Let $BC$ be a block cipher with similar security as AES (in ECB mode).
This $BC$ is applied to a message $m$ of same bit size. The result is a cipher $c$.
e.g.;
$$BC(key_A,m) = c_A$$
$$BC(key_B,m) = c_B$$
I'm looking for a $BC$ with:
$$BC(key_A,c_B) = c_{BA}$$
$$BC(key_B,c_A) = c_{AB}$$
where
$$c_{AB}=c_{BA}$$
but for the majority:
$$c_{A}\not=c_{B}$$
Is there any way to construct keys $key_A, key_A$ with this property for a suitable $BC$?
(Or at least for a big subgroup of the elements)
This questions includes an answer (from Thomas) to a similar question: Are there any secure commutative ciphers?
But as far as I understand it this implies the $BC$ is commutative for all keys. I'm fine with just a small amount of keys which are commutative to each other.
Also in target application the $BC$ just serves as a random number generator. The next number will be generated by applying $BC$ to the current. It should be hard to determine the 'index' of a given value or computing $i$-steps ahead.
A commutative RNG which can compute the next and previous value out of the current (+ some constants (like the key or seed) would also do the job.
Edit: The key/seed will been known.
