgms evwpcdmjsv jqbrn klpcf iowhv kxjbj pmfkr qthtk ozrgq ihbmq sbivdardym qmpbu nivxm tzwqv gefjh ucbor vwpcd xuwft qmoow jipdsfluqm oeavl jgqea lrkti wvext vkrrg xani'
c = ''.join(c.split())

In [16]:
trigrams = np.array(list(zip(c, c[1:], c[2:])))

In [17]:
uniq_arr, inv_arr, count_arr = np.unique(trigrams, axis = 0, return_counts = True, return_inverse = True)



In [18]:
inv_arr

array([261, 154,  48,  24, 115, 182,  90, 109,   1,  89, 102, 158, 255,
       121, 249, 262, 159, 258, 251,  54, 115, 181,  85,  48,  24, 117,
       190, 260,  68, 265, 173, 252,  97, 264, 169, 176,  36, 157, 225,
       132, 202, 242, 192, 269, 257, 180,  71,  59, 260,  69, 267, 227,
       175,  34,  53, 107, 235,  80, 228, 199, 193,   5, 142, 118, 207,
       136, 111,  78, 216, 238, 141, 110,  23,  70,  31,   6, 162,  38,
       232,  40,  73,  83, 253,  99,  60,  11,  92, 148, 241, 179,  62,
        26, 140,  47,  21, 163,  63, 106, 231,   2,  96, 250,   0,  51,
        50,  35, 124,  76, 198, 191, 263, 168, 144, 164,  64, 137,   8,
       224, 113,  98,  11,  91, 139,  45, 189, 254, 120, 226, 156, 197,
       187, 203,  52,  77, 211,   9, 225, 132, 201, 237, 122, 259,  55,
       131, 195,  37, 229, 239, 151,  18,  25, 125,  95, 200, 220,  94,
       160,  15, 184, 135, 100, 114, 152,  20,  41,  74, 146, 234,  67,
       222, 108, 245,  84,  12,  93, 155, 123,  43, 103, 185, 17

In [19]:
uniq_arr[count_arr == 2]

array([['a', 'v', 'l'],
       ['b', 'j', 'o'],
       ['d', 'l', 'r'],
       ['g', 'd', 'l'],
       ['l', 'r', 'j'],
       ['m', 's', 'w'],
       ['p', 'c', 'd'],
       ['q', 'm', 'o'],
       ['v', 'm', 's'],
       ['v', 'w', 'p'],
       ['w', 'p', 'c'],
       ['z', 'h', 'z']], dtype='<U1')

# TO DO maybe?
finish the cryptanalysis of Vigenere cypher 

# Probability

assume you know the basic proprieties:
* definitions
* independence, conditional
* Bayes formula
* random variables -> density functions and proprieties
* common random variables

# Collision Algorithms

**Collision Theorem**:
An urn contains $N$ balls, of which $n$ are red and $N-n$ are blue.  
Bob samples with replacement until he has $m$ balls

* The probability that Bob selects at least one red ball:  $Pr(\text{at least one red})=1−\left(1−\cfrac n N\right)^m$

* A lower bound for the probability $Pr(\text{at least one red})≥1−e^{−mn/N}$

If $N$ is large and if $m$ and $n$ are not too much larger than $\sqrt N$ (Ex: $m, n <10\sqrt N$), the lower bound is almost an equality


In [20]:
#Example

In [25]:
def pr_at_least_one_red(n, m, N):
    return 1 - (1 - n/N)**m
def bounded_pr_at_least_one_red(n, m, N):
    return 1 - np.e**(-m*n/N)

A deck of cards is shuffled and eight cards are dealt face up.Bob then takes a second deck of cards and chooses eight cards at random,replacing each chosen card before making the next choice. What is Bob’sprobability of matching one of the cards from the first deck?

In [26]:
N = 52
n = 8
m = 8

In [27]:
print(pr_at_least_one_red(n,m,N))
print(bounded_pr_at_least_one_red(n, m, N))


0.7372185753440565
0.7079321763085858


In [28]:
n = 10; m = 5
print(pr_at_least_one_red(n,m,N))
print(bounded_pr_at_least_one_red(n, m, N))

0.6562602681709593
0.6176957271079193


In [33]:
N = 100000
n = 1000
m = 1000
print(pr_at_least_one_red(n,m,N))
print(bounded_pr_at_least_one_red(n, m, N))

0.9999568287525893
0.9999546000702375


# Pollard rho algoritm

https://en.wikipedia.org/wiki/Pollard%27s_rho_algorithm_for_logarithms  
legit got the intuition from here : https://youtu.be/pKO9UjSeLew
and here https://www.youtube.com/watch?v=9YTjXqqJEFE

In [37]:
p = 48611
g = 19
h = 24717

In [42]:
def f(x, g, h, alpha, beta, p): 
    '''a random function that returns x, alpha, beta'''
    if( x < p//3):
        return g * x % p, (alpha+1) % (p-1), beta % (p-1)
    elif (x >= p//3 and x < (2*p) // 3):
        return pow(x, 2, p), 2 * alpha % (p-1), 2 * beta % (p-1)
    else:
        return h * x % p,  alpha, (beta+1) % (p-1)
    

In [45]:
def pollard_rho(g, h, p):
    alpha_i = alpha_2i = 0
    beta_i = beta_2i = 0
    x_i = x_2i = 1
    
    #use floyd's tortoise and hare intuition
    for i in range(int(3*isqrt(p))):
        #Tortoise
        x_i, alpha_i, beta_i = f(x_i, g, h, alpha_i, beta_i, p)
        
        #Hare
        x_temp, alpha_temp, beta_temp = f(x_2i, g, h, alpha_2i, beta_2i, p)
        x_2i, alpha_2i, beta_2i = f(x_temp, g, h, alpha_temp, beta_temp, p)
        
        #print(i, x_i, x_2i, alpha_i, beta_i, alpha_2i, beta_2i)
        
        if(x_i == x_2i): # collision
            u = (alpha_i - alpha_2i) % (p-1)
            v = (beta_2i - beta_i) % (p-1)
            #print(u, v)
            #print(pow(g, u, p), pow(h, v, p))
            
            #g^u = g^v => v * log_g(h) = u mod (p-1)  -> let this be equation (*)
            gcd, s, _ = egcd(v, p-1) #s * v = gcd
            #print(s, s * v % (p-1), gcd)
            if(gcd== 1): 
                #multiply (*) by inverse of v mod p-1
                return (inverse(v, (p-1)) * u) %(p-1)
            else:
                #multiply (*) by d
                solutions = set()
                for k in range(gcd):
                    w = u * s % (p-1)
                    sol = (w) / gcd + k * (p-1) / gcd
                    solutions.add(sol)
                return solutions
                
                
                
            

In [46]:
t = pollard_rho(g, h, p)

In [47]:
t

{3842.0,
 8703.0,
 13564.0,
 18425.0,
 23286.0,
 28147.0,
 33008.0,
 37869.0,
 42730.0,
 47591.0}

# TO DO maybe?: Information theory 