Score:1

How can I do cryptanalysis on a chaos-based cipher?

us flag

I have been reading about chaos-based cryptosystems. Every designer claims that his design is a secure system without much cryptographic analysis; however, it turns out that this is a false claim in many cases. I do not know if all these systems are weak or inefficient. I do not have the time to perform cryptanalysis on them all.

For the examples of the chaos-based cipher, almost every designer has his style without real proof of why he does this. They take the word "complex" as a synonym for "secure".

For guidelines that rarely is followed (if any, assuming that it is applicable or even sufficient, I can not judge): Some basic cryptographic requirements for chaos-based cryptosystems. Some Hints for the Design of Digital Chaos-Based Cryptosystems: Lessons Learned from Cryptanalysis. Lessons Learnt from the Cryptanalysis of Chaos-Based Ciphers. Framework for the analysis and design of encryption strategies based on discrete-time chaotic dynamical systems.

My question is:

How can I analyze these systems cryptographically? And what subjects in mathematics or computer science do I need?

Patriot avatar
cn flag
Welcome to SE Crypto! Could you please provide the references that you have been reading?
fgrieu avatar
ng flag
Not quite all chaos-based cipher are susceptible to cryptanalysis. And I don't think a single cryptanalytic strategy can work. There is too wide a spectrum of chaos-based constructions, starting with a dichotomy between (at least roughly) continuous (e.g. [logisitic map](https://en.wikipedia.org/wiki/Logistic_map)) and discrete (e.g. [rule 30](https://en.wikipedia.org/wiki/Rule_30)). Plus not everyone will agree on what counts as a success in cryptanalysis: ciphertext-only ? known plaintext ? chosen plaintext ? side channel ? Perhaps, restrict the question...
user2357 avatar
us flag
@fgrieu If so, why does not the cryptography community consider chaos-based cryptography in mainstream cryptography, and allow it in their sophisticated journal and conferences?
fgrieu avatar
ng flag
@Theprince: Not susceptible to (known) cryptanalysis is not a sufficient criteria for mainstream cryptography. Symmetric ciphers are of interest to mainstream cryptography only when they have an advantage over established constructions, on the tune of: better performance on some common hardware, while having some level of demonstrable/arguable security. I don't know a chaos-based cipher that's efficient and not susceptible to cryptanalysis, much less one that's efficient and comes with some sound security argument.
user2357 avatar
us flag
@fgrieu And I think the logistic map is disregarded by the chaos-based cryptography community itself, as it is a unimodal map See: Arroyo, On the inadequacy of unimodal maps for cryptographic applications. On the other hand, when they talk about chaos systems they do not consider cellular automaton, to the best of my knowledge see the above reference. Speaking about the symmetric ciphers, for your information, almost all chaos based ciphers are symmetric ciphers.
user2357 avatar
us flag
@fgrieu However, conventional symmetric ciphers are recognized, and in practical use, is this the case for chaos-based ciphers?
SAI Peregrinus avatar
si flag
The closest to practical use chaos-based crypto gets is in Physically Unclonable Functions (PUFs) which use the sensitive dependence on initial conditions of some parts of semiconductor manufacturing to produce chips that are impractical to duplicate or emulate.
user2357 avatar
us flag
@SAIPeregrinus I think this is a hardware device, not a chaotic mathematical system that is implemented on a finite precision computer like the most proposed chaos-based ciphers. Am I right?
Maarten Bodewes avatar
in flag
If I would do an educated guess: it's a "chaotic mathematical system" that is mainly useful in hardware to prevent cloning. The hardware is likely part of a finite precision computer. So no, I don't think you get that right.
SAI Peregrinus avatar
si flag
Yep, the hardware is a necessary part. It allows both very high precision of the electrical activity of the initial conditions (limited by quantum effects) and limits measurement precision (can't get initial conditions, let alone replicate them). HWRNGs use the same principles.
SAI Peregrinus avatar
si flag
Also, if you pick a deterministic interpretation of Quantum Mechanics like Many Worlds or DeBroglie-Bohm you get a fully deterministic universe, so there's no such thing as a True Random Number Generator, only chaotic Hardware Random Number Genetors exist. This is why I use HWRNG instead of TRNG: I don't agree that TRNGs have been shown to exist.
user2357 avatar
us flag
@Patriot I added it to the question
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.