Constructing a specific iterative function

Question

I have a problem at hand that i would like to share with giving my inputs and hoping for some from this site. so here it goes.

I have a matrix say a $4\times 4$ matrix $$A= \begin{bmatrix} a_{11} & a_{12} & a_{13} & a_{14} \\ a_{21} & a_{22} &a_{23} &a_{24} \\ a_{31} &a_{32} &a_{33} &a_{34} \\ a_{41} &a_{42} &a_{43} &a_{44} \\ \end{bmatrix}$$ each $a_{ij}\in \{0,1,2,3,4....N-1\}$ I have a fixed number $r\in\{0,1,2.....N-1\}$ I define the equations as $$ b_{1,1} = r \oplus a_{11} $$ and then the recurrence relation $$b_{i,j} = a_{i,j} \oplus b_{i, j-1} ~~forall~ j\neq 1$$ $$b_{2,1} =a_{2,1} \oplus b_{1,4} ,b_{3,1} =a_{3,1} \oplus b_{2,4}, b_{4,1} =a_{4,1} \oplus b_{3,4}$$ these equations mean that the current value of $b_{i,j}$ depends on the current $a$ and previous $b$ that has just been calculated, here $\oplus $ means the bitwise XOR between two operands. What this transformation does is it generates a matrix that has entries uniformly distributed between $ \{0,1,2,3,4....N-1\}$, and that it is easily reversible so that given $a$ and $b_{i,j}$ i can easily calculate each entry of matrix $A$. My question is can we define a rule other this that does the two aforementioned jobs but is not easily invertible in the sense that you cannot get $A$ easily.

Answer 1

IMHO it is better to look at this as encryption.

Just to be clearly, your requirement is to find a function $f(r,A) = B$ s.t. if an adversary is given $\{r, B\}$ they cannot (easily) calculate $A$. This is exactly what public-key encryption or secure hashing is about.

(You further want $B$ to look uniformly random but this will mostly follow from the first requirement, if you use encryption or even hashing. The good ones all make the result look uniformly random - even if the input $A$ is actually not.)

A super brief primer: $r$ is the public key, and is known to everyone. You encrypt a message $m$ with $r$, resulting in encrypted text $c = e(r, m)$. To decrypt $c$ back to $m$, however, requires a different key called private key $q$, i.e. $m = d(q, c)$. If the adversary doesn't have $q$, it should be hard to calculate $m$ (or $q$ for that matter) from $\{r, c\}$. There are various well-known ways to construct the system $\{r, q, e(), d()\}$ and such systems have been in use for actual online encryption and authentication for decades. Start with the wikipedia article above for more details.

So if you have such a system set up, all you need is $b_{ij} = e(r, a_{ij})$. Optionally, you can daisy-chain e.g. $b_{ij} = e(r, a_{ij} \oplus b_{i,j-1})$ etc, but I'm not sure this is actually more secure. (Security is a question of which system is (slightly?) easier to hack/break... but I am not a security expert.) Well at least, if you don't daisy-chain, then identical entries in $A$ will encrypt to identical entries in $B$, so if that's a concern, then you should daisy-chain.

If you find the public-key systems difficult to implement, then maybe you can use some kind of secure hashing. A secure hash is something that, by definition, is hard to reverse. Think of it as like public-key but there is only an encryption (public) key but no decryption (private) key. If you have such a $hash()$ function (and these are really widely available), then something like $b_{ij} = hash(r \oplus a_{ij})$ or perhaps $b_{ij} = hash(concatenate(r,a_{ij}))$ should work pretty well. You can daisy chain them too.