131 results
Search Results
2. Two or Three Weight Linear Codes From Non-Weakly Regular Bent Functions.
- Author
-
Ozbudak, Ferruh and Pelen, Rumi Melih
- Subjects
- *
BENT functions , *LINEAR codes , *CODING theory , *FINITE fields , *DATA warehousing - Abstract
Linear codes with few weights have applications in consumer electronics, communications, data storage systems, secret sharing, authentication codes, and association schemes. As a special class of linear codes, minimal linear codes have important applications in secret sharing and secure computation of data between two parties. The construction of minimal linear codes with new and desirable parameters is an interesting research topic in coding theory and cryptography. Recently, Mesnager et.al. stated that “constructing linear codes with good parameters from non-weakly regular bent functions is an interesting problem.” The goal of this paper is to construct linear codes with two or three weights from non-weakly regular bent functions over finite fields and analyze the minimality of the constructed linear codes. In doing so, we draw inspiration from a paper by Mesnager in which she constructed linear codes with small weights from weakly regular bent functions based on a generic construction method. First, we recall the definitions of the subsets $B_{+}(f)$ and $B_{-}(f)$ associated with a non-weakly regular bent function $f$. Next, we construct two- or three-weight linear $p$ -ary codes on these sets using duals of the non-weakly regular bent functions that are also bent. We note that the constructed linear codes are minimal in almost all cases. Moreover, when $f$ is a non-weakly regular bent function in a certain subclass of Generalized Maiorana-McFarland bent functions, we determine the weight distributions of the corresponding linear codes. As far as we know, the construction of linear codes from non-weakly regular bent functions over finite fields is first studied in the literature by the second author in his dissertation. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
3. Structural and Statistical Analysis of Multidimensional Linear Approximations of Random Functions and Permutations.
- Author
-
Ashur, Tomer, Khan, Mohsin, and Nyberg, Kaisa
- Subjects
- *
STATISTICS , *PERMUTATIONS , *LINEAR statistical models , *STATISTICAL models , *BOOLEAN functions , *RANDOM functions (Mathematics) , *CRYPTOGRAPHY - Abstract
The goal of this paper is to investigate linear approximations of random functions and permutations. Our motivation is twofold. First, before the distinguishability of a practical cipher from an ideal one can be analysed, the cryptanalyst must have an accurate understanding of the statistical behaviour of the ideal cipher. Secondly, this issue has been neglected both in old and in more recent studies, particularly when multiple linear approximations are being used simultaneously. Traditional models have been based on the average behaviour and simplified using other assumptions such as independence of the linear approximations. Multidimensional cryptanalysis was introduced to avoid making artificial assumptions about statistical independence of linear approximations. On the other hand, it has the drawback of including many trivial approximations that do not contribute to the attack but just cause a waste of time and memory. We show for the first time in this paper that the trivial approximations reduce the degree of freedom of the related $\chi ^{2}$ distribution. Previously, the affine linear cryptanalysis was proposed to allow removing trivial approximations and, at the same time, admitting a solid statistical model. In this paper, we identify another type of multidimensional linear approximation, called Davies-Meyer approximation, which has similar advantages, and present full statistical models for both the affine and the Davies-Meyer type of multidimensional linear approximations. The new models given in this paper are realistic, accurate and easy to use. They are backed up by standard statistical tools such as Pearson’s $\chi ^{2}$ test and finite population correction and demonstrated to work accurately using practical examples. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
4. Bounds on the Nonlinearity of Differentially Uniform Functions by Means of Their Image Set Size, and on Their Distance to Affine Functions.
- Subjects
- *
SET functions , *HAMMING weight , *UNIFORMITY - Abstract
We revisit and take a closer look at a (not so well known) result of a 2017 paper, showing that the differential uniformity of any vectorial function is bounded from below by an expression depending on the size of its image set. We make explicit the resulting tight lower bound on the image set size of differentially $\delta $ -uniform functions (which is the only currently known non-trivial lower bound on the image set size of such functions). We also significantly improve an upper bound on the nonlinearity of vectorial functions obtained in the same reference and involving their image set size. We study when the resulting bound is sharper than the covering radius bound. We obtain as a by-product a lower bound on the Hamming distance between differentially $\delta $ -uniform functions and affine functions, which we improve significantly with a second bound. This leads us to study what can be the maximum Hamming distance between vectorial functions and affine functions. We provide an upper bound which is slightly sharper than a bound by Liu, Mesnager and Chen when $m < n$ , and a second upper bound, which is much stronger in the case (happening in practice) where $m$ is near $n$ ; we study the tightness of this latter bound; this leads to an interesting question on APN functions, which we address (negatively). We finally derive an upper bound on the nonlinearity of vectorial functions by means of their Hamming distance to affine functions and make more precise the bound on the differential uniformity which was the starting point of the paper. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
5. On Correlation Immune Boolean Functions With Minimum Hamming Weight Power of 2.
- Author
-
Mesnager, Sihem and Su, Sihong
- Subjects
- *
BOOLEAN functions , *HAMMING weight , *STREAM ciphers , *STATISTICAL correlation , *COMBINATORICS , *CRYPTOGRAPHY - Abstract
The notion of correlation immune functions has been introduced by Siegenthaler (1984) in symmetric cryptography in the framework of stream ciphers. At the conference CRYPTO’91 by Camion et al., it has been pointed out that this notion existed in statistics and combinatorics. It has recently been highlighted that such functions also play an important role in a new framework related to side-channel attack counter-measures. Since then, the interest in correlation immune Boolean functions has been renewed, and new challenges regarding these functions have appeared. Specifically, low Hamming weight correlation immune functions have been selected as useful for counter-measures to side-channel attacks. Despite their importance, the literature is not abundant in this research direction. Two very interesting articles in which such correlation immune functions were nicely explored, given this novel use of them. Carlet initiated the first one in 2013, and the second one is due to Carlet and Chen (2018). This paper deals with correlation immune Boolean functions aiming to produce more candidates of those processing low Hamming weights. We shall focus on correlation immune Boolean functions with Hamming weights power of 2 (which offer a flexibility to control the correlation immunity aspects) and present several methods of designing them. Some design methods are efficient and could be employed to derive such functions. Consequently, given two positive integers $n$ and $m$ , we derive new effective constructions of correlation immune Boolean functions with Hamming weight power of 2. Furthermore, an upper bound on the correlation immunity of the newly constructed $n$ -variable Boolean functions with Hamming weight $2^{m}$ was determined for $n-m\ge 0$. Besides, exact values and lower bounds on the maximum correlation immunity of those functions are explored and discussed, mainly when the values of $n$ and $m$ are very close. This paper also exhibits explicit examples of those correlation immune functions that illustrate our methods. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
6. On Hulls of Some Primitive BCH Codes and Self-Orthogonal Codes.
- Author
-
Gan, Chunyu, Li, Chengju, Mesnager, Sihem, and Qian, Haifeng
- Subjects
- *
ORTHOGONALIZATION , *FINITE fields , *LINEAR codes , *LIQUID crystal displays - Abstract
Self-orthogonal codes are an important type of linear codes due to their wide applications in communication and cryptography. The Euclidean (or Hermitian) hull of a linear code is defined to be the intersection of the code and its Euclidean (or Hermitian) dual. It is clear that the hull is self-orthogonal. The main goal of this paper is to obtain self-orthogonal codes by investigating the hulls. Let $\mathcal {C}_{(r,r^{m}-1,\delta,b)}$ be the primitive BCH code over $\mathbb {F}_{r}$ of length $r^{m}-1$ with designed distance $\delta $ , where $\mathbb {F}_{r}$ is the finite field of order $r$. In this paper, we will present Euclidean (or Hermitian) self-orthogonal codes and determine their parameters by investigating the Euclidean (or Hermitian) hulls of some primitive BCH codes. Several sufficient and necessary conditions for primitive BCH codes with large Hermitian hulls are developed by presenting lower and upper bounds on their designed distances. Furthermore, some Hermitian self-orthogonal codes are proposed via the hulls of BCH codes and their parameters are also investigated. In addition, we determine the dimensions of the code $\mathcal {C}_{(r,r^{2}-1,\delta,1)}$ and its hull in both Hermitian and Euclidean cases for $2 \le \delta \le r^{2}-1$. We also present two sufficient and necessary conditions on designed distances such that the hull has the largest dimension. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
7. Leakage-Resilient Secret Sharing With Constant Share Size.
- Author
-
Tjuawinata, Ivan and Xing, Chaoping
- Subjects
- *
RESEARCH & development , *ALGEBRAIC codes , *ISOGEOMETRIC analysis , *FOURIER analysis , *REED-Solomon codes , *SHARING - Abstract
In this work, we consider the leakage-resilience of algebraic-geometric (AG for short) codes based ramp secret sharing schemes extending the analysis on the leakage-resilience of linear threshold secret sharing schemes over prime fields that is done by Benhamouda et al. in the effort to construct linear leakage-resilient secret sharing schemes with constant share size. Since there does not exist any explicit efficient construction of AG codes over prime fields with constant field size, we consider constructions over prime fields with the help of concatenation method and constructions of codes over field extensions. Extending the Fourier analysis done by Benhamouda et al., one can show that concatenated algebraic geometric codes over prime fields do produce some nice leakage-resilient secret sharing schemes. One natural and curious question is whether AG codes over extension fields produce better leakage-resilient secret sharing schemes than the construction based on concatenated AG codes. Such construction provides several advantage compared to the construction over prime fields using concatenation method. It is clear that AG codes over extension fields give secret sharing schemes with a smaller reconstruction threshold for a fixed privacy parameter $t$. In this work, it is also confirmed that indeed AG codes over extension fields have stronger leakage-resilience under some reasonable assumptions. Furthermore, we also show that AG codes over extension fields may provide strong multiplicative property which may be used in its application to the study of multiparty computation. In contrast, the same cannot be said for constructions based on concatenated AG codes, even when we are considering multiplication friendly embeddings. These advantages strongly motivate the study of secret sharing schemes from AG codes over extension fields. The current paper has two main contributions: (i) we obtain leakage-resilient secret sharing schemes with constant share sizes and unbounded numbers of players. Some of the schemes constructed without the use of concatenation also possesses strong multiplicative property (ii) via Fourier Analysis, we analyze the leakage-resilience of secret sharing schemes from codes over extension fields. This is of its own theoretical interest independent of its application to secret sharing schemes from algebraic geometric codes over extension fields. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
8. MDS, Near-MDS or 2-MDS Self-Dual Codes via Twisted Generalized Reed-Solomon Codes.
- Author
-
Sui, Junzhen, Yue, Qin, Li, Xia, and Huang, Daitao
- Subjects
- *
REED-Solomon codes , *REED-Muller codes , *LINEAR codes - Abstract
Twisted generalized Reed-Solomon (TGRS) codes are a family of codes that contains a large number of maximum distance separable (MDS) codes that are non-equivalent to generalized Reed-Solomon (GRS) codes. In this paper, we characterize a sufficient and necessary condition that a twisted Reed-Solomon (TRS) code with two twists is MDS; give a sufficient and necessary condition that a TGRS code with two twists is self-dual, and present some constructions of self-dual TGRS codes. These self-dual codes are MDS, NMDS or 2-MDS. Furthermore, we study the non-GRS properties of TGRS codes with two twists and prove that these codes are non-GRS in most cases. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
9. Binary Linear Codes With Few Weights From Two-to-One Functions.
- Author
-
Li, Kangquan, Li, Chunlei, Helleseth, Tor, and Qu, Longjiang
- Subjects
- *
BINARY codes , *LINEAR codes , *SPHERE packings , *HAMMING weight - Abstract
In this paper, we apply two-to-one functions over F2n in two generic constructions of binary linear codes. We consider two-to-one functions in two forms: (1) generalized quadratic functions; and (2) (x2t + x)e with gcd (t, n) = gcd(e, 2n−1) = 1. Based on the study of the Walsh transforms of those functions or their variants, we present many classes of linear codes with few nonzero weights, including one weight, three weights, four weights, and five weights. The weight distributions of the proposed codes with one weight and with three weights are determined. In addition, we discuss the minimum distance of the dual of the constructed codes and show that some of them achieve the sphere packing bound. Moreover, examples show that some codes in this paper have best-known parameters. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
10. Revisiting Cryptanalysis on ChaCha From Crypto 2020 and Eurocrypt 2021.
- Author
-
Dey, Sabyasachi, Dey, Chandan, Sarkar, Santanu, and Meier, Willi
- Subjects
- *
STREAM ciphers , *HAMMING weight , *CRYPTOGRAPHY , *WORKFLOW - Abstract
ChaCha has been one of the most prominent ARX designs of the last few years because of its use in several systems. The cryptanalysis of ChaCha involves a differential attack that exploits the idea of Probabilistic Neutral Bits (PNBs). For a long period, the single-bit distinguisher in this differential attack was found up to 3rd round. At Crypto 2020, Beierle et al. introduced for the first time the single bit distinguishers for 3.5th round, which contributed significantly to regaining the flow of the research work in this direction. This discovery became the primary factor behind the huge improvement in the key recovery attack complexity in that work. This was followed by another work at Eurocrypt 2021, where a single bit distinguisher at 3.5th round helped to produce a 7th round distinguisher of ChaCha and a further improvement in the key recovery. In this paper, first, we provide the theoretical framework for the distinguisher given by Beierle et al. We mathematically derive the observed differential correlation for the particular position where the output difference is observed at 3.5th round. Also, Beierle et al. mentioned the issue of the availability of proper IVs to produce such distinguishers, and pointed out that not all keys have such IVs available. Here we provide a theoretical insight of this issue. Next, we revisit the work of Coutinho et al. (Eurocrypt 2021). Using Differential-Linear attacks against ChaCha, they claimed the distinguisher and the key recovery with complexities 2218 and $2^{228.51}$ respectively. We show that the differential correlation for the 3.5th round is much smaller than the claim of Coutinho et al. This makes the attack complexities much higher than their claim. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
11. Recovering or Testing Extended-Affine Equivalence.
- Author
-
Canteaut, Anne, Couvreur, Alain, and Perrin, Leo
- Subjects
- *
BOOLEAN functions , *JACOBIAN matrices , *MATRIX functions , *PARTITION functions , *SET functions , *RANDOM access memory , *MATHEMATICAL equivalence - Abstract
Extended Affine (EA) equivalence is the equivalence relation between two vectorial Boolean functions $F$ and $G$ such that there exist two affine permutations $A$ , $B$ , and an affine function $C$ satisfying $G = A \circ F \circ B + C$. While the problem has a simple formulation, it is very difficult in practice to test whether two functions are EA-equivalent. This problem has two variants: EA-partitioning deals with partitioning a set of functions into disjoint EA-equivalence classes, and EA-recovery is about recovering the tuple $(A,B,C)$ if it exists. In this paper, we present a new algorithm that efficiently solves the EA-recovery problem for quadratic functions. Although its worst-case complexity occurs when dealing with APN functions, it supersedes, in terms of performance, all previously known algorithms for solving this problem for all quadratic functions and in any dimension, even in the case of APN functions. This approach is based on the Jacobian matrix of the functions, a tool whose study in this context can be of independent interest. The best approach for EA-partitioning in practice mainly relies on class invariants. We provide an overview of the known invariants along with a new one based on the ortho-derivative. This new invariant is applicable to quadratic APN functions, a specific type of functions that is of great interest, and of which tens of thousands need to be sorted into distinct EA-classes. Our ortho-derivative-based invariant is very fast to compute, and it practically always distinguishes between EA-inequivalent quadratic APN functions. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
12. Ouroboros: An Efficient and Provably Secure KEM Family.
- Author
-
Aragon, Nicolas, Blazy, Olivier, Deneuville, Jean-Christophe, Gaborit, Philippe, and Zemor, Gilles
- Subjects
- *
CODING theory , *CYCLIC codes , *DECODING algorithms , *CRYPTOSYSTEMS , *WORK structure - Abstract
In this paper we introduce Ouroboros, a new family of Key Exchange protocols based on coding theory. The protocols propose a middle ground between the cryptosystems based on $\mathsf {QC}$ - $\mathsf {MDPC}$ codes, which feature small parameter sizes, but have a security reduction to two problems: the syndrome decoding problem and the indistinguishability of the code, and the HQC protocol, which features bigger parameters but has a security reduction to the syndrome decoding problem only. Ouroboros features a reduction to the syndrome decoding problem with only a small overhead compared to the $\mathsf {QC}$ - $\mathsf {MDPC}$ based cryptosystems. The approach is based on an ideal structure and also works for the rank metric. This yields a simple, secure and efficient approach for key exchange, the Ouroboros family of protocols. For the Hamming metric we obtain the same type of parameters (and almost the same simple decoding) as for $\mathsf {MDPC}$ based cryptosystems, but with a security reduction to decoding random quasi-cyclic codes in the Random Oracle Model. This represents a reduction of up to 38% on the public key size compared to HQC, for the most secure parameters. For the rank metric, we obtain better parameters than for RQC, saving up to 31% on the public key for the most secure set of parameters, using non homogeneous errors in Ouroboros. In this full version, the protocol and decoding algorithm have been slightly improved, additional details are given in the security proof, and the protocol is fully described for the rank metric. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
13. Enumeration of Extended Irreducible Binary Goppa Codes.
- Author
-
Chen, Bocong and Zhang, Guanghui
- Subjects
- *
BINARY codes , *LINEAR codes , *PRIME numbers , *ODD numbers , *CRYPTOSYSTEMS - Abstract
The family of Goppa codes is one of the most interesting subclasses of linear codes. As the McEliece cryptosystem often chooses a random Goppa code as its key, knowledge of the number of inequivalent Goppa codes for fixed parameters may facilitate in the evaluation of the security of such a cryptosystem. In this paper we present a new approach to give an upper bound on the number of inequivalent extended irreducible binary Goppa codes. To be more specific, let $n>3$ be an odd prime number and $q=2^{n}$ ; let $r\geq 3$ be a positive integer satisfying $\gcd (r,n)=1$ and $\gcd \big (r,q(q^{2}-1)\big)=1$. We obtain an upper bound for the number of inequivalent extended irreducible binary Goppa codes of length $q+1$ and degree $r$. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
14. The Differential Spectrum of the Power Mapping x p n −3.
- Author
-
Yan, Haode, Xia, Yongbo, Li, Chunlei, Helleseth, Tor, Xiong, Maosheng, and Luo, Jinquan
- Subjects
- *
POWER spectra , *ELLIPTIC curves , *INTEGERS , *WIRELESS communications - Abstract
Let $n$ be a positive integer and $p$ a prime. The power mapping $x^{p^{n}-3}$ over ${\mathbb {F}}_{p^{n}}$ has desirable differential properties, and its differential spectra for $p=2,\,3$ have been determined. In this paper, for any odd prime $p$ , by investigating certain quadratic character sums and some equations over ${\mathbb {F}}_{p^{n}}$ , we determine the differential spectrum of $x^{p^{n}-3}$ with a unified approach. The obtained result shows that for any given odd prime $p$ , the differential spectrum can be expressed explicitly in terms of $n$. Compared with previous results, a special elliptic curve over ${\mathbb {F}}_{p}$ plays an important role in our computation for the general case $p \ge 5$. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
15. A Subfield-Based Construction of Optimal Linear Codes Over Finite Fields.
- Author
-
Hu, Zhao, Li, Nian, Zeng, Xiangyong, Wang, Lisha, and Tang, Xiaohu
- Subjects
- *
RESEARCH & development , *LINEAR codes , *FINITE fields , *QUANTUM computing - Abstract
In this paper, we construct four families of linear codes over finite fields from the complements of either the union of subfields or the union of cosets of a subfield, which can produce infinite families of optimal linear codes, including infinite families of (near) Griesmer codes. We also characterize the optimality of these four families of linear codes with an explicit computable criterion using the Griesmer bound and obtain many distance-optimal linear codes. In addition, by a more in-depth discussion on some special cases of these four families of linear codes, we obtain several classes of (distance-)optimal linear codes with few weights and completely determine their weight distributions. It is shown that most of our linear codes are self-orthogonal or minimal which are useful in applications. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
16. On the Duals of Generalized Bent Functions.
- Author
-
Wang, Jiaxin and Fu, Fang-Wei
- Subjects
- *
RESEARCH & development , *BENT functions , *VECTOR spaces , *INFORMATION theory - Abstract
In this paper, we study the duals of generalized bent functions $f: V_{n}\rightarrow \mathbb {Z}_{p^{k}}$ , where $V_{n}$ is an $n$ -dimensional vector space over $\mathbb {F}_{p}$ and $p$ is an odd prime, $k$ is a positive integer. It is known that weakly regular generalized bent functions always appear in pairs since the dual of a weakly regular generalized bent function is also a weakly regular generalized bent function. The duals of non-weakly regular generalized bent functions can be generalized bent or not generalized bent. By generalizing the construction of Çeşmelioğlu et al., 2016, we provide an explicit construction of generalized bent functions whose duals can be generalized bent or not generalized bent. We show that the well-known direct sum construction and the generalized indirect sum construction given in Wang and Fu, 2021. can provide secondary constructions of generalized bent functions whose duals can be generalized bent or not generalized bent. By using the knowledge on ideal decomposition in cyclotomic fields, we prove that $f^{**}(x)=f(-x)$ if $f$ is a generalized bent function and its dual $f^{*}$ is also a generalized bent function. For any non-weakly regular generalized bent function $f$ which satisfies that $f(x)=f(-x)$ and its dual $f^{*}$ is generalized bent, we give a property and as a consequence, we prove that there is no self-dual generalized bent function $f: V_{n}\rightarrow \mathbb {Z}_{p^{k}}$ if $p\equiv 3 ~(mod ~4)$ and $n$ is odd. When $p \equiv 1 ~(mod ~4)$ or $p\equiv 3 ~(mod ~4)$ and $n$ is even, we give a secondary construction of self-dual generalized bent functions. In the end, by the decomposition of generalized bent functions, we characterize the relations between the generalized bentness of the dual of a generalized bent function $f$ and the bentness of the duals of bent functions associated with the generalized bent function $f$ , as well as the relations of self-duality between a generalized bent function $f$ and bent functions associated with the generalized bent function $f$. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
17. Infinite Families of 3-Designs and 2-Designs From Almost MDS Codes.
- Author
-
Xu, Guangkui, Cao, Xiwang, and Qu, Longjiang
- Subjects
- *
LINEAR codes , *FINITE fields , *HAMMING weight - Abstract
Combinatorial designs are closely related to linear codes. Recently, some near MDS codes were employed to construct $t$ -designs by Ding and Tang, which settles the question as to whether there exists an infinite family of near MDS codes holding an infinite family of $t$ -designs for $t \geq 2$. This paper is devoted to the construction of infinite families of 3-designs and 2-designs from special equations over finite fields. First, we present an infinite family of almost MDS codes over ${\mathrm{ GF}}(p^{m})$ holding an infinite family of 3-designs. We then provide an infinite family of almost MDS codes over ${\mathrm{ GF}}(p^{m})$ holding an infinite family of 2-designs for any field ${\mathrm{ GF}}(q)$. In particular, some of these almost MDS codes are near MDS. Second, we present an infinite family of near MDS codes over ${\mathrm{ GF}}(2^{m})$ holding an infinite family of 3-designs by considering the number of roots of a special linearized polynomial. Compared to previous constructions of 3-designs or 2-designs from linear codes, the parameters of some of our designs are new and flexible. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
18. Theory of Communication Efficient Quantum Secret Sharing.
- Author
-
Senthoor, Kaushik and Sarvepalli, Pradeep Kiran
- Subjects
- *
QUANTUM communication , *DEPRECIATION , *INFORMATION modeling , *SHARING , *CRYPTOGRAPHY , *QUANTUM entanglement , *QUANTUM cryptography - Abstract
A $((k,n))$ quantum threshold secret sharing (QTS) scheme is a quantum cryptographic protocol for sharing a quantum secret among $n$ parties such that the secret can be recovered by any $k$ or more parties while $k-1$ or fewer parties have no information about the secret. Despite extensive research on these schemes, there has been very little study on optimizing the quantum communication cost during recovery. Recently, we initiated the study of communication efficient quantum threshold secret sharing (CE-QTS) schemes. These schemes reduce the communication complexity in QTS schemes by accessing $d>k$ parties for recovery; here $d$ is fixed ahead of encoding the secret. In contrast to the standard QTS schemes which require $k$ qudits for recovering each qudit in the secret, these schemes have a lower communication cost of $\frac {d}{d-k+1}$. In this paper, we further develop the theory of communication efficient quantum threshold schemes. Here, we propose universal CE-QTS schemes which reduce the communication cost for all $d>k$ simultaneously. We provide a framework based on ramp quantum secret sharing to construct CE-QTS and universal CE-QTS schemes. We give another construction for universal CE-QTS schemes based on Staircase codes. We derived a lower bound on communication complexity and show that our constructions are optimal. Finally, an information theoretic model is developed to analyse CE-QTS schemes and the lower bound on communication complexity is proved again using this model. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
19. A Complete Study of Two Classes of Boolean Functions: Direct Sums of Monomials and Threshold Functions.
- Author
-
Carlet, Claude and Meaux, Pierrick
- Subjects
- *
BOOLEAN functions , *STREAM ciphers , *CRYPTOGRAPHY - Abstract
In this paper, we make a comprehensive study of two classes of Boolean functions whose interest originally comes from hybrid symmetric-FHE encryption (with stream ciphers like FiLIP), but which also present much interest for general stream ciphers. The functions in these two classes are cheap and easy to implement, and they allow the resistance to all classical attacks and to their guess and determine variants as well. We determine exactly all the main cryptographic parameters (algebraic degree, resiliency order, nonlinearity, algebraic immunity) for all functions in these two classes, and we give close bounds for the others (fast algebraic immunity, the dimension of the space of annihilators of minimal degree). This is the first time that this is done for all functions in large classes of cryptographic interest. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
20. On One-Dimensional Linear Minimal Codes Over Finite (Commutative) Rings.
- Author
-
Maji, Makhan, Mesnager, Sihem, Sarkar, Santanu, and Hansda, Kalyan
- Subjects
- *
LINEAR codes , *CODING theory , *FINITE rings , *COMMUTATIVE rings , *ALGEBRAIC fields , *ABSTRACT algebra , *FINITE fields - Abstract
Minimal linear codes have significant applications in secret sharing schemes and secure two-party computation. When they are defined over finite fields, those codes have been intensively studied, especially in recent years, but they have been firstly partially characterized by Ashikhmin and Barg since 1998. Next, they were completely characterized in 2018 by Ding, Heng, and Zhou in terms of the minimum and maximum nonzero weights in the corresponding codes. Since then, many construction methods for minimal linear codes over finite fields throughout algebraic and geometric approaches have been proposed in the literature. In particular, the algebraic approach gives rise to minimal codes from (cryptographic) functions. Linear codes over finite fields have been expanded into the collection of acceptable alphabets for codes and study codes over finite commutative rings. A natural way to extend the known results available in the literature is to consider minimal linear codes over commutative rings with unity. In extending coding theory to codes over rings, several essential principles must be considered. Particularly extending the minimality property from finite fields to rings and creating such codes is not simple. Such an extension offers more flexibility in the construction of minimal codes. The present article investigates one-dimensional minimal linear codes over the rings $\mathbb {Z}_{p^{n}}$ (where $p$ is a prime) and $\mathbb {Z}_{p^{m}q^{n}}$ (where $p < q$ are distinct primes and $m\leq n$). Our ultimate objective is to characterize such codes’ minimality and design minimal linear codes over the considered rings. Given our objective, we first introduced the notion of minimal codes over (commutative) rings and succeeded in deriving simple characterization of one-dimensional minimal linear codes over the underlying rings mentioned above. Our new algebraic approach allows designing new minimal linear codes. Almost minimal codes over rings are also presented. To the best of our knowledge, the present paper offers a wide variety of minimal codes over (commutative) rings for the first time. Novel perspectives and developments in this direction are expected in the future. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
21. Absolute Maximum Nonlinear Functions on Finite Nonabelian Groups.
- Author
-
Xu, Bangteng
- Subjects
- *
NONLINEAR functions , *FINITE groups , *ABELIAN groups , *FINITE fields , *NONABELIAN groups , *ELECTRONIC information resource searching - Abstract
Highly nonlinear functions (perfect nonlinear, maximum nonlinear, etc.) between finite fields have been studied in numerous papers. These concepts have been generalized first to finite abelian groups and then to finite nonabelian groups. In 2011, Poinsot and Pott introduced a new class of highly nonlinear functions between finite nonabelian groups, which are closely related to maximum nonlinear functions. They found such a function by a computer search, and proposed to find more such functions by theoretical constructions. Since then there is no progress in this topic. In this paper we continue the research in the direction proposed by Poinsot and Pott. Our purpose is to study the properties and constructions of this new class of highly nonlinear functions, called the absolute maximum nonlinear functions in this paper. In particular, for arbitrary finite (abelian or nonabelian) groups $K$ and $N$ with an absolute maximum nonlinear function $f: K \to N$ , we will prove that $N$ has to be abelian, and $f$ cannot be perfect nonlinear if $K$ is not abelian. Then we investigate the numerical constraints on the groups that have absolute maximum nonlinear functions. These constraints will eliminate the existence of absolute maximum nonlinear functions for many finite nonabelian groups. More importantly, using these constraints we will develop a method to construct absolute maximum nonlinear functions for some groups. In particular, we will determine all absolute maximum nonlinear functions on $A_4$ (the alternating group of degree 4). Furthermore, a general method to construct new absolute maximum nonlinear functions from the old ones will be given. [ABSTRACT FROM AUTHOR]
- Published
- 2020
- Full Text
- View/download PDF
22. Systematic Methods of Constructing Bent Functions and 2-Rotation Symmetric Bent Functions.
- Author
-
Su, Sihong
- Subjects
- *
BENT functions , *SYMMETRIC functions , *BOOLEAN functions , *INFORMATION theory - Abstract
In this paper, we first present two systematic constructions of bent functions by modifying the truth tables of Rothaus’s bent function and Maiorana-McFarland’s bent function respectively. The number of the newly constructed bent functions by modifying the truth table of Rothaus’s bent function is also determined. The methods of constructing self-dual bent functions are then given after the dual functions of these bent functions being determined. Finally, as an application, two constructions of 2-rotation symmetric bent functions are presented in this paper. [ABSTRACT FROM AUTHOR]
- Published
- 2020
- Full Text
- View/download PDF
23. Classification of the Codewords of Weights 16 and 18 of the Reed-Muller Code RM(n-3,n).
- Author
-
Mesnager, Sihem and Oblaukhov, Alexey
- Subjects
- *
REED-Muller codes , *CODING theory , *BINARY codes , *ERROR-correcting codes , *HAMMING weight , *BOOLEAN functions , *RADIUS (Geometry) - Abstract
Reed-Muller codes are error-correcting codes used in many areas related to coding theory, such as electrical engineering and computer science. The binary $r^{th}$ -order Reed-Muller code $RM(r,n)$ can be viewed as the set of all $n$ -variable Boolean functions of algebraic degree at most $r$. Despite the intense work on these codes, many problems are known to be hard (notably, determining their covering radius) and remain open to this day. Fourteen years ago, Carlet and Mesnager improved in [IEEE Transactions on Information Theory, “Improving the Upper Bounds on the Covering Radii of Binary Reed-Muller Codes”, 53(1), 2007] the upper bound on the covering radius of the Reed-Muller code of order 2, and they deduced improved upper bounds on the covering radii of the Reed-Muller codes of higher orders. Until 2021, these upper bounds remained the best ones in the literature. The Reed-Muller code $RM(n-3,n)$ , which corresponds to the dual of the Reed-Muller code $RM(2,n)$ , has attracted much attention. One of the main reasons is that it is precisely the code that has been considered to get the upper bounds derived by Carlet and Mesnager. Those upper bounds have been obtained thanks to the characterization of the codewords of the Reed-Muller code, whose Hamming weights are strictly less than 2.5 times the minimum distance $2^{n-r}$ due to Kasami, Tokura, and Azumi. Despite their impressive work in the seventieth, a more refined study and profound description of those codewords of ${RM}({n-3},{n})$ whose Hamming weight equals 16, and especially 18, seem necessary, as it could help us significantly in improving the covering radius of Reed-Muller codes. In this paper, we push further the known results on the Reed-Muller codes by focusing on the Reed-Muller code ${RM}({n-3},{n})$. We provide a classification of the codewords of weights 16 and 18 of the Reed-Muller code $RM(n-3,n)$. Our algebraic descriptions allow us to count the number of such codewords and to enumerate all of them explicitly. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
24. Revisiting the Concrete Security of Goldreich’s Pseudorandom Generator.
- Author
-
Yang, Jing, Guo, Qian, Johansson, Thomas, and Lentmaier, Michael
- Subjects
- *
ITERATIVE decoding , *CONCRETE , *CRYPTOGRAPHY , *SECURITY management - Abstract
Local pseudorandom generators are a class of fundamental cryptographic primitives having very broad applications in theoretical cryptography. Following Couteau et al.’s work at ASIACRYPT 2018, this paper further studies the concrete security of one important class of local pseudorandom generators, i.e., Goldreich’s pseudorandom generators. Our first attack is of the guess-and-determine type. Our result significantly improves the state-of-the-art algorithm proposed by Couteau et al., in terms of both asymptotic and concrete complexity, and breaks all the challenge parameters they proposed. For instance, for a parameter set suggested for 128 bits of security, we could solve the instance faster by a factor of about 277, thereby destroying the claimed security completely. Our second attack further exploits the extremely sparse structure of the predicate $P_{5}$ and combines ideas from iterative decoding. This novel attack, named guess-and-decode, substantially improves the guess-and-determine approaches for cryptographic-relevant parameters. All the challenge parameter sets proposed in Couteau et al.’s work in ASIACRYPT 2018 aiming for 80-bit (128-bit) security levels can be solved in about 258 (278) operations. We suggest new parameters for achieving 80-bit (128-bit) security with respect to our attacks. We also extend the attacks to other promising predicates and investigate their resistance. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
25. A Wide Class of Boolean Functions Generalizing the Hidden Weight Bit Function.
- Subjects
- *
BOOLEAN functions , *STREAM ciphers , *SET functions , *HAMMING weight , *ARTIFICIAL intelligence - Abstract
Designing Boolean functions whose output can be computed with light means at high speed, and satisfying all the criteria necessary to resist all major attacks on the stream ciphers using them as nonlinear components, has been an open problem since the beginning of this century, when algebraic attacks were invented. Functions allowing a good resistance are known since 2008, but their output is a little too complex to compute. Functions with fast and easy to compute output are known which have good algebraic immunity, such as majority functions and the so-called hidden weight bit (HWB) functions, but they all have the same cryptographic weakness: their too small nonlinearity. In the present paper, we introduce a generalization of the HWB functions into a construction of $n$ -variable balanced functions $f$ from $(n-1)$ -variable Boolean functions $g$ having some property held by a large number of functions. Function $f$ is defined by its support, equal to the image set of a vectorial function depending on $g$. This makes the function complex enough for allowing good cryptographic parameters, while its output is light to compute. The HWB function is what we obtain with $f$ when the initial function $g$ equals constant 1. Other well chosen functions $g$ provide functions $f$ having good cryptographic parameters. We analyze the constructed functions $f$ , we provide a fast way to compute their output, we determine their algebraic normal forms and we show that, most often, their algebraic degree is optimal. We study their Walsh transform and their nonlinearity and algebraic immunity. We observe with computer investigations that this generalization of the HWB function allows to keep its quality of being fast to compute and having good enough algebraic immunity, while significantly improving its nonlinearity. The functions already obtained in the investigations provide a quite good (and never reached before) trade-off between speed and security. Further (probably difficult) work should allow obtaining, among such generalized HWB functions whose number is huge, still better filter functions to be used in stream ciphers. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
26. Algorithms for the Minimal Rational Fraction Representation of Sequences Revisited.
- Author
-
Che, Jun, Tian, Chengliang, Jiang, Yupeng, and Xu, Guangwu
- Subjects
- *
STREAM ciphers , *ALGORITHMS , *APPROXIMATION algorithms , *BINARY sequences , *CRYPTOGRAPHY - Abstract
Given a binary sequence with length $n$ , determining its minimal rational fraction representation (MRFR) has important applications in the design and cryptanalysis of stream ciphers. There are many studies of this problem since Klapper and Goresky first introduced an adaptive rational approximation algorithm with a time complexity of $O(n^{2}\log n\log \log n)$. In this paper, we revisit this problem by considering both adaptive and non-adaptive efficient algorithms. Compared with the state-of-art methods, we make several contributions to the problem of finding MRFR. Firstly, we find a general and precise recursive relationship between the minimal bases for two adjacent lattices generated by successive truncation sequences. This enables us to improve the currently fastest adaptive algorithm proposed by Li et al.. Secondly, by optimizing a time-consuming step of the well-known Lagrange reduction algorithm for 2-dimensional lattices, we obtain a non-adaptive, and yet practically faster MRFR-solving algorithm named global Euclidean algorithm. Thirdly, we identify theoretical flaws on some non-adaptive methods in the literature by counter-examples and correct the problems by designing modified Euclidean algorithm named partial Euclidean algorithm. Meanwhile, we further reduce the time complexity of existing algorithm from $O(n^{2})$ to $O(n\log ^{2}n\log \log n)$ by invoking the half-gcd algorithm. We also conduct a comprehensive experimental comparative analysis on the above algorithms to validate our theoretical analysis. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
27. Information-Theoretic Secret Sharing From Correlated Gaussian Random Variables and Public Communication.
- Author
-
Rana, Vidhi, Chou, Remi A., and Kwon, Hyuck M.
- Subjects
- *
PUBLIC communication , *INFORMATION-theoretic security , *SHARING , *RANDOM variables , *GAUSSIAN channels - Abstract
In this paper, we study an information-theoretic secret sharing problem, where a dealer distributes shares of a secret among a set of participants under the following constraints: (i) authorized sets of users can recover the secret by pooling their shares, and (ii) non-authorized sets of colluding users cannot learn any information about the secret. We assume that the dealer and participants observe the realizations of correlated Gaussian random variables and that the dealer can communicate with participants through a one-way, authenticated, rate-limited, and public channel. Unlike traditional secret sharing protocols, in our setting, no perfectly secure channel is needed between the dealer and the participants. Our main result is a closed-form characterization of the fundamental trade-off between secret rate and public communication rate. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
28. Extended Irreducible Binary Sextic Goppa Codes.
- Author
-
Huang, Daitao and Yue, Qin
- Subjects
- *
BINARY codes , *PRIME numbers , *FINITE fields , *REED-Solomon codes , *IRREDUCIBLE polynomials - Abstract
Let $n (>3)$ be a prime number and ${\mathbb {F}}_{2^{n}}$ a finite field of $2^{n}$ elements. Let $L ={\mathbb {F}}_{2^{n}}\cup \{\infty \}$ be the support set and $g(x)$ an irreducible polynomial of degree 6 over ${\mathbb {F}}_{2^{n}}$. In this paper, we obtain an upper bound on the number of extended irreducible binary Goppa codes $\Gamma (L, g)$ of degree 6 and length $2^{n}+1$. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF
29. Decoding of Interleaved Alternant Codes.
- Author
-
Holzbaur, Lukas, Liu, Hedongliang, Neri, Alessandro, Puchinger, Sven, Rosenkilde, Johan, Sidorenko, Vladimir, and Wachter-Zeh, Antonia
- Subjects
- *
DECODING algorithms , *REED-Solomon codes - Abstract
Interleaved Reed–Solomon codes admit efficient decoding algorithms which correct burst errors far beyond half the minimum distance in the random errors regime, e.g., by computing a common solution to the Key Equation for each Reed–Solomon code, as described by Schmidt et al. If this decoder does not succeed, it may either fail to return a codeword or miscorrect to an incorrect codeword, and good upper bounds on the fraction of error matrices for which these events occur are known. The decoding algorithm immediately applies to interleaved alternant codes as well, i.e., the subfield subcodes of interleaved Reed–Solomon codes, but the fraction of decodable error matrices differs, since the error is now restricted to a subfield. In this paper, we present new general lower and upper bounds on the fraction of error matrices decodable by Schmidt et al.’s decoding algorithm, thereby making it the only decoding algorithm for interleaved alternant codes for which such bounds are known. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
30. The Expansion Complexity of Ultimately Periodic Sequences Over Finite Fields.
- Author
-
Sun, Zhimin, Zeng, Xiangyong, Li, Chunlei, Zhang, Yi, and Yi, Lin
- Subjects
- *
SHIFT registers , *COMPLEXITY (Philosophy) - Abstract
The expansion complexity is a new figure of merit for cryptographic sequences. In this paper, we present an explicit formula of the (irreducible) expansion complexity of ultimately periodic sequences over finite fields. We also provide improved upper and lower bounds on the $N$ th irreducible expansion complexity when they are not explicitly determined. In addition, for some infinite sequences with given nonlinear complexity, a tighter upper bound of their $N$ th expansion complexity is given. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
31. Investigations on c -(Almost) Perfect Nonlinear Functions.
- Author
-
Mesnager, Sihem, Riera, Constanza, Stanica, Pantelimon, Yan, Haode, and Zhou, Zhengchun
- Subjects
- *
NONLINEAR functions , *CRYPTOGRAPHY , *BOOLEAN functions , *UNIFORMITY - Abstract
In a prior paper (Ellingsen et al., 2020), two of us, along with P. Ellingsen, P. Felke, and A. Tkachenko, defined a new (output) multiplicative differential and the corresponding $c$ -differential uniformity, which has the potential of extending differential cryptanalysis. Here, we continue the work by looking at some APN functions through the mentioned concept and showing that their $c$ -differential uniformity increases significantly in some cases. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
32. One-Shot Variable-Length Secret Key Agreement Approaching Mutual Information.
- Author
-
Li, Cheuk Ting and Anantharam, Venkat
- Subjects
- *
RANDOM variables , *TASK analysis , *INTERNET of things - Abstract
This paper studies an information-theoretic one-shot variable-length secret key agreement problem with public discussion. Let X and Y be jointly distributed random variables, each taking values in some measurable space. Alice and Bob observe X and Y respectively, can communicate interactively through a public noiseless channel, and want to agree on a key length and a key that is approximately uniformly distributed over all bit sequences with the agreed key length. The public discussion is observed by an eavesdropper, Eve. The key should be approximately independent of the public discussion, conditional on the key length. We show that the optimal expected key length is close to the mutual information I(X;Y) within a logarithmic gap. Moreover, an upper bound and a lower bound on the optimal expected key length can be written down in terms of I(X;Y) only. This means that the optimal one-shot performance is always within a small gap of the optimal asymptotic performance regardless of the distribution of the pair (X,Y). This one-shot result may find applications in situations where the components of an i.i.d. pair source (Xn,Yn) are observed sequentially and the key is output bit by bit, or in situations where the random source is not an i.i.d. or ergodic process. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
33. On the Derivative Imbalance and Ambiguity of Functions.
- Author
-
Fu, Shihui, Feng, Xiutao, Wang, Qiang, and Carlet, Claude
- Subjects
- *
ABELIAN groups , *FINITE groups , *AMBIGUITY , *INFORMATION theory , *BOOLEAN functions - Abstract
In 2007, Carlet and Ding introduced two parameters, denoted by $Nb_{F}$ and $NB_{F}$ , quantifying respectively the balancedness of general functions $F$ between finite Abelian groups and the (global) balancedness of their derivatives $D_{a} F(x)=F(x+a)-F(x)$ , $a\in G\setminus \{0\}$ (providing an indicator of the nonlinearity of the functions). These authors studied the properties and cryptographic significance of these two measures. They provided inequalities relating the nonlinearity $\mathcal {NL}(F)$ to $NB_{F}$ for S-box and specifically obtained an upper bound on the nonlinearity that unifies Sidelnikov-Chabaud-Vaudenay’s bound and the covering radius bound. At the Workshop WCC 2009 and in its postproceedings in 2011, a further study of these parameters was made; in particular, the first parameter was applied to the functions $F+L$ , where $L$ is affine, providing more nonlinearity parameters. In 2010, motivated by the study of Costas arrays, two parameters called ambiguity and deficiency were introduced by Panario et al. for permutations over finite Abelian groups to measure the injectivity and surjectivity of the derivatives, respectively. These authors also studied some fundamental properties and cryptographic significance of these two measures. Further studies followed without comparing the second pair of parameters to the first one. In this paper, we observe that ambiguity is the same parameter as $NB_{F}$ up to additive and multiplicative constants (i.e., up to rescaling). We perform the necessary work of comparison and unification of the results on $NB_{F}$ and on ambiguity, which have been obtained in the five papers devoted to these parameters. We generalize some known results to any finite Abelian groups. More importantly, we derive many new results on these parameters. [ABSTRACT FROM AUTHOR]
- Published
- 2019
- Full Text
- View/download PDF
34. Generalized Subspace Subcodes With Application in Cryptology.
- Author
-
Berger, Thierry P., Gueye, Cheikh Thiecoumba, and Klamti, Jean Belo
- Subjects
- *
REED-Solomon codes , *CRYPTOGRAPHY , *LINEAR codes , *BINARY codes , *FINITE fields , *CYCLIC codes , *ALGEBRAIC codes , *SUBSPACES (Mathematics) - Abstract
Most codes with an algebraic decoding algorithm are derived from Reed-Solomon codes. They are obtained by taking equivalent codes, for example, generalized Reed-Solomon codes, or by using the so-called subfield subcode method, which leads to alternant codes over the underlying prime field, or over some intermediate subfield. The main advantage of these constructions is to preserve both the minimum distance and the decoding algorithm of the underlying Reed-Solomon code. In this paper, we explore in detail the subspace subcodes construction. This kind of codes was already studied in the particular case of cyclic Reed-Solomon codes. We extend this approach to any linear code over the extension of a finite field. We are interested in additive codes who are deeply connected to subfield subcodes. We characterize the duals of subspace subcodes. We introduce the notion of generalized subspace subcodes. We apply our results to generalized Reed-Solomon codes which leads to codes with interesting parameters, especially over a large alphabet. To conclude this paper, we discuss the security of the use of generalized subspace subcodes of Reed-Solomon codes in a cryptographic context. [ABSTRACT FROM AUTHOR]
- Published
- 2019
- Full Text
- View/download PDF
35. Factorizations of Binomial Polynomials and Enumerations of LCD and Self-Dual Constacyclic Codes.
- Author
-
Wu, Yansheng and Yue, Qin
- Subjects
- *
FACTORIZATION , *BINOMIAL equations , *LINEAR codes , *POLYNOMIALS , *MATHEMATICS theorems - Abstract
Constacyclic codes are well-known generalizations of cyclic and negacyclic codes. Due to their rich algebraic structure, constacyclic codes are used to construct quantum codes and symbol-pair codes. Let ${\mathbb {F}}_{q}$ be a finite field with order $q$ , where $q$ is a positive power of a prime $p$. Suppose that $n$ is a positive integer and the product of distinct prime factors of $n$ divides $q-1$ , i.e., $rad(n)\mid (q-1)$. In this paper, we explicitly factorize the polynomial $x^{n}-\lambda $ for each $\lambda \in {\mathbb {F}}_{q}^{*}$. As applications, first, we obtain all repeated-root $\lambda $ -constacyclic codes and their dual codes of length $np^{s}$ over ${\mathbb {F}}_{q}$ ; second, we determine all simple-root LCD cyclic codes and LCD negacyclic codes of length $n$ over ${\mathbb {F}}_{q}$ ; third, we list all self-dual repeated-root negacyclic codes of length $np^{s}$ over ${\mathbb {F}}_{q}$. In contrast to known results, the lengths of constacyclic codes in this paper have more flexible parameters. [ABSTRACT FROM AUTHOR]
- Published
- 2019
- Full Text
- View/download PDF
36. Centralized Repair of Multiple Node Failures With Applications to Communication Efficient Secret Sharing.
- Author
-
Rawat, Ankit Singh, Koyluoglu, Onur Ozan, and Vishwanath, Sriram
- Subjects
- *
DATA transmission systems , *DIGITAL communications , *ELECTRONIC systems , *INFORMATION theory , *TELECOMMUNICATION systems , *COMPUTER security - Abstract
This paper considers a distributed storage system, where multiple storage nodes can be reconstructed simultaneously at a centralized location. This centralized multi-node repair (CMR) model is a generalization of regenerating codes that allow for bandwidth efficient repair of a single-failed node. This paper focuses on the tradeoff between the amount of data stored and repair bandwidth in the CMR model. In particular, repair bandwidth bounds are derived for the minimum storage multi-node repair (MSMR) and the minimum bandwidth multi-node repair (MBMR) operating points. The tightness of these bounds is analyzed via code constructions. The MSMR point is characterized by codes achieving this point under functional repair for the general set of CMR parameters, as well as with codes enabling exact repair for certain CMR parameters. The MBMR point, on the other hand, is characterized with exact repair codes for all CMR parameters for systems that satisfy a certain entropy accumulation property. Finally, the model proposed here is utilized for the secret sharing problem, where the codes for the multi-node repair problem are used to construct communication efficient secret sharing schemes with the property of bandwidth efficient share repair. [ABSTRACT FROM AUTHOR]
- Published
- 2018
- Full Text
- View/download PDF
37. Provable Security Evaluation of Block Ciphers Against Demirci-Selçuk’s Meet-in-the-Middle Attack.
- Author
-
Sun, Bing
- Subjects
- *
BLOCK ciphers , *ALGORITHMS , *CRYPTOGRAPHY , *BURGLARY protection , *DIVISIBILITY groups , *CIPHERS , *SECURITY management - Abstract
The Demirci-Selçuk’s meet-in-the-middle attack is one of the most important methods among all the cryptanalytic vectors, which gives the best result against the round-reduced AES with respect to the rounds, and tradeoffs between data, time and memory. While we have already built provable security models against the differential cryptanalysis, linear cryptanalysis cryptanalysis, impossible differential and zero-correlation linear cryptanalysis, the provable security against the meet-in-the-middle attack is missing. In this paper, we propose the subset representation of function based on which we could give an algorithm to compute the exact number of parameters of the Demirci-Selçuk’s distinguisher given the input and output, respectively. Experiments show that this algorithm can be more efficient than the automatical tool presented by Shi et al. at Asiacrypt 2018. We further extract a formula based on this algorithm and show an upper bound for the length of the Demirci-Selçuk’s distinguisher of an iterative SPN cipher. We prove that for an SPN block cipher whose block size equals the key size, an effective Demirci-Selçuk-type meet-in-the-middle distinguisher covers at most twice the maximum of the primitive indexes of the linear layer and its inverse. As a result, we show that the known length of the Demirci-Selçuk’s distinguisher of the AES-128 cannot be improved unless the details of the S-boxes are exploited, which demonstrates that the AES has a provable security against the Demirci-Selçuk’s meet-in-the-middle attack. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
38. Full Characterization of Minimal Linear Codes as Cutting Blocking Sets.
- Author
-
Tang, Chunming, Qiu, Yan, Liao, Qunying, and Zhou, Zhengchun
- Subjects
- *
BLOCK codes , *PROJECTIVE planes , *LINEAR codes , *HAMMING weight , *FINITE geometries - Abstract
In this paper, we first study in detail the relationship between minimal linear codes and cutting blocking sets, recently introduced by Bonini and Borello, and then completely characterize minimal linear codes as cutting blocking sets. As a direct result, minimal projective codes of dimension 3 and t-fold blocking sets with t ≥ 2 in projective planes are identical objects. Some bounds on the parameters of minimal codes are derived from this characterization. Using this new link between minimal codes and blocking sets, we also present new general primary and secondary constructions of minimal linear codes. As a result, infinite families of minimal linear codes not satisfying the Aschikhmin-Barg’s condition are obtained. In addition to this, open problems on the parameters and the weight distributions of some generated linear codes are presented. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
39. Further Study of 2-to-1 Mappings Over F2n.
- Author
-
Li, Kangquan, Mesnager, Sihem, and Qu, Longjiang
- Subjects
- *
FINITE fields , *BENT functions , *ATHLETIC fields , *POLYNOMIALS , *CRYPTOGRAPHY - Abstract
2-to-1 mappings over finite fields play an important role in symmetric cryptography, particularly in the constructions of APN functions, bent functions, and semi-bent functions. Very recently, Mesnager and Qu [IEEE Trans. Inf. Theory 65 (12): 7884-7895] provided a systematic study of 2-to-1 mappings over finite fields. In particular, they determined all 2-to-1 mappings of degree at most 4 over any finite field. Besides, another research direction is to consider 2-to-1 polynomials with few terms. Some results about 2-to-1 monomials and binomials have been obtained in [IEEE Trans. Inf. Theory 65 (12): 7884-7895]. Motivated by their work, in this present paper, we push further the study of 2-to-1 mappings, particularly over finite fields with characteristic 2 (binary case being the most interesting for applications). Firstly, we completely determine 2-to-1 polynomials with degree 5 over F2n using the well-known Hasse-Weil bound. Besides, we consider 2-to-1 mappings with few terms, mainly trinomials and quadrinomials. Using the multivariate method and the resultant of two polynomials, we present two classes of 2-to-1 trinomials, which explain all the examples of 2-to-1 trinomials of the form xk + β xℓ + α ∈ F2n[x] with n ≤ 7. We derive twelve classes of 2-to-1 quadrinomials with trivial coefficients over F2n. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
40. Boolean Functions: Noise Stability, Non-Interactive Correlation Distillation, and Mutual Information.
- Author
-
Li, Jiange and Medard, Muriel
- Subjects
- *
BOOLEAN functions , *DISTILLATION , *NOISE , *TORUS , *MARKOV processes , *CONVEX functions - Abstract
Let $T_{\epsilon }$ be the noise operator acting on Boolean functions $f:\{0, 1\}^{n}\to \{0, 1\}$ , where $\epsilon \in [{0, 1/2}]$ is the noise parameter. Given $\alpha >1$ and fixed mean $\mathbb {E} f$ , which Boolean function $f$ has the largest $\alpha $ -th moment $\mathbb {E}(T_\epsilon f)^\alpha $ ? This question has close connections with noise stability of Boolean functions, the problem of non-interactive correlation distillation, and Courtade-Kumar’s conjecture on the most informative Boolean function. In this paper, we characterize maximizers in some extremal settings, such as low noise ($\epsilon =\epsilon (n)$ close to 0), high noise ($\epsilon =\epsilon (n)$ close to 1/2), as well as when $\alpha =\alpha (n)$ is large. Analogous results are also established in more general contexts, such as Boolean functions defined on discrete torus $(\mathbb {Z}/p \mathbb {Z})^{n}$ and the problem of noise stability in a tree model. [ABSTRACT FROM AUTHOR]
- Published
- 2021
- Full Text
- View/download PDF
41. Improved Bounds on Lossless Source Coding and Guessing Moments via Rényi Measures.
- Author
-
Sason, Igal and Verdu, Sergio
- Subjects
- *
CODING theory , *CRYPTOGRAPHY , *SEQUENTIAL decoding , *GAUSSIAN function , *STATISTICAL hypothesis testing - Abstract
This paper provides upper and lower bounds on the optimal guessing moments of a random variable taking values on a finite set when side information may be available. These moments quantify the number of guesses required for correctly identifying the unknown object and, similarly to Arikan’s bounds, they are expressed in terms of the Arimoto-Rényi conditional entropy. Although Arikan’s bounds are asymptotically tight, the improvement of the bounds in this paper is significant in the non-asymptotic regime. Relationships between moments of the optimal guessing function and the MAP error probability are also established, characterizing the exact locus of their attainable values. The bounds on optimal guessing moments serve to improve non-asymptotic bounds on the cumulant generating function of the codeword lengths for fixed-to-variable optimal lossless source coding without prefix constraints. Non-asymptotic bounds on the reliability function of discrete memoryless sources are derived as well. Relying on these techniques, lower bounds on the cumulant generating function of the codeword lengths are derived, by means of the smooth Rényi entropy, for source codes that allow decoding errors. [ABSTRACT FROM PUBLISHER]
- Published
- 2018
- Full Text
- View/download PDF
42. Construction of n -Variable ( n\equiv 2 \bmod 4 ) Balanced Boolean Functions With Maximum Absolute Value in Autocorrelation Spectra < 2^\frac n2.
- Author
-
Tang, Deng and Maitra, Subhamoy
- Subjects
- *
BOOLEAN functions , *CRYPTOGRAPHY , *BENT functions , *CODING theory , *AUTOCORRELATION (Statistics) - Abstract
In this paper, we consider the maximum absolute value \Delta f in the autocorrelation spectrum (not considering the zero point) of a function f . In an even number of variables n , bent functions possess the highest nonlinearity with \Delta f = 0 . The long standing open question (for two decades) in this area is to obtain a theoretical construction of balanced functions with \Delta f < 2^{n/2} . So far, there are only a few examples of such functions for n = 10, 14 , but no general construction technique is known. In this paper, we mathematically construct an infinite class of balanced Boolean functions on n variables having absolute indicator strictly lesser than \delta n = 2^{n/2}-2^{(({n+6})/{4})} , nonlinearity strictly greater than \rho n = 2^{n-1} - 2^{n/2} + 2^{n/2-3} - 5\cdot 2^{(({n-2})/{4})} and algebraic degree n-1 , where n\equiv 2 \pmod 4 and n\geq 46 . While the bound n \geq 46 is required for proving the generic result, our construction starts from n = 18 and nonlinearity > 2^n-1 - 2^n/2 for n = 18, 22 , and 26. [ABSTRACT FROM PUBLISHER]
- Published
- 2018
- Full Text
- View/download PDF
43. On the Maximum Number of Bent Components of Vectorial Functions.
- Author
-
Pott, Alexander, Pasalic, Enes, Muratovic-Ribic, Amela, and Bajric, Samed
- Subjects
- *
CODING theory , *VECTOR algebra , *LINEAR operators , *POLYNOMIALS , *BENT functions - Abstract
In this paper, we show that the maximum number of bent component functions of a vectorial function F:GF(2)^n\to GF(2)^n is 2^n-2^n/2 . We also show that it is very easy to construct such functions. However, it is a much more challenging task to find such functions in polynomial form F\in GF(2^n)[x] , where F has only a few terms. The only known power functions having such a large number of bent components are x^{d} , where d=2^{n/2}+1 . In this paper, we show that the binomials F^i(x)=x^2^i(x+x^2^n/2) also have such a large number of bent components, and these binomials are inequivalent to the monomials x^2^n/2+1 if 0
- Published
- 2018
- Full Text
- View/download PDF
44. Narrow-Sense BCH Codes Over \mathrm GF(q) With Length n=\frac q^m-1q-1.
- Author
-
Li, Shuxing, Ding, Cunsheng, Xiong, Maosheng, and Ge, Gennian
- Subjects
- *
CYCLIC codes , *QUADRATIC forms , *BCH codes , *DECODING algorithms , *TELECOMMUNICATION systems - Abstract
Cyclic codes are widely employed in communication systems, storage devices, and consumer electronics, as they have efficient encoding and decoding algorithms. BCH codes, as a special subclass of cyclic codes, are in most cases among the best cyclic codes. A subclass of good BCH codes are the narrow-sense BCH codes over \mathrm GF(q) with length n=(q^m-1)/(q-1) . Little is known about this class of BCH codes when $q>2$ . The objective of this paper is to study some of the codes within this class. In particular, the dimension, the minimum distance, and the weight distribution of some ternary BCH codes with length n=(3^{m}-1)/2 are determined in this paper. A class of ternary BCH codes meeting the Griesmer bound is identified. An application of some of the BCH codes in secret sharing is also investigated. [ABSTRACT FROM PUBLISHER]
- Published
- 2017
- Full Text
- View/download PDF
45. Constructions of Self-Orthogonal Codes From Hulls of BCH Codes and Their Parameters.
- Author
-
Du, Zongrun, Li, Chengju, and Mesnager, Sihem
- Subjects
- *
LINEAR codes , *CYCLIC codes , *QUANTUM computing , *FINITE fields , *QUANTUM communication , *ERROR-correcting codes - Abstract
Self-orthogonal codes are an interesting type of linear codes due to their wide applications in communication and cryptography. It is known that self-orthogonal codes are often used to construct quantum error-correcting codes, which can protect quantum information in quantum computations and quantum communications. Let $\mathcal C$ be an $[n, k]$ cyclic code over $\mathbb {F}_{q}$ , where $\mathbb {F}_{q}$ is the finite field of order $q$. The hull of $\mathcal C$ is defined to be the intersection of the code and its dual. In this paper, we will employ the defining sets of cyclic codes to present two general characterizations of the hulls that have dimension $k-1$ or $k^\perp -1$ , where $k^\perp $ is the dimension of the dual code $\mathcal C^\perp $. Several sufficient and necessary conditions for primitive and projective BCH codes to have $(k-1)$ -dimensional (or $(k^\perp -1)$ -dimensional) hulls are also developed by presenting lower and upper bounds on their designed distances. Furthermore, several classes of self-orthogonal codes are proposed via the hulls of BCH codes and their parameters are also investigated. The dimensions and minimum distances of some self-orthogonal codes are determined explicitly. In addition, several optimal codes are obtained. [ABSTRACT FROM AUTHOR]
- Published
- 2020
- Full Text
- View/download PDF
46. Minimal Linear Codes From Characteristic Functions.
- Author
-
Mesnager, Sihem, Qi, Yanfeng, Ru, Hongming, and Tang, Chunming
- Subjects
- *
LINEAR codes , *BOOLEAN functions , *CHARACTERISTIC functions , *HAMMING weight , *BINARY codes - Abstract
Minimal linear codes have interesting applications in secret sharing schemes and secure two-party computation. This paper uses characteristic functions of some subsets of $\mathbb {F}_{q}$ to construct minimal linear codes. By properties of characteristic functions, we can obtain more minimal binary linear codes from known minimal binary linear codes, which generalizes results of Ding et al. [IEEE Trans. Inf. Theory, vol. 64, no. 10, pp. 6536–6545, 2018]. By characteristic functions corresponding to some subspaces of $\mathbb {F}_{q}$ , we obtain many minimal linear codes, which generalizes results of [IEEE Trans. Inf. Theory, vol. 64, no. 10, pp. 6536–6545, 2018] and [IEEE Trans. Inf. Theory, vol. 65, no. 11, pp. 7067–7078, 2019]. Finally, we use characteristic functions to present a characterization of minimal linear codes from the defining set method and present a class of minimal linear codes. [ABSTRACT FROM AUTHOR]
- Published
- 2020
- Full Text
- View/download PDF
47. Constructing APN Functions Through Isotopic Shifts.
- Author
-
Budaghyan, Lilya, Calderini, Marco, Carlet, Claude, Coulter, Robert S., and Villa, Irene
- Subjects
- *
INFORMATION theory , *CODING theory , *BOOLEAN functions , *MATHEMATICAL equivalence , *MATHEMATICS - Abstract
Almost perfect nonlinear (APN) functions over fields of characteristic 2 play an important role in cryptography, coding theory and, more generally, mathematics and information theory. In this paper we deduce a new method for constructing APN functions by studying the isotopic equivalence, concept defined for quadratic planar functions in fields of odd characteristic. In particular, we construct a family of quadratic APN functions which provides a new example of an APN mapping over ${\mathbb F}_{2^{9}}$ and includes an example of another APN function $x^{9}+ \mathop {\mathrm {Tr}}\nolimits (x^{3})$ over ${\mathbb F}_{2^{8}}$ , known since 2006 and not classified up to now. We conjecture that the conditions for this family are satisfied by infinitely many APN functions. [ABSTRACT FROM AUTHOR]
- Published
- 2020
- Full Text
- View/download PDF
48. A Class of Quadrinomial Permutations With Boomerang Uniformity Four.
- Author
-
Tu, Ziran, Li, Nian, Zeng, Xiangyong, and Zhou, Junchao
- Subjects
- *
BLOCK ciphers , *UNIFORMITY , *PERMUTATIONS , *CRYPTOGRAPHY , *FINITE fields - Abstract
In Eurocrypt’18, Cid et al. proposed a new cryptanalysis tool called Boomerang Connectivity Table (BCT), to evaluate S-boxes of block ciphers. Later, Boura and Canteaut further investigated the new parameter Boomerang uniformity for cryptographic S-boxes. It is of great interest to find new S-boxes with low Boomerang uniformity for even dimensions. In this paper, we prove that a class of permutation quadrinomials over $\mathbb {F}_{2^{2m}}$ with $m$ odd has Boomerang uniformity four, which gives the fifth class of such kind of permutation polynomials. Further, the occurrences of 0 and 4 in the BCTs of the investigated permutation polynomials are also completely determined. [ABSTRACT FROM AUTHOR]
- Published
- 2020
- Full Text
- View/download PDF
49. Explicit Constructions of MDS Self-Dual Codes.
- Author
-
Sok, Lin
- Subjects
- *
DIVISOR theory , *ALGEBRAIC codes , *ALGEBRAIC geometry , *FINITE fields , *ALGEBRAIC fields , *ALGEBRAIC functions - Abstract
In this paper, we study self-dual codes over finite fields using tools from algebraic function fields in one variable. An algebraic geometry code of length $n$ is defined using two divisors $G$ and $D=P_{1}+\cdots +P_{n}$. We characterize self-orthogonality of the genus zero code in terms of the divisors $G$ , $D$ and the value of a well-chosen derivative polynomial at points $(P_{i})_{1\le i\le n}$. We explore the existence problem of MDS self-dual codes in the odd characteristic case, and we explicitly construct families of new MDS self-dual codes. [ABSTRACT FROM AUTHOR]
- Published
- 2020
- Full Text
- View/download PDF
50. LCD and Self-Orthogonal Group Codes in a Finite Abelian $p$ -Group Algebra.
- Author
-
Li, Fengwei, Yue, Qin, and Wu, Yansheng
- Subjects
- *
FINITE groups , *ALGEBRA , *LINEAR codes , *ABELIAN groups , *LIQUID crystal displays , *GROUP algebras - Abstract
Let $\Bbb F_{q}$ be a finite field with $q$ elements and $p$ be a prime with $\gcd (p,q)=1$. Let $G$ be a finite abelian $p$ -group and $\Bbb F_{q}(G)$ be a group algebra. In this paper, we find all primitive idempotents and minimal abelian group codes in the group algebra $\Bbb F_{q}(G)$. Furthermore, we give all LCD abelian codes (linear code with complementary dual) and self-orthogonal abelian codes of $\Bbb F_{q}(G)$. [ABSTRACT FROM AUTHOR]
- Published
- 2020
- Full Text
- View/download PDF
Discovery Service for Jio Institute Digital Library
For full access to our library's resources, please sign in.