Mango Cryptography

Diagram showing how a Mango InputProfile shapes encryption behavior. Profile parameters on the left — including global rounds, transform sequence, and per-transform rounds — point to corresponding pseudocode on the right, illustrating how they drive the encryption loop structure. Visual metaphor for programmable encryption, like a CNC machine following instructions.

Encryption Profiles in Mango: Programmable Encryption

by

luke tomasello
in

How Mango Uses Profiles to Shape Cryptographic Behavior

🧭 1. Introduction: Encryption That Follows Instructions

🔩 “Just as a CNC machine carves metal using a program, what if encryption profiles could shape ciphertext with the same kind of precision?”

We’re used to thinking of encryption as fixed — a cipher runs its course the same way no matter what it’s protecting. But that’s not how we approach other complex tasks. In manufacturing, for example, we adapt the process to the material. The instructions change. The tooling shifts. The outcome is controlled, not hardcoded.

What if encryption worked the same way?

This idea — that encryption could follow a control program — is at the core of programmable encryption. A system that is deterministic in behavior, yet adaptive to the data it sees. A system where what you encrypt helps shape how it’s encrypted.

It’s not speculative. It’s working — right now — inside Mango.

🧩 2. The Problem with Static Encryption

Most encryption algorithms are designed to be universal — they apply the same fixed routine to every input, regardless of what that input is. Whether you’re encrypting a JPEG, an executable, or a stream of log data, the algorithm doesn’t adapt. It doesn’t know or care what it’s protecting.

  • It doesn’t adjust for file type
  • It doesn’t consider data structure
  • It ignores entropy characteristics

This works, but it’s inefficient. It’s like machining every material with the same feed rate and cutting tool — whether it’s titanium or foam. Sure, the job gets done, but you risk dull tools on hard input, or wasted cycles on soft input. Precision and performance suffer.

Static encryption is safe — but it’s blind.

That’s the problem programmable encryption aims to solve.

🧠 3. Enter the InputProfile: A Control Program for Cipher Behavior

If static encryption is a one-size-fits-all cutter, Mango’s InputProfile is a programmable toolpath — an encryption profile that tells the cipher exactly how to operate.

An InputProfile — Mango’s term for its encryption profiles — encodes a set of precise, low-level instructions: which transformations to apply, how many times, and in what order.

Each profile defines:

  • 🔁 A transform sequence — the ordered operations to apply
  • 🔂 Rounds per transform — how many times to repeat each one
  • 🔁 Global rounds — how many times to repeat the entire sequence

Profiles aren’t blindly chosen. They’re matched to input using a lightweight classification fingerprint called a TSV (Tomasello Signature Vector), which identifies the type of data. That means the right encryption strategy can be selected — fast for logs, deep for executables, adaptive for mixed formats.

It’s not just encryption — it’s orchestrated encryption, driven by a profile that knows the shape of the data it’s protecting.

🛠️ 4. NC Machines vs Crypto Pipelines: A Useful Analogy

Think of Mango’s InputProfiles like G-code in a CNC machine. Both serve the same role: they instruct a deterministic system how to operate, based on the material in front of them.

NC Machines	                  Mango Encryption
------------------------------------------------------------------------
G-code instructs tool paths	  InputProfiles define transform paths
Material affects parameters	  Input type affects sequence selection
Tooling must match material	  Transform mix must match data properties
Simulation improves output	  Munge optimizes profiles per input class

A machinist doesn’t use the same routine to cut titanium as they would for foam — and Mango doesn’t apply the same transform sequence to a log file and an executable. An InputProfile encodes both knowledge of the data and intent for how it should be encrypted. It’s operational intelligence — not just a fixed recipe.

🧪 5. Creating the Program: Where Profiles Come From

InputProfiles aren’t hand-written — they’re engineered.

How many profile configurations are we talking about?

To reduce computational load, Mango constrains its search space to sequences of 3–5 transforms, with both global and per-transform rounds capped at 9. Even with these limits, the search space is over 54 trillion combinations — a space large enough for meaningful discovery without unmanageable overhead.

How many are possible in theory?

When unconstrained, Mango explores the same 3–5 transform sequences — but allows global and per-transform rounds up to 255. That opens up a massive configuration space exceeding 23 quintillion unique profiles. (And if all 255 transforms were enabled across lengths 3–255? You’d break 552 undecillion — effectively infinite.)

So how does Mango make sense of this scale?

It starts with Munge, Mango’s optimization engine. Munge explores millions of transform orderings — testing how different sequences perform using a fixed structure and round count. Each is scored for entropy shaping, avalanche strength, and key dependency. The top contenders are then passed to a secondary optimizer, which fine-tunes their round counts — both globally and per transform. The result?

“God-profiles” — ultra-tuned configurations built for specific data classes.

At runtime, Mango uses a TSV fingerprint to identify the input’s type and instantly select the right profile from a curated database. No guesswork. Just load and encrypt.

While Mango ships with built-in profiles, future systems could evolve profiles dynamically — through usage patterns, feedback loops, or even machine learning.

🔁 6. What This Enables

Programmable encryption isn’t just flexible — it’s strategic.

By tailoring encryption behavior to the input, Mango can adapt to:

  • Data complexity — minimizing overkill for simple data, maximizing transformation for complex formats
  • Execution speed — favoring faster paths for high-throughput scenarios
  • Security strength — optimizing for avalanche effects and key dependency where it matters most

Use cases:

  • ⚡ Fast encryption for low-risk telemetry and logs
  • 🔐 Maximum obfuscation for sensitive binaries or executables
  • 🧩 Consistent policies for structured documents and known formats

One system, many strategies — all defined by the profile.

🧰 7. Future Potential

InputProfiles open the door to programmable encryption — but their true power lies in what they enable next:

  • 📦 Versioned policy bundles — shareable, documented profiles that standardize encryption strategies across teams or deployments
  • 🔄 Cross-system tuning — profiles refined and redistributed as part of system updates or performance optimization
  • 🧠 Machine-learned profiles — future integrations could generate or evolve profiles automatically based on real-world data patterns
  • 📋 Reproducibility — push-button recall of encryption behavior for forensic, compliance, or auditing scenarios

The model is extensible, portable, and ripe for collaboration. Profiles aren’t just settings — they’re strategy in motion.

🏁 8. Conclusion

Static encryption is like using the same cutting tool for every material — it works, but it’s rarely optimal.

Mango’s profile-driven model proves that encryption can be instructed — tuned for performance, adaptability, and precision.

Programmable encryption isn’t a metaphor. It’s a working system, and it’s already reshaping how we think about securing data.

📚 Explore Further

Curious to dive deeper into the technologies behind programmable encryption?

You can learn more about Mango, Munge, the InputProfiler, TSV, and other components by reading my other publications.

All source code is publicly available in my GitHub repository — open for exploration, feedback, and collaboration.