85 research outputs found
A New Method to Investigate the CCZ-Equivalence between Functions with Low Differential Uniformity
Recently, many new classes of differentially -uniform permutations
have been constructed. However, it is difficult to decide whether they are CCZ-inequivalent or not.
In this paper, we propose a new notion called Projected Differential Spectrum .
By considering the properties of the projected differential spectrum, we find several relations that should be satisfied by CCZ-equivalent functions.
Based on these results, we mathematically prove that any differentially -uniform permutation constructed in \cite{CTTL} by {C.Carlet, D.Tang, X.Tang, et al.,} is CCZ-inequivalent to the inverse function. We also get two interesting results with the help of computer experiments. The first one is a proof that
any permutation constructed in \cite{CTTL} is CCZ-inequivalent to a function which is the summation of the inverse function and any Boolean function on \gf_{2^{2k}} when . The second one is a differentially -uniform permutation
on \gf_{2^6} which is CCZ-inequivalent to any function in the aforementioned two classes
cc-differential uniformity, (almost) perfect cc-nonlinearity, and equivalences
In this article, we introduce new notions -differential uniformity,
-differential spectrum, PccN functions and APccN functions, and investigate
their properties. We also introduce -CCZ equivalence, -EA equivalence,
and -equivalence. We show that -differential uniformity is invariant
under -equivalence, and -differential uniformity and -differential
spectrum are preserved under -CCZ equivalence. We characterize
-differential uniformity of vectorial Boolean functions in terms of the
Walsh transformation. We investigate -differential uniformity of power
functions . We also illustrate examples to prove that -CCZ
equivalence is strictly more general than -EA equivalence.Comment: 18 pages. Comments welcom
On the Derivative Imbalance and Ambiguity of Functions
In 2007, Carlet and Ding introduced two parameters, denoted by and
, quantifying respectively the balancedness of general functions
between finite Abelian groups and the (global) balancedness of their
derivatives , (providing an
indicator of the nonlinearity of the functions). These authors studied the
properties and cryptographic significance of these two measures. They provided
for S-boxes inequalities relating the nonlinearity to ,
and obtained in particular an upper bound on the nonlinearity which unifies
Sidelnikov-Chabaud-Vaudenay's bound and the covering radius bound. At the
Workshop WCC 2009 and in its postproceedings in 2011, a further study of these
parameters was made; in particular, the first parameter was applied to the
functions where is affine, providing more nonlinearity parameters.
In 2010, motivated by the study of Costas arrays, two parameters called
ambiguity and deficiency were introduced by Panario \emph{et al.} for
permutations over finite Abelian groups to measure the injectivity and
surjectivity of the derivatives respectively. These authors also studied some
fundamental properties and cryptographic significance of these two measures.
Further studies followed without that the second pair of parameters be compared
to the first one.
In the present paper, we observe that ambiguity is the same parameter as
, up to additive and multiplicative constants (i.e. up to rescaling). We
make the necessary work of comparison and unification of the results on ,
respectively on ambiguity, which have been obtained in the five papers devoted
to these parameters. We generalize some known results to any Abelian groups and
we more importantly derive many new results on these parameters
Computational search for isotopic semifields and planar functions in characteristic 3
In this thesis, we investigate the possibility of finding new planar functions and corresponding semifields in characteristic 3 by the construction of isotopic semifields from the known families and sporadic instances of planar functions. Using the conditions laid out by Coulter and Henderson, we are able to deduce that a number of the known infinite families can never produce CCZ-inequivalent functions via isotopism. For the remaining families, we computationally investigate the isotopism classes of their instances over finite fields of order 3^n for n ≤ 8. We find previously unknown isotopisms between the semifields corresponding to some of the known planar functions for n = 6 and n = 8. This allows us to refine the known classification of planar functions up to isotopism, and to provide an updated, partial classification up to isotopism over finite fields of order 3^n for n ≤ 8.Masteroppgave i informatikkINF399MAMN-INFMAMN-PRO
Towards a deeper understanding of APN functions and related longstanding problems
This dissertation is dedicated to the properties, construction and analysis of APN and AB functions. Being cryptographically optimal, these functions lack any general structure or patterns, which makes their study very challenging. Despite intense work since at least the early 90's, many important questions and conjectures in the area remain open. We present several new results, many of which are directly related to important longstanding open problems; we resolve some of these problems, and make significant progress towards the resolution of others.
More concretely, our research concerns the following open problems: i) the maximum algebraic degree of an APN function, and the Hamming distance between APN functions (open since 1998); ii) the classification of APN and AB functions up to CCZ-equivalence (an ongoing problem since the introduction of APN functions, and one of the main directions of research in the area); iii) the extension of the APN binomial over into an infinite family (open since 2006); iv) the Walsh spectrum of the Dobbertin function (open since 2001); v) the existence of monomial APN functions CCZ-inequivalent to ones from the known families (open since 2001); vi) the problem of efficiently and reliably testing EA- and CCZ-equivalence (ongoing, and open since the introduction of APN functions).
In the course of investigating these problems, we obtain i.a. the following results: 1) a new infinite family of APN quadrinomials (which includes the binomial over ); 2) two new invariants, one under EA-equivalence, and one under CCZ-equivalence; 3) an efficient and easily parallelizable algorithm for computationally testing EA-equivalence; 4) an efficiently computable lower bound on the Hamming distance between a given APN function and any other APN function; 5) a classification of all quadratic APN polynomials with binary coefficients over for ; 6) a construction allowing the CCZ-equivalence class of one monomial APN function to be obtained from that of another; 7) a conjecture giving the exact form of the Walsh spectrum of the Dobbertin power functions; 8) a generalization of an infinite family of APN functions to a family of functions with a two-valued differential spectrum, and an example showing that this Gold-like behavior does not occur for infinite families of quadratic APN functions in general; 9) a new class of functions (the so-called partially APN functions) defined by relaxing the definition of the APN property, and several constructions and non-existence results related to them.Doktorgradsavhandlin
On self-equivalences of APN functions
In this thesis we investigate the structure of what we call extended linear self-equivalences for vectorial Boolean functions. That is, such that for some vectorial Boolean function F, where and are linear permutations and L is a linear function. We implement a parallel version of an algorithm for testing EA equivalence in the programming language Rust. This allows us to compare the performance of implementations in C and Rust for similar problems and to conclude that our Rust implementation is comparable in efficiency while being significantly easier to write and maintain. Using our implementation we calculate the self-equivalences for all known quadratic APN functions up to CCZ equivalence in dimensions 6, 8 and 10. We discover functions with trivial linear self-equivalence, but with nontrivial EL self-equivalences. Based on this we formulate a search procedure for obtaining new APN functions, which exploits extended linear self-equivalences in the same way that the search of Beierle et al. exploits linear self-equivalences. From the initial test runs of our new algorithm we discover that the search allows us to start from a given APN function and find APN functions CCZ-inequivalent to it. More interestingly we observe that the search can even find non-quadratic APN functions.Masteroppgave i informatikkINF399MAMN-PROGMAMN-IN
An efficient implementation of a test for EA-equivalence
We implement an algorithm for testing EA-equivalence between vectorial Boolean functions proposed by Kaleyski in the C programming language, and observe that it reduces the running time (as opposed to the original Magma implementation of the algorithm) necessary to decide equivalence up to 300 times in many cases. Our implementation also significantly reduces the memory usage, and makes it possible to run the algorithms for dimensions from 10 onwards, which was impossible using the original implementation due to its memory consumption. Our approach allows us to reconstruct the exact form of the equivalence and to prove that two given functions are equivalent (for comparison, computing invariants for the functions, which is the approach typically used in practice, only allows us to show that two functions are not equivalent). Furthermore, our approach works for functions of any algebraic degree, while most existing approaches (such as invariants and other algorithms for EA-equivalence) are restricted to the quadratic case. We then adapt Kaleyski’s algorithm to test for linear and affine equivalence instead of EA-equivalence. We supply an implementation in C of this procedure as well. As an application, we show how this method can be used to test quadratic APN functions for EA-equivalence through the linear equivalence of their orthoderivatives. We observe that by taking this approach, we can reduce the time necessary for deciding EA-equivalence up to 20 times (as compared with our efficient C implementation from the previous paragraph). The downside compared to Kaleyski’s original algorithm is that this faster method makes it difficult to recover the exact form of the EA-equivalence between the tested APN functions. We confirm this by running some computational experiments in dimension 6, and observing that only one out of all possible linear equivalences between the orthoderivatives corresponds to the EA-equivalence between the APN functions in question. To the best of our knowledge, this is the first investigation into the exact relationship between the EA-equivalence of quadratic APN functions and the affine equivalence of their orthoderivatives given in the literature.Masteroppgave i informatikkINF399MAMN-INFMAMN-PRO
Classification and computational search for planar functions in characteristic 3
Masteroppgave i informatikkINF399MAMN-PROGMAMN-IN
- …