close

Вход

Забыли?

вход по аккаунту

?

Discrete chaotic cryptography.

код для вставкиСкачать
Ann. Physik 6 (1997) 381-394
Annalen
der Physik
0 Johann Ambrosius Barth 1997
Discrete chaotic cryptography
Zbigniew Kotulski and Janusz Szczepanski
Polish Academy of Sciences, Institute of Fundamental Technological Research, PL-00-049 Warszawa,
Swietokrzyska 21, Poland
Received 13 January 1997, accepted 20 February 1997
Abstract. In the paper we propose a new method of constructing cryptosystems utilising a nonpredictability property of discrete chaotic systems. We formulate the requirements for such systems
to assure their safety. We also give examples of practical realisation of chaotic cryptosystems, using
a generalisation of the method presented in [7]. The proposed algorithm of encryption and decryption is based on multiple iteration of a certain dynamical chaotic system. We assume that some part
of the initial condition is a plain message. As the secret key we assume the system parameter(s) and
additionally another part of the initial condition.
Keywords: Discrete chaotic systems; Cryptography; Secure communications.
1 Introduction
Recently the theory of chaos has proved to be one of the most rapidly developing
fields of research in physics, mathematics, engineering sciences, economics and
many other areas. It is a tool for analysis of the complicated nature of non-linear phenomena coming from theoretical models and experimental observations. First ideas
concerning chaos can be found in early papers of Sinai [32], Oseledec [20], Ornstein
[19] and Pesin [25], but people working in applied sciences started their interest in
the theory after publication of Lorenz’ paper about thermal convection in the atmosphere [16]. The development of this field of research is also connected with computational possibilities given by progress in computer technology. Theoretical analysis
was supported by possibility of observation and visualisation of strange attractors
[28, 371, calculating Lyapunov exponents [2, 3 11, describing and plotting bifurcation
diagrams and transition to chaos [3-5, 26, 301 for many dynamical systems.
The word “chaos” was introduced by Li and Yorke in their theoretical paper [14].
At present, several definitions of chaos are used. The most popular seems to be the
one connected with the concept of Lyapunov exponents. We say that a system is
chaotic if in some region of the phase space it has positive Lyapunov exponents [331.
It follows from the definition of Lyapunov exponents that chaos in the system implies “exponential” divergence of trajectories.
To describe a dynamical system more precisely, we also need some other important properties [24], like ergodicity, mixing, stationarity-stability, etc. Such properties
have been extensively investigated in the theory of abstract dynamical systems since
the late thirties [lo, 117. They give us information about properties of the system like
382
Ann. Physik 6 (1997)
nonseparability of the phase space (ergodicity), asymptotic independence of the states
(mixing), conservation in time of global properties (stability), etc.
On the other hand, cryptography is a permanent field of interest at all times. At
present secret communication plays an increasing role in many fields of common life
like banking, industry, commerce, telecommunication, etc. The idea of encryption is
to modify the message in such a way that its content can be reconstructed only by a
legal recipient. The earliest applications of chaotic systems in cryptography were connected with encrypting messages with the modulation of trajectories of continuous
dynamical systems [17, 231. The method is strongly connected with the concept of
synchronisation of two chaotic systems [9, 221 and controlling chaos [8, 17, 211.
In this paper we try to point out that chaos as well as the other properties of discrete dynamical systems can be successfully applied in constructing cryptosystems.
We formulate some general properties needed for a chaotic cryptosystem to assure its
safety. We also give examples of practical realisation of such “robust” cryptosystems.
2 Discrete dynamical systems - a tool for cryptography
The essence of encryption is a transformation of a plain message such that the inverse
operation on the ciphertext (decryption) is impossible without some additional information. The information is some decryption algorithm (which is usually known) and its
parameters (the secret key). Dynamical systems with chaos seem to be good candidates
for constructing such algorithms. During iteration, the initial condition of such a dynamical system is being transformed in a very non-regular way. Therefore, if we consider
the initial value of the system as a plaintext, the system’s parameters as a secret key
and the state variable after several inverse iterations as a ciphertext then it is almost
impossible to restore the initial value of the system without knowledge of the exact values of the parameters. If we additionally separate the initial condition into two parts, one
of them treated as a plaintext and the other as a secret key, the method can be even
stronger. The details of such a method are presented in Section 5.
In this section we try to formulate some general conditions that should be satisfied
by a dynamical system in order to obtain a safe cryptosystem. Then constructing a
particular algorithm we verify the general properties of the transformations (dynamical systems) applied, instead of testing a number of plain and ciphertexts to check
the power of the method.
To ensure a complicated structure of trajectories of the dynamical system proposed
for the encryption algorithm, we postulate that, except of being chaotic, the system
should be ergodic or, preferably, mixing. Now we explain the effect of these properties on encryption the message, which makes any reasonable attack impossible.
A discrete dynamical system [6, 241 is a couple ( X , rp), where X is the state space
(for our purpose, the state space is usually the unit interval or the Cartesian product
of two unit intervals) and rp is some continuous transformation from X to X , which is
the generator of the semigroup of iterations. The trajectory of an initial state xo is the
set of elements of X obtained by iteration
x,+1 = cp(xn), n = 0,1,2, ... .
(2.1)
The definition of chaos is closely related to the concept of Lyapunov exponents.
Let x E X , v E T,X (the tangent space at x) and D@(x)(v) is the derivative of the
n-th iteration of rp at x in direction v. Then the Lyapunov exponent is the limit
Z. Kotulski and J. Szczepaxkki, Discrete chaotic cryptography
1
= n+cc
lim -1n
n I1 ~ c p f l ( x ) ( v11 ),
where 11 11 is the norm in the tangent space T,X.
AX,"
383
(2.2)
The Lyapunov exponents exist under
some general conditions concerning smoothness of sp [6, 201. The number of different
Lyapunov exponents at x is at most equal to the dimension of the tangent space.
We say that the dynamical system is chaotic in some region if for almost all points
(with respect to some invariant measure, equivalent to Lebesgue measure) in this region there exist positive Lyapunov exponents.
Chaos in a dynamical system makes the trajectories very unstable; starting from
two very close initial conditions, after some iterations, we come to quite different final states (trajectories diverge exponentially). More precisely, for a one-dimensional
dynamical system ( R ty), where ty is C', if at some point x E R, Ax > 0 (in one dimension the direction v is determined by the space itself) then
In the above, Un,,fi,is some neighbourhood of x.
Exponential divergence of trajectories leads to interesting dynamical systems not
only in the finite dimensional case but also in infinite dimensional spaces [18, 341.
To introduce the concept of ergodicity we assume that for the dynamical system
( X , q) there exists a pinvariant measure p, p(X)< 00,that is, a measure which satisfies
In the above, o(X)is the a-algebra of measurable subsets of X .
We say that the dynamical system ( X , p) is ergodic if the measure of every pinvariant subset B of the space X (that is, cp(B) C B ) is 0 or p(X).
The ergodicity implies that the space X cannot be nontrivially (with respect to the
measure p) divided into several parts. Therefore, if some trajectory starts from any
point xo E X,it never localises in a smaller region, and knowing the final state of
the system we can never restore the region (smaller than X) where the trajectory
started.
The next important characteristic of trajectories is the mixing property. We say that
the system has the mixing property if for any two sets A , B E o ( X ) the following
condition is satisfied:
lim p(cp-'(A) n B ) = p ( A ) p ( B ).
n-oo
(2.5)
In the above p-" ( A ) is the pre-image of the set A under the n-th iteration of 9.
The mixing property means that the trajectories of the system have some stochastic
property. If we assume the measure p to be probabilistic one then the iterations of p
make each set A (asymptotically) statistically independent from B. In other words, if
we start our trajectory at some point xo E X then after sufficiently many iterations
we reach any region of the space X with the same probability. This means that for
any final state x, and sufficiently large n, any initial state xo is p-equiprobable.
384
Ann. Physik 6 (1997)
The properties of dynamical systems like chaos, ergodicity and mixing make them
"random" - studying finite dimensional distributions in the state space we cannot distinguish whether the system is chaotic or stochastic [13]. So, all the properties of stochastic encryption desirable for cryptography also hold for encryption with the use of
discrete chaotic dynamical systems.
3 Discrete chaotic cryptography
The idea of encryption of texts using discrete chaotic dynamical systems was introduced in [7]. The authors propose the application of the well-known "tent map" as
an algorithm of encryption and decryption. The tent map F is the following transformation of the interval [0, 11 onto itself
xn
for 0 5 X,?5 a ,
for a
< X, 5 1 .
lmm>In the above, a is a parameter determining the location of the top of the tent.
The inverse tent transformation F 1is the following:
F is a two-to-one map and F' is a one-to-two map. If we take the n-th iteration of F
or of F-' then F" is 2"-to-one and F" is one-to-2"; moreover X = F " ( F " ( X ) ) is satisfied for every X from the interval [0, 11.
The cryptosystem considered in [7] is the following:
The secret key is the parameter a of the tent map;
The message is some number P E (0, 1); it is the initial value of the encryption
transformation;
The encryption procedure is the n-fold iteration of the inverse tent map with the
initial value P, the ciphertext C is a result of that transfornation:
c = F ( P )= F-*(F-'( ...P(P)));
(3.3)
The decription procedure is the image of C under the n-th iteration of the tent
transformation F:
P
.
= F"(C) = P(F(...P(C)))
(3.4)
In the above cryptosystem the value of C can be generated randomly as one of 2"
possible values but the value of P is uniquely restored.
To specify the algorithm, one must simultaneously fix a sufficient number PI of
iterations, to obtain a safe cryptosystem (that is, to make the ciphertexts statistically
independent for close keys), fix the size of the ciphertext to guarantee exact decryption of the message of a given number of digits and select the correct area of keys to
385
Z. Kotulski and J. Szwepanski, Discrete chaotic cryptography
have a uniform distribution of possible ciphertexts over (0, 1). The details can be
found in [7].
In this cryptosystem the secret key is chosen to be the parameter a of the tent
map. It turns out that in the presented piecewise linear model, the trajectories are sensitive to the changes of a.
In general, the selection of internal parameters of discrete dynamical systems determines their qualitative properties, like periodicity, aperiodicity, existence of chaos, ergodicity, etc. However, dependence of the properties on the parameters can be very
complicated and non-regular [ 3 ] and the selection of the value of the parameter appropriate for being used as a secret key can be very involved. Even if we find a parameter for which the system is chaotic, we cannot be sure that it is chaotic for some
other close parameters, Moreover, if we have two close values of the parameter guaranteeing chaos, we cannot predict the speed of divergence of two trajectories for the
same initial condition and the two values of the parameter.
In the next section we propose some modification of the above cryptosystem to
make use of the essence of chaos and we extend the key space from parameters to
both parameters and initial values of dynamical systems.
4 General formulation of the method
As in the previous section, we propose a method of encryption of the plaintext
(which is a number from the unit interval) using as an algorithm inverse iterations of
some dynamical system with chaos. In our method we apply a two-dimensional dynamical system, dividing the initial condition into two parts. One of them (the initial
condition of the first co-ordinate of the system) is the secret key, the other one (second co-ordinate) is the plaintext. Both co-ordinates are iterated; the first, independently of the second, in a chaotic way; the second is also iterated with some dependence on the first co-ordinate at each step. Under certain assumptions on the dynamical system, we have an exponential divergence of the second co-ordinate (ciphertext)
depending on the distance of both keys and plaintexts. This phenomenon is an example of a more general effect of transferring chaos (ergodicity, periodicity) from some
subsystem to an extended system [35,361.
Before given the general formulation of the method, let us illustrate the idea of including the secret key into the initial condition by some elementary one-dimensional
example. Assume that y: [0, 11 -+ [O, 11 is a chaotic map with positive Lyapunov exponent A. Let P E ( 0 , l ) be the message to encrypt. Let us fix some natural number
n and the secret key k E (0,l). Let C be some selected pre-image of P under the
= P. The ciphertext C of P is
map y", that is a point such that y " ( C ) = y"(y-"(P))
defined as C = C k (mod 1). Now decrypting the text one calculates P= y"(C-k)
(having in mind modulo 1 operation). Trying to break the system with a known ciphertext one postulates some value of the secret key, say k l . Using our algorithm one
obtains the message P1=y"(C-kl). Assume the key k , is very close to k,
I k - ICI I<
Assume that n=30. Then, since the dynamical system is chaotic,
from (2.3) one obtains
+
I P - P I I=[
if
yn(C- k ) - y"(C - k l ) I> en(1-c)
I k - kl I=
0.5
A - E = 1.558, which is a reasonable value for many dynamical systems.
(44
386
Ann. Physik 6 (1997)
Now let us define a general scheme of cryptosystem using the essence of chaotic
“hiding” of messages. Consider a two-dimensional dynamical system ( X , @) where X
is the Cartesian product of two unit intervals:
@ : [0, 11 x [0, 11 --t [0, I] x [0, 11 .
(44
Let k E ( 0 , l ) be the secret key and C E ( 0 , l ) be the ciphertext. To specify the cryptosystem let us define the map @ as
@k
C ) = I P ( k M C 1k M 4 l
*
(4.3)
Define
T ( C ,k ) := x ( C ,k)cp(k) .
(4.4)
To complete the cryptosystem, we define encryption of the plaintext as n inverse
iterations of the map @ and the ciphertext as the second co-ordinate of a pre-image
under cFn,preceded and followed by two maps (4.13), (4.13a), respectively.
We assume that q is a chaotic map with some positive Lyapunov exponent i and
the map x is separated from 0, that is, it satisfies the following condition:
Under the above conditions, the second co-ordinate of @, that is, r, exhibits exponential divergence of trajectories with respect to values of k in the following sense.
- ~ , m is some natural number, deFirst we fix an accuracy c0 (say ~ ~ = 1 0where
pending on the computer’s performance) of the possible attack on the secret key k,
that is.
for any other possible k , . Next we choose a parameter E sufficiently close to 1, to
make the number I3 (Q)= 1 - 1 small enough to satisfy
S(&o) = 1 - 1 << 1 d - C )
1 k -k, 1
(4.7)
for all keys k from some uncountable subset K C [0, I] ( K is a set with positive Lebesgue measure, consisting of points which are candidates for secret keys) and kl satisfying (4.6). Then we have
where k and kl are two keys satisfying condition (2.3).
To assure the correctness of the encryption procedure we must assume some additional conditions on Taking into account (4.5), we assume
x.
L. Kotulski and J. Szczepahki, Discrete chaotic cryptography
387
The one step pre-image of the pair (plaintext P, key k) by the map @ should satisfy
the following equalities:
P(k-1) = k , X(P-l,k-I)cp(~-l)= P ,
(4.10)
for some pair kl,
P-l.From (4.9) we have
(4.11)
Then
kl<P<k
(4.12)
and to assure the existence of such a P-1, the map x(.,k-1) should transform the interval (BIZ,k-1) onto the interval (1, 1). Then, after fixing the secret key k, to initialise the encryption procedure we must map (to satisfy (4.12)) the initial state of the
transformation - the plaintext P - into the interval (kl, k).
In the encryption and decryption procedures we use the following two proportional
transformations:
(4.13)
and its inverse:
TLl : [ k l , k ]--+ [0, 1) ,
P=Tr(
I F
P'
)-----k(l-l)
1
1-I'
(4.13a)
In the encryption procedure, Tk is applied at the beginning to map the plaintext into
the required interval, and T;-: (k+ is defined further in this section) is applied at the
end of the procedure to spread the result over all the interval (0,1). During decryption we do this in the opposite order. The steps of both procedures are listed at the
end of this section.
To clarify the formulation of the method, let us write down some steps of decryption. The first one is given in (4.3), the second one is
and generally, the n-th iteration is
QiH(k,C ) = [cp"(k),X(T"-'(C,k),cp"-'(k))cp"(k)l>
(4.15)
where P-'
(C, k) is the second co-ordinate of the two-dimensional map @"-' (k, c).
To verify the inequality (4.8) we substitute
388
Ann. Physik 6 (1997)
Without loss of generality we can assume cpn(k)2 cpfl(kl).Then, taking into account
assumption (4.9), we obtain the estimate
where the last inequality follows from (2.3), applied to the map q~ at k, and (4.7). To
keep the divergence property of the cryptosystem we should select the function x in
such a way that it is sensitive to the second parameter (the secret key). Examples of
such functions are given in the next section.
To summarise let us write down the scheme of the method and the steps of encryption and decryption in our algorithm.
0.0
0.2
0.4
0.6
0.8
1 .o
k
Fig. 1 The plot of the map satisfying conditions from Example 2. Here:
2. Kotulski and J. Szczepanski, Discrete chaotic cryptography
38Y
Scheme of the method
0
Select the chaotic (ergodic or mixing) map p;
Choose the appropriate secret key k;
Fix the natural number n, adequate for k;
Generate the sequence of choices of pre-images (Fig. 1);
Choose the number 1 and the appropriate function
x.
Encryption of P
0
0
Calculate P’=Tk (P) - see (4.13);
Do the following n times:
- (k-1, P L I )= @-I ( k ,PI),where the pre-image k-1 = cp-’(k) is selected according to the sequence of choices of pre-images generated in the “Scheme of the
method”;
- ( k )P’):= (k-, PL1);
Calculate C = T;’ (P’), where now k is the n-th pre-image under p of the original
secret key k (in the decryption procedure this point is called k+) and P‘ is the second co-ordinate of the n-th pre-image under @ of the initial point (k, I”).
Decryption of C
0
0
0
0
Take the secret key k and the sequence of choices of pre-images;
Calculate kPn, applying n inverse iterations of p to the secret key k, selecting the
pre-images at each step according to the known rule;
Calculate C’ = Tk-,(C);
Do the following n times:
- ( k l ,c;)= @(k& C’);
- (/Ln1
C‘) := (k-1, Cl,);
Calculate P = Tll(C’), where C is the second co-ordinate of the last step of the
above iteration.
In the cryptosystem defined above the part decrypting a given ciphertext can be considered, in some sense, as a multiplicative perturbation of the dynamical system p
transforming the secret key k. Therefore, if make a small perturbation, which corresponds to the assumption that the constant 1 in (4.6) is close to 1, then we expect
some properties of the dynamical system p are transferred to the system T.We have
in mind, in particular, ergodicity and mixing property. Their effect on the safety of
the cryptosystem has been explained in Section 2.
The property of the conservation of ergodicity and mixing under multiplicative
perturbations of dynamical systems can be studied independently for various classes
of systems. Some results useful for our purposes were obtained in [29], where the
family of the unimodal maps y,(x) = ax( 1 - x),0 < a 5 4, was considered. An area
was found in the space of parameters a for which the map ya is ergodic.
Examples of maps satisfying the required conditions are considered in the following section.
390
Ann. Physik 6 (1997)
0.9
x ( C k)
0.8
-..
n7
0.00
0.20
0.60
0.40
.O0
0.80
C
Fig. 2 The draft plot of
the function x(C, k) defined in Example 1.
(1=0.8, k=0.6).
5 A practical realisation
To illustrate the theory presented in the previous section let us consider some examples. In all of them the maps applied have the postulated properties like chaos and ergodicity or mixing property. Therefore the sufficient safety property for cryptosysterns, that is, non-separability in the plaintext space, sensitivity to secret key changes
and statistical independence in the ciphertext space, is guaranteed.
The first example is based on a map which is chaotic and ergodic.
Example 1
To construct a concrete example of a discrete chaotic cryptosystem Q, we must define
the functions q and
As follows from the general considerations of the previous
section, to ensure the safety of the cryptosystem, we have to choose a function q
which is chaotic and ergodic. A good candidate is the logistic map defined as
x.
p(k) = 4k(l
-k)
for k E ( 0 , l ) .
(5.1)
For such a map (generally in the form q ( k ) = a k ( l - k ) , where a E (0,4]) it was
proved [29] that in the neighbourhood of a = 4 “almost all” parameters a give an ergodic map. More precisely, a = 4 is the density point in the set of parameters a for
which the map is ergodic. Therefore, if we select this density point as our parameter,
then selecting as function x the transformation (Fig. 2)
x ( C , k )=
I
for 0 5 C < kl
1
lo‘ k
1oc
91
m + glk(1-C
T+T
1oc - 9
k
1
9k2(1-I)
<l
oo+ kl
for kl 5 C
811
1-1)
for++kl<
9k2(1-I)
+ +
for loo kl
for k C 5 1
<
1-1)
C < s + k l + T
91k( 1- I )
91k( 1-I)
5C<k
(5.2)
with E sufficiently close to 1, then the function r can also be considered as chaotic
(see (4.8)) and ergodic in the following sense: the space of the second co-ordinate
391
Z. Kotulski and J. Szczepanski, Discrete chaotic cryptography
(i.e. interval [0, 13) of the map @ cannot be divided into two nontrivial invariant subsets such that the trajectory F ( k , C ) starting from the initial condition (k, C ) will not
stay in one of these subsets. This property is important to ensure the complexity of a
possible attack on the method.
To complete the cryptosystem one should define the rule of selecting one from two
possible values of the map at each step of encryption. To do this optimally, one should
generate randomly some binary sequence of length n (n is the number of inverse iterations during encryption) to decide which value of two pre-images is chosen.
The second example is based on a chaotic map with mixing condition.
Example 2
As the map transforming the secret key let us take some function p satisfying the following conditions:
1. p : ( 0 , l ) -+ ( 0 , l ) ;
2. The interval (0, 1) can be divided into finite (or infinite countable) number of intervals Al, Az, ... such that
i = 1,2, ...;
p(Ai) = (0, l ) ,
3. At each Aithe map p is of class C2 and monotonic;
4. For some natural s and every i the following relationship is satisfied
inf inf
A~ htn./
1
dp(‘)( k )
dk
___ = 6
> 1,
where q(,’)is the s-th iteration of the map p;
5.
sup sup
1
d29(kl1
dk: [
=p<oc.
A, klik2EAt d 9 ( k 2 )
[x-]
Then the map p has an invariant measure equivalent to the Lebesgue measure and is
mixing (mixing implies ergodicity) [l, 12, 271. For our purpose we can assume s= 1.
Moreover, the map is chaotic, which follows from assumption 3, ergodicity of p, the
condition
and the Birkhoff-Khinchin theorem [24]. The example of such a map is shown in
Fig. 3.
To complete the cryptosystem we take the function x in the following form:
for 0 < k < $
1
1
1”
for 0 5 C < kl
fork1 5 C < k
forkIC51
(5.4a)
392
Ann. Physik 6 (1997)
Fig. 3 The illustration of
the method of selecting the
pre-images. Here
p(k) = 4k(l - k ) . Let us
assume that in the introductory step of encryption
we generated the following
sequence of symbols (I?,
L), where L and R mean
that the left (resp. right)
pre-image is chosen. (For
simplicity of notation we
restricted this sequence to
two elements. Generally it
is of length n.) Thus, we
have p-'(P) =
{(PZ'(a(Pil(P)land
next cp-'(cp,'(P)) =
{cp,L(P), (P,X(P)l.Finally, we choose p,,!(P)
(underlined on the plot),
according to the symbols
generated.
.
fori<k<l
I
for 0 5 C < kl
1
fork<C<l
C
(5.4b)
Analogously, one should also define the rule of selecting the value of pre-image from
the possible finite (or infinite countable) number of values.
The next example uses a chaotic and mixing dynamical system for which the preimage set for any plaintext is infinite.
Example 3
Consider a particular case of Example 2 with an infinite countable partition of the
unit interval. Let q be the Gauss transformation defined as:
The function x can be the same as in the previous examples; generation of the sequences determining the pre-images is equivalent to generation of random statistically independent natural numbers.
Z. Kotulski and J. Szczepariski, Discrete chaotic cryptography
393
Example 4
Consider the simple one-dimensional cryptosystem defined in Section 4. To make it
stronger, one can take as an extra secret key some parameter of the map y. This modification prevents breaking the secret key by solving a natural equation if both the
plaintext and ciphertext are known. In such a case the cryptosystem has the power of
the cryptosystem proposed in [7], additionally strengthened by the second secret key
utilising the divergence property of chaos.
6 Conclusions and remarks
In the paper we presented a general method of constructing cryptosystems with application of discrete chaotic dynamical systems. Our approach made it possible to construct cryptosystems and verify their safety by methods of the theory of abstract dynamical systems. Since the theory is quite well developed and still extensively investigated, we have a very strong tool available.
A general theory of discrete chaotic cryptosystems is a kind of theoretical model.
In practice, preparing concrete computer implementations, one should take into account the usual computational conditions. Since numbers in numerical computations
have finite representation, one must assume a size of computed values (key, plaintext,
ciphertext) such that both the iterations and inverse iterations (after fixing the sequence of choices of pre-images) can be performed uniquely and such that one can
obtain the required number of significant digits of plaintext in the decryption process.
In other words, one must fix the information rate R
R=
plaintext size
ciphertext size
(6.1)
appropriate for the algorithm applied and the computer used.
To summarise, let us remark that the proposed algorithm is very fast. It requires
only n iterations of some relatively simple maps, where the number n must be some
compromise between safety of the method and accuracy of the computer arithmetics.
Usually 201n1100.
7 References
[ l ] R. Adler, Lecture notes in mathematics, 318 (1973) 1-5
[2] G. Benettin, L. Galgani, J.M. Strelcyn, Phys. Rev. A14 (1976) 2338
[3] P. Collet, J . 2 Eckmann, Iterated maps on the interval as dynamical systems. A. Jaffe, D. Ruelle,
(eds.). Birkhauser, Boston, 1980
[4] M. J. Feigenbaum, J. Stat. Phys. 19 (1978) 25
[5] M. J. Feigenbaum, J. Stat. Phys. 21 (1979) 669
[6] J. Guckenheimer, P. Holmes, Non-linear oscillations, dynamical systems, and bifurcations of vector
fields. Applied Mathematical Sciences 42, Springer, New York 1983
[7] T. Habutsu, Y. Nishio, I. Sasase, S. Mori, A secret key cryptosystem by iterating a chaotic map,
EUROCRYPT’91, p. 127
[8] S. Hayes, C. Grebogi, E. Ott, Physical Review Letters 70 (1993) 3031
[9] Lj. Kocarev, K.S. Halle, K. Eckert, L.O. Chua, U. Parlitz, Intl. J. Bifurc. & Chaos 2 (1992) 709
[lo] A.N. Kolmogorov, Usp. Mat. Nauk 5 (1938) 52
[ I l l A.N. Kolmogorov, DAN SSSR 119 (1958) 861
394
Ann. Physik 6 (1997)
A. A. Kosjakin, E.A. Sandler, Matiematika 3 (1972) 32
Z Kotulski, W. Szemplinska-Stupnicka, J. Trebicki, On semi-stochastic model of deterministic chaos
in a non-linear oscillator, (to appear)
T.-Y. Li, J.A. Yorke, American Mathematical Monthly 82 (1975) 985
H.B. Lin, Chaos, World Sc. Publ. Corp. 1984
E.N. Lorenz, J. Atmos. Sci. 20 (1963) 130
W. Martienssen, B. Hubinger, R. Doerner, Ann. Physik 4 (1995) 35
L. Nirenberg, Topics in non-linear functional analysis. Lecture Notes, Courant Institute of Mathematical Sciences, New York Univ., New York 1974
D. Omstein, Adv. in Math. 4 (1970) 337
V.I. Oseledec, Trans. Moscow Math. SOC.19 (1968) 197
E. Ott, C. Grebogi, J.A. Yorke, Physical Review Letters 64 (1990) 1196
U. Parlitz, L.O. Chua, Lj. Kocarev, K.S. Halle, A. Shang, Intl. J. Bifurc. & Chaos 2 (1992) 973
L.M. Pecora, T.L. Caroll, Phys. Rev. Lett. 64 (1990) 821
W. Perry, Topics in ergodic theory. Cambridge Univ. Press, Cambridge, 1981
J.B. Pesin, Russ. Math. Surv. 32 (1977) 55
Y. Pomeau, Intermittancy: a simple mechanism of continuous transition from order to chaos. In: Bifurcation phenomena in mathematical physics and related topics. Reidel (1980) 155
W. A. Rochlin, Izv. A. N.SSSR, Math. Ser. 25 (1964) 499
D. Ruelle, F. Takens, Comm. Math. Phys. 20 (1971) 167; 23 (1971) 343
M.R. Rychlik, Ergod. Th. & Dynam. Sys. 8 (1988) 93
S. J. Shenker, Physica 5D (1982) 405
I. Shimada, T. Nagashima, Progress Theor. Phys. 61 (1979) 1605
J.G. Sinai, Doklady Ac. Sc. S. U. 124 (1959) 768
J.-M. Strelcyn, Colloquium Mathematicum 62 (1991) 331
J. Szczepaliski, Proc. Am. Math. SOC.116 (1992) 1041
J. Szczepariski, E. Wajnryb, Physical Review A 44 (1991) 3615
J. Szczepariski, E. Wajnryb, Chaos, Solitons & Fractals 5 (1995) 77
F. Takens, in: Rand D.A., Young L.-S. (eds.) Dynamical systems and turbulence. Springer Lecture
Notes in Mathematics 898 (1980) 366
Документ
Категория
Без категории
Просмотров
0
Размер файла
769 Кб
Теги
discrete, cryptography, chaotic
1/--страниц
Пожаловаться на содержимое документа