1

Is there a pseudo random permutation generator that produces all permutation of any bit length of the plaintext (this may not be clear, please let me know and I will explain). It must be fast, and does not hold numbers in memory.

This is a permutation of (1) (1)

This is a permutation of (1,2) (2,1)

This is a permutation of (1,2,3) (1,3,2) (2,3,1) (2,1,3) (3,1,2) (3,2,1) n!

Note* the above is not in a pseudo random order and not a complete set that I am looking for.

This is a pseudo random permutation with replacements that I am looking to duplicate with a generator of any size.

PRP of (1,2,3) with replacements

(1,1,1)(3,3,3)(2,3,3)(1,1,3)(3,3,2)(2,3,1)(2,2,2)(1,3,3)(3,2,3)(2,1,2)(1,2,2)(3,1,3)(1,1,2)(3,3,1)(2,3,2)(2,2,1)(1,3,2)(3,2,1)(2,1,1)(1,2,3)(3,1,1)(2,2,3)(1,3,1)(3,2,2)(2,1,3)(1,2,1)(3,1,2) N^N

If one does exist could you please post its name, if possible.

If it does not exist could you expound as to the reason why, if it is against a known proof, or it has simply not been made, yet.

The question here is very similar but it needs to be with replacements.

https://math.stackexchange.com/questions/3521660/invertible-pseudo-random-permutation-function

What would it mean if it could be made. Meaning given the length of any plaintext if that order and length is your first permutation of group g than all permutation after that would be your subgroup permutations. Given that the key length that produces the permutation is not an issue (I would be glad to explain this as well).

Another way of writing this would be. What program would generate all permutations of a given string with replacement? The given string is the complete message source or file to encrypt of any size. It will probably be recursive. Once all permutations are calculated it should loop back to the original permutation which is the file.

Jonathan Hutton
  • 29
  • 1
  • 7
  • 1
    Do you mean like maximum length LFSR that output all except all-zero state? Of course, it is not PRP. – kelalaka May 30 '20 at 17:44
  • I understand a LFSR function. I mean if your plain text is n, the output of the PRP generator would be all permutation of n^n including 0, the first permutation being your plaintext. Not a shuffle but one that will output repeating integers. If your plaintext is 4 bits (1,1,1,0) 14 , the generator will produce in a random order all 4 bit permutations using 14 as the group and the following subgroups the complete permutations of 4 bits. But it must also accommodate any file size. – Jonathan Hutton May 30 '20 at 18:16
  • Meant to say "produce a pseudo random order of all permutation 4 bits in length. – Jonathan Hutton May 30 '20 at 18:35
  • still unclear. what is file size? what the heck is 14 as a group? what is “permutations after that”? use mathematical notation to write a clear question. and why arent LFSRs enough for what you seem to want? – kodlu May 30 '20 at 22:38
  • In other words, if my file is 2k or more is there a prp that can output 2k^2k (in a pseudo random order) permutations using the file as the first permutation set. – Jonathan Hutton May 31 '20 at 01:29
  • 1
    I think what you're asking for goes against the permutation being indistinguishable from a random one given that the expected order is way below the number of all possible permutations. – SEJPM May 31 '20 at 11:47
  • If you use your file as one of the elements of group G then output all elements of group G as permutations in a pseudo random permutation order, you can not distinguish your original file from any other element. – Jonathan Hutton May 31 '20 at 15:31
  • If there are 2k^2k elements in the set, why would you want to output all of them? For anything but the smallest k this will never complete. Your sample outputs here seem incompatible with the sample output below my answer, and I can't see how either one is any kind of permutation. If you still want an answer, I think this whole question needs a significant rewrite. – bmm6o Jun 17 '20 at 15:46

2 Answers2

1

Use any true random permutation generator that relies on random input. Then replace the random input with the output of a PRNG primitive.

Nic
  • 498
  • 2
  • 9
  • Was this the answer you were looking for? – Nic Jun 02 '20 at 16:57
  • I like the mapping solution. It would have to be a pseudo random permutation generator to inverse the operation. Then replace the seed input for the prp with the value of the file, or blocks of the file. – Jonathan Hutton Jun 03 '20 at 01:06
  • I finally have this project codded in python. Compression with this is unique by introducing patterns into the transformed data set without increasing the file size. This results in a higher level of compression without sacrificing data integrity.

    Lossless Reversibility: An important feature is its ability to maintain lossless reversibility. The reversibility aspect is crucial in applications where data integrity and fidelity are of utmost importance, such as scientific research, data analysis, and archival purposes. Used with Diffie-hellman key exchange.

     – Jonathan Hutton Jul 02 '23 at 15:58
  • Now rigorous testing begins – Jonathan Hutton Jul 02 '23 at 15:58
1

You've probably noticed that these combinations are just the numbers 0...N^N-1 written out in base N. (0,0,0), (0,0,1), ..., (2,2,2) is really just counting from 0 to 26, and there's a simple and natural bijection there. So one way of generating them in a pseudo-random order is to shuffle 0-26 with a PRNG in the standard way and use that.

As N gets large, that approach is impractical - you can't hold an array of length N^N in memory. There's the standard trick to use the invertibility of a block cipher to iterate through 0...2^n in pseudorandom order using $E_k(i)$, so if N^N is close to 2^n you can use that.

If N gets larger still, you can just use a PRNG to fill in the tuple values directly. You're only probabilistically guaranteed not to repeat, but I can't see a scenario where you sample enough values to detect the difference.

bmm6o
  • 1,067
  • 6
  • 17
  • Thanks for the visual of Heap's algorithm. It needs to have replacements though and pseudo randomness to the permutations. – Jonathan Hutton Jun 05 '20 at 03:23
  • @JonathanHutton, please use a mathematical definition of exactly what you require – kodlu Jun 06 '20 at 22:12
  • This is what I am looking for in python, but the iterations in the output need to be in a pseudo random order.
    The first iteration is a block or entire bitstream of the file.

    from itertools import combinations def perm(chars, length):
    s = ''.join([c * length for c in list(chars)]) combs = combinations(s, length)
    combs = [''.join(comb) for comb in combs]
    combs = list(set(combs))
    combs.sort() return combs
    for x in perm('012', 4):
    print x

    Output:

    0000 0001
    0002
    0011
    0012
    0022
    0111
    0112
    0122
    0222
    1111
    1112
    1122
    1222
    2222

     – Jonathan Hutton Jun 07 '20 at 00:27
  • Are you sure that's the list you want to generate for that input? That doesn't match my understanding of your previous description at all. – bmm6o Jun 08 '20 at 15:35
  • @ bmm6o ... No that is not the list i want because it is not a prp list. – Jonathan Hutton Jun 12 '20 at 20:05
  • 2
    I mean I don't understand why your sample output list doesn't cover all combinations. Did you intentionally omit 1000? And it's also unclear to me how "the first iteration is the entire bitstream of the file" is represented in the list. 0000 is the entire file? How is 0001 a permutation of that? – bmm6o Jun 15 '20 at 15:58
  • I edited the question to show a list of what I am looking for. – Jonathan Hutton Jun 17 '20 at 17:54
  • Great answer and an excellente job of putting a definition on the sequences to explain what this is. I am mapping an inverse that easily works with elements with tuples of 2048 and larger. – Jonathan Hutton Jun 18 '20 at 03:08
  • @bmm60 definately the answer i was looking for great job...... care to expand on this point? There's the standard trick to use the invertibility of a block cipher to iterate through 0...2^n in pseudorandom order using Ek(i), so if N^N is close to 2^n you can use that. – Jonathan Hutton Jun 18 '20 at 13:23
  • 1
    Just encrypt the values 0..2^n-1 – bmm6o Jun 18 '20 at 15:43