This blogpost is going to be different.
Here I describe my own original idea for using integration for cryptography.
Most chances are that the idea is pointless, but I do think it's an interesting concept, and sharing it with the world costs me nothing.
When dealing with cryptographic systems, especially coming up with new ideas, one must consider mathematical rigor, which I will not be doing here.
So, dear reader, please be warned - this is a very initial idea rather than a new amazing cryptosystem.
Also be advised reader is expected to have some basic Calculus knowledge - specifically - derivation and integration.
With that, let's get going.

One concept you usually hear about is the concept of trapdoor functions.
Those are functions that are:

1. Hard to reverse (computationally).
2. Hard to compute unless you have some information that make it easy to compute.

Let us take RSA for example. I've explain how and why RSA works in the past but let us write a short reminder here.
To generate an RSA keypair (private-public keys), one does the following:

1. Create two large random primes $p$ and $q$ (I've mentioned how to do that in a past blogpost).
2. Mark $n=pq$ and note that the Euler Totient Function value of $n$ is $\varphi(n) = (p-1)(q-1)$.
3. Choose a public exponent $e$ (usually chosen ahead of time as $e=65537$), and mark the public key $(e, n)$.
4. Find a value $d = e^{-1} (mod \varphi(n))$ using the Extended Euclidean Algorithm. Our private key is $d$.
5. Note that $(x^e)^d = (x^d)^e = x (mod n)$. Thus, we can use the public key or private key for encryption or decryption.

In RSA, that $d$ is the trapdoor (or at least assumed):

• To calculate $d$, we must know $\varphi(n)$.
• It's difficult to calculate $\varphi(n)$ unless we know the prime factorization of $n$ (which are $p$ and $q$).
• It's difficult to factorize $n$.

Reading about trapdoor functions made me think of computationally difficult problems.
I remembered from my university days (calculus class) that function derivation is easy, while integration is a very difficult problem.
Therefore, one idea is to define some arbitrary function $f(x)$ as the private key, and $f'(x) = \frac{df(x)}{dx}$ as the public key.
In other words: $F(x) = \int f(x) dx$ (we choose a constant of 0 for F(x) for those who care about the additive integration constant).
Let us assume that $f(x)$ is computationally hard to integrate (that's not the case for many functions).
If we have such a function, then, those who possess the private key $F(x)$ have the ability to easily calculate an area under the $f(x)$ curve (due to the fundemental theorem of Calculus:

$\int_a^b f(x) = F(b) - F(a)$

If the function $F(x)$ (the private key) is not known, there are still many ways to estimate the area numerically (Simpson's rule come to mind here).
However, let us assume (there are many assumptions in this blogpost!) that it's hard to get good approximation of the area under $f(x)$ between a and b.
Therefore, we might consider $F(x)$ to be some sort of trapdoor function.

Let us assume Alice has message m and wishes to prove she generated it. We can come up with an interactive protocol for convincing Bob that Alice generated it:

1. Alice sends the message m to Bob in cleartext.
2. We assume Alice has the private key $F(x)$ and Bob (and everyone in the world) knows the corresponding public key $f(x)$.
3. Bob generates two random positive numbers a and b, and attempts to approximate the area under the curve between m-a and m-b. That is computationally expensive (with our assumptions), so he gets a value after some time (let say, $B_t$ seconds). He then sends a and b to Alice.
4. Alice calculates $\int_{m-a}^{m+b} f(x) = F(m+b) - F(m-a)$ and sends that to Bob, within calculation time of $A_t$.
5. Bob verifies $A_t$ is significantly lower than $B_t$.
6. Bob can continue generating random numbers a and b until he's convinced Alice knows F.

Readers might be familiar with the concept of Proof-of-Work (especially if they know about cryptocurrency).
In our case, Bob gets a "proof-by-minimal-work" from Alice - since she can almost immediately respond to Bob, it's a proof she knows the private key, without revealing it!

This idea hinges on the possibility that numerical integration is significantly harder than symbolic evaluation when the antiderivative is known, but the integrand is chaotic or difficult to estimate numerically.
Of course, this is not generally the case for smooth, well-behaved functions, so the feasibility of this idea depends on finding or constructing integrands that are:

• Easy to integrate if the primitive is known.
• Hard to integrate numerically if only the function is known.

What is that magical function $F(x)$ that would satisfy all assumptions we have?
Honestly, I am not sure, but I thought about this:
$F(x) = \sum_{i=1}^{n}a_{i} \cdot \text{erf}\left( \frac{x-c_i}{\sigma} \right)$

With $erf$ is the Error function commonly used in statistics.
That function (or family of functions actually) might suit us for several reasons:

1. We need $f(x) = \frac {dF(x)}{dx}$ (the public key) to be chaotic so evaluating areas under its curve is difficult.
2. Small changes in $F(x)$ should cause big changes in $f(x)$.
3. Function $F(x)$ should be easy to compute.

As I mentioned, these are very preliminary thoughts.
I'd like to mention some final thoughts on the subject:

1. Encoding the message m as real numbers and generally operating within real numbers is a major concern for computer scientists and engineers.
2. I have no proof that the proposed function $F(x)$ holds all assumptions I mentioned.
3. The assumption that calculating $F(x)$ from a symbolic expression gets quicker and better results than standard numeric approximations for integrals needs to be addressed.

Despite all of those, I really wanted to share my thoughts, with the hope they at least might inspire people.

Stay tuned!

Jonathan Bar Or