Public key cryptosystems based on Iterated Functions Systems

Let $f=(f_0,f_1,\dots, f_{\nu-1})$ be a collection of one-to-one functions from some space~$X$ into itself such that the sets $f_j(X)$ are disjoint. If $w=w_1w_2\cdots w_k$ is a word on the alphabet $\{0,1,\dots,\nu-1\}$, let $\Phi_{f,w} = f_{w_1}\circ f_{w_2}\circ\cdots\circ f_{w_k}$. Given a function~$F$ of which we know that it can be written as $\Phi_{f,w}$, it is easy to recover~$w$. We give some examples of this situation where everything can be scrambled up by using some private key to get a new system $g=(g_1,g_2,\dots,g_{\nu-1})$ on another set~$Y$ in such a way that the images of the $g_j$ are no longer disjoint. We define a cryptosystem whose public key is~$g$. The message to be encrypted is a word~$w$ and the associated cryptogram is $\Phi_{g,w}$. The private key allows to recover $\Phi_{f,w}$ from $\Phi_{g,w}$.