A derivation is transformation with the property
$$\begin{aligned} D_{}(ab)=D_{}(a) b + a D_{}(b). \end{aligned}$$
(11)
In an associative algebra any element
x defines an inner derivation
\(\text {ad}_x(y)=xy - yx\). In a non-associative algebra this formula usually does not satisfy (
11). We define two operations in octonion algebra
\(L_{x}(a)=ax\) and
\(R_{x}(a)=xa\),
\(a,x\in \mathrm {O}\). We note, that these operations for a non-associative algebra have the following composition rules
\(L_{x}L_{y}(a) = x(ya)\) and similarly for
\(R_{x}R_{y}(a) = (ay)x\). The transformation
\(D_{x,y} : \mathrm {O} \rightarrow \mathrm {O}\) defined as
$$\begin{aligned} D_{x,y}(z)= [L_{x}, L_{y}](z) + [L_{x}, R_{y}](z) + [R_{x}, R_{y}](z), \end{aligned}$$
is a derivation in the octonion algebra, [
26]. The derivation
\(D_{x,y}\) we write in the standard form
$$\begin{aligned} D_{x,y}(z)= [[x,y],z] - 3(x,y,z), \end{aligned}$$
(12)
where (
x,
y,
z) denotes the associator
\((xy)z - x(yz)\) and
\([x,y]=xy-yx\). To construct the symmetric key exchange algorithm on the octonion algebra we use the following property of the derivation (
12)
$$\begin{aligned} \; [D_{a,b},D_{x,y}] = D_{D_{a,b}(x), y} + D_{x, D_{a,b}(y)}. \end{aligned}$$
(13)
The basic idea that lies behind the construction of the algorithm is that for a given monomial
\(p(u) = u_{1} \cdots u_{N}\) in octonion algebra its derivative
\(D_{x,y}(p(u))\) can be expressed by the elements
\(u_{i}\) and
\(D_{x,y}(u_{i})\). Let us assume that, the user
\(\mathrm {A}\) generates two polynomials
\(\{ p_{A,1}({\overline{v}}), p_{A,2}({\overline{v}}) \}\) of
\({\overline{v}}=(v_{1}, \ldots , v_{N'})\) variables and the user
\(\mathrm {B}\) two polynomials
\(\{ p_{B,1}({\overline{u}}), p_{B,2}({\overline{u}})\}\) of
\({\overline{u}}=(u_{1}, \ldots , u_{N})\) variables. For a selected values of
\({\overline{v}}\),
\(a_i=p_{A,i}({\overline{v}}_{0})\),
\(i=1,2\), the user
\(\mathrm {A}\) calculates the derivative
\(D_{a_1,a_2}(u_i)\) of each octonion in the tuple
\({\overline{u}}\) and sends it to the user
\(\mathrm {B}\). Using the derivatives
\(D_{a_1,a_2}(u_i)\) the user
\(\mathrm {B}\) is able to calculate
\(D_{a_1,a_2}(p_{B,1}({\overline{u}}_{0}))\) and
\(D_{a_1,a_2}(p_{B,2}({\overline{u}}_{0}))\). The key
\(K^{B}_{(a_1,a_2),(p_{B,1},p_{B,2})}=[D_{a_1,a_2}, D_{p_{B,1},p_{B,2}}]\) is determined by the user
\(\mathrm {B}\) using the formula
$$\begin{aligned} K^{B}_{(a_1,a_2), (p_{B,1},p_{B,2})} = D_{ D_{a_1,a_2}(p_{B,1}), p_{B,2}} + D_{p_{B,1}, D_{a_1,a_2}(p_{B,2})}. \end{aligned}$$
In a similar way, the user
\(\mathrm {A}\) using the derivatives
\(D_{b_1,b_2}(v_i)\), where
\(b_i=p_{B,i}({\overline{u}}_{0})\),
\(i=1,2\), is able to calculate
\(D_{b_1,b_2}(p_{A,1}({\overline{v}}_{0}))\),
\(D_{b_1,b_2}(p_{A,2}({\overline{v}}_{0}))\) and the key
$$\begin{aligned} K^{A}_{(b_1,b_2),(p_{A,1},p_{A,2})} = D_{D_{b_1,b_2}(p_{A,1}), p_{A,2}} + D_{p_{A,1}, D_{b_1,b_2}(p_{A,2})}. \end{aligned}$$
Because both expressions differ by the sign the common cryptographic key is
$$\begin{aligned} K_{(a_1,a_2),(b_1,b_2)} = - K^{A}_{(b_1,b_2),(p_{A,1},p_{A,2})}= K^{B}_{(a_1,a_2),(p_{B,1},p_{B,2})}. \end{aligned}$$
Below, we give the exact definition of the symmetric key exchange cryptographic algorithm based on the octonion derivation.
-
The octonionic symmetric key exchange algorithm
1.
The user \(\mathrm {A}\) selects three octonions \(v_1, v_2, w\) and two polynomials \(p_{A,i}\), \(i=1,2\). For the selected otonions \(v_1, v_2\) the user \(\mathrm {A}\) calculates the secret \(a_i = p_{A,i}(v_1, v_2)\), \(i=1,2\). The imaginary parts of \(v_1, v_2\), i.e., the set \(S_{v}=\{ \mathrm {Im}(v_1), \mathrm {Im}(v_2) \}\) and the octonion w the user \(\mathrm {A}\) sends to \(\mathrm {B}\).
The user \(\mathrm {B}\) selects two octonions \(u_1, u_2\), two polynomials \(p_{B,i}\), \(i=1,2\) and calculates the secret \(b_i = p_{B,i}(u_1,u_2)\), \(i=1,2\).
The set \(S_{u}=\{ \mathrm {Im}(u_1), \mathrm {Im}(u_2) \}\) is sent to \(\mathrm {A}\).
2.
The user \(\mathrm {A}\) calculates$$\begin{aligned} D_{a_1,a_2}(S_{u}) = \{ D_{a_1,a_2}(\mathrm {Im}(u_1)), D_{a_1,a_2}(\mathrm {Im}(u_2)) \} \end{aligned}$$
and sends the set \(D_{a_1,a_2}(S_{u})\) to \(\mathrm {B}\).
The user \(\mathrm {B}\) calculates$$\begin{aligned} D_{b_1,b_2}(S_{v}) = \{ D_{b_1,b_2}(\mathrm {Im}(v_1)), D_{b_1,b_2}(\mathrm {Im}(v_2)) \} \end{aligned}$$
and sends the set \(D_{b_1,b_2}(S_{v})\) to \(\mathrm {A}\).
3.
The user \(\mathrm {A}\) calculates the derivation \(D_{b_1,b_2}(p_{A,i}(v_1,v_2))\),
\(i=1,2\)$$\begin{aligned} D_{b_1,b_2}(a_i)= p'_{A,i}(v_1,v_2,D_{b_1,b_2}(v_1), D_{b_1,b_2}(v_2))). \end{aligned}$$
The user \(\mathrm {B}\) calculates the derivation \(D_{a_1,a_2}(p_{B,i}(u_1,u_2))\),
\(i=1,2\)$$\begin{aligned} D_{a_1,a_2}(b_i) = p'_{B,i}(u_1,u_2,D_{a_1,a_2}(u_1), D_{a_1,a_2}(u_2))). \end{aligned}$$
4.
For the agreed octonion \(w\in \text {Im}(\mathrm {O})\),
the user \(\mathrm {A}\) calculates the key$$\begin{aligned}&K^{A}_{(b_1,b_2),(a_1,a_2)}(w) =D_{D_{b_1,b_2}(a_1), a_2}(w) + D_{a_1, D_{b_1,b_2}(a_2)}(w), \end{aligned}$$
(14)
and \(\mathrm {B}\) calculates$$\begin{aligned}&K^{B}_{(a_1,a_2),(b_1,b_2)}(w) =D_{D_{a_1,a_2}(b_1), b_2}(w) + D_{b_1, D_{a_1,a_2}(b_2)}(w). \end{aligned}$$
(15)
The octonion$$\begin{aligned} K(w) = -K^{A}_{(b_1,b_2),(a_1,a_2)}(w) = K^{B}_{(a_1,a_2),(b_1,b_2)}(w) \end{aligned}$$
defines the common secret key.
Let us show an example how this algorithms works.
1.
The user \(\mathrm {A}\) selects there octonions \(v_1=\{ 2, -3, 0, 1, -2, 5, -1, 1 \}\),
\(v_2=\{ 5, 1, 2, 7, 4, -1, 0, -2 \}\),
\(w= \{ 1, 2, 3, -1, 4, -2, 0, 0 \}\) and two polynomials$$\begin{aligned} p_{A,1}= & {} v_1 + 11 v_2 + 3 v_1 v_2 - v_1 v_2 v_1, \\ p_{A,2}= & {} v_1 + 6 v_2 + v_2 v_1 - 5 v_2 v_1 v_2. \end{aligned}$$
Next, the user \(\mathrm {A}\) calculates two secret octonions \(a_i = p_{A,i}(v_1, v_2)\),
\(i=1,2\).
The set \(S_{v}=\{\mathrm {Im}(v_1), \mathrm {Im}(v_2)\}\),
where \(\mathrm {Im}(v_1) = \{ 2, -3, 0, 1, -2, 5, -1, 0 \}\),
\(\mathrm {Im}(v_2)= \{ 5, 1, 2, 7, 4, -1, 0, 0 \} \}\) and the octonion w is sent to \(\mathrm {B}\).
The user \(\mathrm {B}\) selects two octonions \(u_1= \{ 3, 1, 7, 2, -4, 0, 5, -2\}\),
\(u_2= \{-2, -5, 0, 1, 6, -1, 3, -3\}\) and two polynomials$$\begin{aligned} b_1= & {} 3 u_1 + u_2 + 3 u_1 u_2 - u_1 u_2 u_1,\\ b_2= & {} u_1 - 2 u_2 - 5 u_2 u_1 + u_2 u_1 u_2. \end{aligned}$$
Next, the user \(\mathrm {B}\) calculates two secret octonions \(b_i = p_{B,i}(u_1,u_2)\),
\(i=1,2\).
The set \(S_{u}=\{\mathrm {Im}(u_1), \mathrm {Im}(u_2)\}\), where \(\mathrm {Im}(u_1) = \{ 3, 1, 7, 2, -4, 0, 5, 0 \}\), \(\mathrm {Im}(u_2) = \{-2, -5, 0, 1, 6, -1, 3, 0 \}\) is sent to \(\mathrm {A}\).
4.
For the agreed octonion w,
the user \(\mathrm {A}\) calculates \(-K^{A}_{(b_1,b_2),(a_1,a_2)}(w)\) and the user \(\mathrm {B}\) calculates \(K^{B}_{(a_1,a_2),(b_1,b_2)}(w)\) according to the formulas (
14), (
15).
The common secret key is$$\begin{aligned} K(w)= & {} 8 \{5549509343115, 1850183670668, \\&-1020644923030, -2086176426557, -4111458908175, \\&-4085858645391, 338344436964\}. \end{aligned}$$
To recover the secret octonions
\(a_1\) and
\(a_2\) (
\(b_1\),
\(b_2\)) based on the knowledge of
\(u_1, u_2\) and
\(w_1, w_2\) it is necessary to solve the set of equations
\(D_{a_1, a_2}(u_i)=w_i\),
\(i=1,2\). For imaginary octonions this set of equations can be written in the form
$$\begin{aligned} (a_1 a_2) u_i + 3 a_1 ( a_2 u_i) = w_i\;\;\; a_1, a_2 , u_i, w_i\in \mathrm {Im}(\mathrm {O}). \end{aligned}$$
(16)
It consists of 12 equations with 14 unknown variables. Because, the key
K(
w) depends also on the real parts of the octonions
\(v_i\) and
\(u_i\), which are kept secret, to recover the octonions
\(a_1\) and
\(a_2\) the man in middle should determine 16 parameters having only the system of twelve equations (
16).