deleted file mode 100644

@@ -1,38 +0,0 @@

-title: Markov Chain Monte Carlo for decryption

-date: 2018-11-20

-tags:

-  - coding

-  - haskell

-  - markov-chain

-draft: true

-

-Each year I teach part of the Python programming course at the

-Casimir research school, and each year I try and think of more

-short projects to offer the participants during the latter half

-of the course. While fishing for ideas I came across an incredibly

-cool idea: using Markov chains to break classic cryptographic ciphers.

-

-+ Found this paper

-+ Idea is:

-  - Analyze a reference text and obtain bigram frequencies

-  - Construct a score function for a decryption key by finding

-    the frequencies of bigrams in the decrypted text

-  - Use this score function with the metropolis-hastings algorithm

-    to walk around the key space

-+ Coded up a solution in Python in a couple of hours, also wanted

-  to give it a try in Haskell, to test out iHaskell and see how good

-  Haskell is for "exploratory" work

-

-+ TL;DR for exploratory work Haskell seems too restrictive. Mediocre

-  library documentation and overly abstracted types make error messages

-  impossible to debug

-

-

-+ Keys are just maps between characters, we make RVars of them

-+ Trying to make sense of the required pieces of RVars is intense

-+ We need to run the whole markov chain before we can get the results; not cool!

-  Somewhere in our monad stack we are inserting some strictness; we need to find

-  out where!

new file mode 100644

@@ -0,0 +1,573 @@

+{

+ "cells": [

+  {

+   "cell_type": "raw",

+   "metadata": {},

+   "source": [

+    "---\n",

+    "title: Decrypting substitution ciphers using Markov chains\n",

+    "date: 2019-02-25\n",

+    "tags\n",

+    "    - coding\n",

+    "    - python\n",

+    "    - probability\n",

+    "draft: true\n",

+    "---"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "I am part of the course team for the [Casimir programming course](https://casimir.researchschool.nl/casimir-course-programming--full-sign-up-now--4414.html).\n",

+    "Each year we take 50 students through a software carpentry-style intensive course in Python and scientific programming over the course of a week.\n",

+    "The capstone is a project lasting a couple of days where the students put into practice all that they've learned in the course."

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "Coming up with cool projects is a chore, however I recently read a blog post about using Markov Chain Monte Carlo for decrypting substitution ciphers.\n",

+    "This meshes well with the other themes in the course, and on the first day there is a small exercise that uses some statistical analysis for decrypting substitution ciphers, however it is not very automatic.\n",

+    "The blog post references [this 2010 paper](http://probability.ca/jeff/ftpdir/decipherart.pdf) from some Masters students at the University of Toronto, which I used as inspiration."

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "## The General Idea\n",

+    "We have some text that we know has been encrypted using a substitution cipher, however we do not know the encryption key that has been used.\n",

+    "\n",

+    "The space that we are searching is the space of encryption keys. \n",

+    "You can think of a key as a bijective map from the alphabet to itself, e.g. `A → D, B → R, ...`.\n",

+    "The associated decryption key is just the inverse of this map.\n",

+    "For a given decryption key we can attempt to decrypt the ciphertext.\n",

+    "We will get some cleartext that may or may not be correct.\n",

+    "What is clear is that if more entries in the decryption key are correct, the closer the cleartext will be to the right answer.\n",

+    "We can analyze the frequency of pairs of letters in the cleartext and compare it to the frequency in some reference text.\n",

+    "A higher number of matches will make the cleartext score higher. \n",

+    "If we use the ratio of scores of different pairs of letters as our transition probability (properly normalized) then we can use a Markov Chain to sample the space of keys and (if implemented well!) converge to the true key."

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "## Step 1: Get a reference text\n",

+    "\n",

+    "We'll use a large corpus of English text as our reference.\n",

+    "Luckily Project Guthenberg has a good number of English texts.\n",

+    "For this example we choose War and Peace."

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "from urllib.parse import urlparse\n",

+    "from itertools import product\n",

+    "from string import ascii_lowercase, printable, punctuation\n",

+    "from itertools import groupby, chain\n",

+    "\n",

+    "import requests\n",

+    "\n",

+    "def is_url(maybe_url):\n",

+    "    parsed_url = urlparse(maybe_url)\n",

+    "    return parsed_url.scheme and parsed_url.netloc\n",

+    "\n",

+    "\n",

+    "WORD_MARKER = ' '\n",

+    "ALPHABET = ascii_lowercase\n",

+    "ALLOWED_CHARS = frozenset(ALPHABET + WORD_MARKER)\n",

+    "EXCLUDED_CHARS = frozenset(printable) - ALLOWED_CHARS\n",

+    "ALPHA_TO_INDEX = {a: i for i, a in enumerate(ALPHABET)}\n",

+    "\n",

+    "\n",

+    "def normalize_text(text):\n",

+    "    \"\"\"Normalize a text using certain rules\n",

+    "        \n",

+    "    The normalization rules are the following:\n",

+    "        + all alphabetic characters are converted to lowercase\n",

+    "        + all non-alphabetic characters are converted to an end-of-word marker character.\n",

+    "          We will only be analyzing the text on the level of the constituent\n",

+    "          words, not the grammar, so we only care about punctuation and whitespace\n",

+    "          because it indicates the start/end of a word.\n",

+    "    \"\"\"\n",

+    "    text = text.lower()\n",

+    "    # normalize punctuation to whitespace. Probably incorrect for hyphenation,\n",

+    "    # but we hope that hyphenated words are rare. This also catches\n",

+    "    # (and ignores) non-ascii characters\n",

+    "    text = ((c if c in ALLOWED_CHARS else WORD_MARKER) for c in text)\n",

+    "    # remove duplicates of WORD_MARKER\n",

+    "    text = chain.from_iterable(c if c == WORD_MARKER else g for c, g in groupby(text))\n",

+    "    return ''.join(text)\n",

+    "    \n",

+    "\n",

+    "# TODO: convert this to work on streams, for truly huge reference texts,\n",

+    "#       to avoid reading the whole reference text into memory at once\n",

+    "def get_reference_text(name):\n",

+    "    \"\"\"Returns a normalized reference text as a string.\n",

+    "    \n",

+    "    See the documentation for 'normalize_text' for details of the normalization.\n",

+    "    \n",

+    "    Parameters\n",

+    "    ----------\n",

+    "    name : str\n",

+    "        The name of the text to fetch; either a path to a file or a URL.\n",

+    "        If a URL is provided, GETting the URL must return the text.\n",

+    "    \"\"\"\n",

+    "    try:\n",

+    "        if is_url(name):\n",

+    "            text = requests.get(name).text\n",

+    "        else:\n",

+    "            with open(name) as file:\n",

+    "                text = file.read()        \n",

+    "    except Exception as error:\n",

+    "        msg = f'There was a problem fetching the text from \"{name}\"'\n",

+    "        raise ValueError(msg) from error\n",

+    "    \n",

+    "    return normalize_text(text)"

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "war_and_peace = get_reference_text('http://www.gutenberg.org/files/2600/2600-0.txt')"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "Next we need a few utilities for counting bigrams in a text and constructing the matrix of probabilities for finding a letter in position $X+1$ given that a given letter is in position $X$. This is exactly the normalized matrix of bigram frequencies."

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "from collections import Counter\n",

+    "from operator import mul\n",

+    "from functools import reduce\n",

+    "from itertools import islice\n",

+    "\n",

+    "\n",

+    "def pairs(sequence):\n",

+    "    return zip(sequence, islice(sequence, 1))\n",

+    "\n",

+    "\n",

+    "def prod(iterable):\n",

+    "    return reduce(mul, iterable, 1)\n",

+    "\n",

+    "\n",

+    "def take(n, it):\n",

+    "    return islice(it, n)\n",

+    "\n",

+    "\n",

+    "def count_bigrams(text):\n",

+    "    \"Return the bigrams in a text as a dict (char1, char2) → count.\"\n",

+    "    return Counter(pairs(text))\n",

+    "\n",

+    "\n",

+    "def construct_transitions(text):\n",

+    "    transitions = count_bigrams(text)\n",

+    "    for c in ALLOWED_CHARS:\n",

+    "        total = sum(transitions[c, p] for p in ALLOWED_CHARS)\n",

+    "        if total == 0:\n",

+    "            continue\n",

+    "        for p in ALLOWED_CHARS:\n",

+    "            transitions[c, p] /= total\n",

+    "    return transitions  "

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "wnp_transitions = construct_transitions(war_and_peace)"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "---"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "Next we define some tools for working with encryption/decryption keys"

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "import random\n",

+    "from contextlib import contextmanager\n",

+    "\n",

+    "\n",

+    "@contextmanager\n",

+    "def set_seed(seed=None):\n",

+    "    \"\"\"A context manager that sets/resets the Python RNG seed on entry and exit.\n",

+    "    \n",

+    "    If the provided seed is 'None', then this context manager does nothing.\n",

+    "    \"\"\"\n",

+    "    if seed is not None:\n",

+    "        rng_state = random.getstate()\n",

+    "        random.seed(seed)\n",

+    "    yield\n",

+    "    if seed is not None:\n",

+    "        random.setstate(rng_state)"

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "from string import ascii_lowercase\n",

+    "from random import shuffle\n",

+    "\n",

+    "\n",

+    "def random_key(seed=None):\n",

+    "    \"\"\"Return a random map *from* ciphertext symbols *to* cleartext symbols.\n",

+    "    \n",

+    "    Parameters\n",

+    "    ----------\n",

+    "    seed : int (optional)\n",

+    "        If provided, the Python random generator will be seeded with the provided\n",

+    "        value before generating the key, and restored to its previous state afterwards.\n",

+    "        This is useful for producing the same key twice.\n",

+    "    \"\"\"\n",

+    "    with set_seed(seed):\n",

+    "        # 'shuffle' only operates in-place on lists\n",

+    "        shuffled = list(ALPHABET)\n",

+    "        shuffle(shuffled)\n",

+    "\n",

+    "    return dict(zip(ALPHABET, shuffled))"

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "def decrypt(ciphertext, key):\n",

+    "    \"\"\"Decrypt a ciphertext using a substitution cipher with the provided key.\n",

+    "    \n",

+    "    Parameters\n",

+    "    ----------\n",

+    "    ciphertext : str\n",

+    "        The text to decrypt\n",

+    "    key : dict : str → str\n",

+    "        A map *from* ciphertext symbols *to* cleartext symbols.\n",

+    "        Any characters that appear in 'ciphertext' but do not appear in 'key'\n",

+    "        remain unchanged in the cleartext.\n",

+    "    \"\"\"\n",

+    "    # XXX: If we're going to be calling this many times, we should\n",

+    "    #      consider making the output of 'maketrans' the canonical key format\n",

+    "    return ciphertext.translate(str.maketrans(key))\n",

+    "\n",

+    "\n",

+    "def encrypt(cleartext, key):\n",

+    "    \"\"\"Encrypt a ciphertext using a substitution cipher with the provided key.\n",

+    "    \n",

+    "    Parameters\n",

+    "    ----------\n",

+    "    cleartext : str\n",

+    "        The text to encrypt\n",

+    "    key : dict : str → str\n",

+    "        A map *from* ciphertext symbols *to* cleartext symbols\n",

+    "        Any characters that appear in 'ciphertext' but do not appear in 'key'\n",

+    "        remain unchanged in the cleartext.\n",

+    "    \"\"\"\n",

+    "    # Encryption is decryption with the key reversed\n",

+    "    key = {v: k for k, v in key.items()}\n",

+    "    return decrypt(cleartext, key)"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "And some utilities for constructing the \"distance\" between 2 keys."

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "def similarity(seq1, seq2):\n",

+    "    l = min(len(seq1), len(seq2))\n",

+    "    return sum(c1 == c2 for c1, c2 in zip(seq1, seq2)) / l\n",

+    "\n",

+    "\n",

+    "def distance(ciphertext, key1, key2):\n",

+    "    \"\"\"Return the distance between 'key1' and 'key2'\n",

+    "    \n",

+    "    The distance is defined as the proportion of characters that are the same between the\n",

+    "    cleartexts obtained using 'key1' and 'key2'.\n",

+    "    \"\"\"\n",

+    "    cleartext1 = decrypt(ciphertext, key1)\n",

+    "    cleartext2 = decrypt(ciphertext, key2)\n",

+    "    return 1 - similarity(cleartext1, cleartext2)\n",

+    "    \n",

+    "\n",

+    "## From https://codereview.stackexchange.com/questions/172060/finding-the-minimum-number-of-swaps-to-sort-a-list\n",

+    "def cycle_decomposition(permutation):\n",

+    "    \"\"\"Generate cycles in the cyclic decomposition of a permutation.\n",

+    "\n",

+    "        >>> list(cycle_decomposition([7, 2, 9, 5, 0, 3, 6, 8, 1, 4]))\n",

+    "        [[0, 7, 8, 1, 2, 9, 4], [3, 5], [6]]\n",

+    "\n",

+    "    \"\"\"\n",

+    "    unvisited = set(permutation)\n",

+    "    while unvisited:\n",

+    "        j = i = unvisited.pop()\n",

+    "        cycle = [i]\n",

+    "        while True:\n",

+    "            j = permutation[j]\n",

+    "            if j == i:\n",

+    "                break\n",

+    "            cycle.append(j)\n",

+    "            unvisited.remove(j)\n",

+    "        yield cycle\n",

+    "\n",

+    "        \n",

+    "def minimum_swaps(seq):\n",

+    "    \"\"\"Return minimum swaps needed to sort the sequence.\n",

+    "\n",

+    "        >>> minimum_swaps([])\n",

+    "        0\n",

+    "        >>> minimum_swaps([2, 1])\n",

+    "        1\n",

+    "        >>> minimum_swaps([4, 8, 1, 5, 9, 3, 6, 0, 7, 2])\n",

+    "        7\n",

+    "\n",

+    "    \"\"\"\n",

+    "    permutation = sorted(range(len(seq)), key=seq.__getitem__)\n",

+    "    return sum(len(cycle) - 1 for cycle in cycle_decomposition(permutation))"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "from random import choice\n",

+    "from functools import lru_cache\n",

+    "from math import log, inf, exp\n",

+    "\n",

+    "\n",

+    "def swapped(key):\n",

+    "    a, b = random.choices(ALPHABET, k=2)\n",

+    "    new = key.copy()\n",

+    "    new[a], new[b] = new[b], new[a]\n",

+    "    return new\n",

+    "\n",

+    "\n",

+    "def transition_probability(proposal_density, key_density):\n",

+    "    if key_density == 0:\n",

+    "        return 1\n",

+    "    else:\n",

+    "        return max(proposal_density / key_density, 1)\n",

+    "\n",

+    "    \n",

+    "def metropolis(ciphertext, transitions, start_key=None):\n",

+    "    ciphertext = normalize_text(ciphertext)\n",

+    "    \n",

+    "    # Equation 2.4\n",

+    "    # XXX: construct this using logarithms to avoid excessive rounding error\n",

+    "    def log_pl(key):\n",

+    "        maybe_cleartext = decrypt(ciphertext, key)\n",

+    "        return sum(log(transitions[a, b]) if transitions[a, b] != 0 else -inf\n",

+    "                   for a, b in pairs(maybe_cleartext))  \n",

+    "\n",

+    "    key = start_key or random_key()\n",

+    "    yield key\n",

+    "\n",

+    "    while True:\n",

+    "        proposal = swapped(key)\n",

+    "        log_pl_proposal = log_pl(proposal)\n",

+    "        log_pl_key = log_pl(key)\n",

+    "        if log_pl_proposal > log_pl_key or log_pl_key == -inf:\n",

+    "            key = proposal\n",

+    "            best_key = key.copy()\n",

+    "        elif random.uniform(0, 1) < exp(log_pl_proposal - log_pl_key):\n",

+    "            key = proposal\n",

+    "        yield key"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "Finally we define the Metropolis algorithm"

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "from random import choice\n",

+    "from functools import lru_cache\n",

+    "\n",

+    "\n",

+    "def swapped(key):\n",

+    "    a, b = random.choices(ALPHABET, k=2)\n",

+    "    new = key.copy()\n",

+    "    new[a], new[b] = new[b], new[a]\n",

+    "    return new\n",

+    "\n",

+    "\n",

+    "def transition_probability(proposal_density, key_density):\n",

+    "    if key_density == 0:\n",

+    "        return 1\n",

+    "    else:\n",

+    "        return max(proposal_density / key_density, 1)\n",

+    "\n",

+    "    \n",

+    "def metropolis(ciphertext, transitions, start_key=None):\n",

+    "    ciphertext = normalize_text(ciphertext)\n",

+    "    \n",

+    "    # Equation 2.4\n",

+    "    # XXX: construct this using logarithms to avoid excessive rounding error\n",

+    "    def pl(key):\n",

+    "        maybe_cleartext = decrypt(ciphertext, key)\n",

+    "        return prod(transitions[a, b] for a, b in pairs(maybe_cleartext))  \n",

+    "\n",

+    "    key = start_key or random_key()\n",

+    "    yield key\n",

+    "\n",

+    "    while True:\n",

+    "        proposal = swapped(key)\n",

+    "        pl_proposal = pl(proposal)\n",

+    "        pl_key = pl(key)\n",

+    "        if pl_proposal > pl_key or pl_key == 0:\n",

+    "            key = proposal\n",

+    "            best_key = key.copy()\n",

+    "        elif random.uniform(0, 1) < pl_proposal / pl_key:\n",

+    "            key = proposal\n",

+    "        yield key"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "----\n",

+    "----\n",

+    "----"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "And run the algorithm on some example text to see if it works!"

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "cleartext = normalize_text(\"\"\"\n",

+    "Enter by the narrow gate, for wide is the gate and broad the road that leads to destruction\n",

+    "\"\"\")\n",

+    "\n",

+    "ciphertext = encrypt(cleartext, random_key())\n",

+    "\n",

+    "keys = metropolis(ciphertext, wnp_transitions, start_key=dict(zip(ALPHABET, ALPHABET)))\n",

+    "\n",

+    "for i, key in enumerate(take(50000, keys)):\n",

+    "    if i % 2000 == 0:\n",

+    "        print(i, ':', decrypt(ciphertext, key))"

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "from itertools import tee\n",

+    "\n",

+    "cleartext = normalize_text(\"\"\"\n",

+    "Enter by the narrow gate, for wide is the gate and broad the road that leads to destruction.\n",

+    "\"\"\")\n",

+    "\n",

+    "solution = dict(zip(ALPHABET, ALPHABET))  #random_key()\n",

+    "\n",

+    "ciphertext = encrypt(cleartext, solution)\n",

+    "\n",

+    "keys = metropolis(ciphertext, wnp_transitions, start_key=dict(zip(ALPHABET, ALPHABET)))\n",

+    "\n",

+    "distances = [distance(ciphertext, k, solution) for k in take(20000, keys)]"

+   ]

+  },

+  {

+   "cell_type": "code",

+   "execution_count": null,

+   "metadata": {},

+   "outputs": [],

+   "source": [

+    "import matplotlib.pyplot as plt\n",

+    "\n",

+    "plt.plot(distances)"

+   ]

+  },

+  {

+   "cell_type": "markdown",

+   "metadata": {},

+   "source": [

+    "### Closing remarks\n",

+    "\n",

+    "The Markov chain seems to get stuck at some minimum distance from the true key. It's not 100% clear to me why this is the case; if anyone has any insights, drop me an email!"

+   ]

+  }

+ ],

+ "metadata": {

+  "kernelspec": {

+   "display_name": "Python 3",

+   "language": "python",

+   "name": "python3"

+  },

+  "language_info": {

+   "codemirror_mode": {

+    "name": "ipython",

+    "version": 3

+   },

+   "file_extension": ".py",

+   "mimetype": "text/x-python",

+   "name": "python",

+   "nbconvert_exporter": "python",

+   "pygments_lexer": "ipython3",

+   "version": "3.8.1"

+  }

+ },

+ "nbformat": 4,

+ "nbformat_minor": 2

+}