Fuzzy System Identification Based Upon a Novel Approach to Nonlinear Optimization

Fuzzy systems are often used to model the behavior of nonlinear dynamical systems in process control industries because the model is linguistic in nature, uses a natural-language rule set, and because they can be included in control laws that meet the design goals. However, because the rigorous study of fuzzy logic is relatively recent, there is a shortage of well-defined and understood mechanisms for the design of a fuzzy system. One of the greatest challenges in fuzzy modeling is to determine a suitable structure, parameters, and rules that minimize an appropriately chosen error between the fuzzy system, a mathematical model, and the target system. Numerous methods for establishing a suitable fuzzy system have been proposed, however, none are able to demonstrate the existence of a structure, parameters, or rule base that will minimize the error between the fuzzy and the target system. The piecewise linear approximator (PLA) is a mathematical construct that can be used to approximate an input-output data set with a series of connected line segments. The number of segments in the PLA is generally selected by the designer to meet a given error criteria. Increasing the number of segments will generally improve the approximation. If the location of the breakpoints between segments is known, it is a straightforward process to select the PLA parameters to minimize the error. However, if the location of the breakpoints is not known, a mechanism is required to determine their locations. While algorithms exist that will determine the location of the breakpoints, they do not minimize the error between data and the model. This work will develop theory that shows that an optimal solution to this nonlinear optimization problem exists and demonstrates how it can be applied to fuzzy modeling. This work also demonstrates that a fuzzy system restricted to a particular class of input membership functions, output membership functions, conjunction operator, and defuzzification technique is equivalent to a piecewise linear approximator (PLA). Furthermore, this work develops a new nonlinear optimization technique that minimizes the error between a PLA and an arbitrary one-dimensional set of input-output data and solves the optimal breakpoint problem. This nonlinear optimization technique minimizes the approximation error of several classes of nonlinear functions leading up to the generalized PLA. While direct application of this technique is computationally intensive, several paths are available for investigation that may ease this limitation. An algorithm is developed based on this optimization theory that is significantly more computationally tractable. Several potential applications of this work are discussed including the ability to model the nonlinear portions of Hammerstein and Wiener systems

Invariants for EA- and CCZ-equivalence of APN and AB functions

An (n,m)-function is a mapping from ${\mathbb {F}_{2}^{n}}$ to ${\mathbb {F}_{2}^{m}}$. Such functions have numerous applications across mathematics and computer science, and in particular are used as building blocks of block ciphers in symmetric cryptography. The classes of APN and AB functions have been identified as cryptographically optimal with respect to the resistance against two of the most powerful known cryptanalytic attacks, namely differential and linear cryptanalysis. The classes of APN and AB functions are directly related to optimal objects in many other branches of mathematics, and have been a subject of intense study since at least the early 90’s. Finding new constructions of these functions is hard; one of the most significant practical issues is that any tentatively new function must be proven inequivalent to all the known ones. Testing equivalence can be significantly simplified by computing invariants, i.e. properties that are preserved by the respective equivalence relation. In this paper, we survey the known invariants for CCZ- and EA-equivalence, with a particular focus on their utility in distinguishing between inequivalent instances of APN and AB functions. We evaluate each invariant with respect to how easy it is to implement in practice, how efficiently it can be calculated on a computer, and how well it can distinguish between distinct EA- and CCZ-equivalence classes.publishedVersio

Attacks Against Filter Generators Exploiting Monomial Mappings

International audienceFilter generators are vulnerable to several attacks which have led to well-known design criteria on the Boolean filtering function. However , Rønjom and Cid have observed that a change of the primitive root defining the LFSR leads to several equivalent generators. They usually offer different security levels since they involve filtering functions of the form F (x k) where k is coprime to (2 n − 1) and n denotes the LFSR length. It is proved here that this monomial equivalence does not affect the resistance of the generator against algebraic attacks, while it usually impacts the resistance to correlation attacks. Most importantly, a more efficient attack can often be mounted by considering non-bijective mono-mial mappings. In this setting, a divide-and-conquer strategy applies based on a search within a multiplicative subgroup of F * 2 n. Moreover, if the LFSR length n is not a prime, a fast correlation involving a shorter LFSR can be performed

Large substitution boxes with efficient combinational implementations

At a fundamental level, the security of symmetric key cryptosystems ties back to Claude Shannon\u27s properties of confusion and diffusion. Confusion can be defined as the complexity of the relationship between the secret key and ciphertext, and diffusion can be defined as the degree to which the influence of a single input plaintext bit is spread throughout the resulting ciphertext. In constructions of symmetric key cryptographic primitives, confusion and diffusion are commonly realized with the application of nonlinear and linear operations, respectively. The Substitution-Permutation Network design is one such popular construction adopted by the Advanced Encryption Standard, among other block ciphers, which employs substitution boxes, or S-boxes, for nonlinear behavior. As a result, much research has been devoted to improving the cryptographic strength and implementation efficiency of S-boxes so as to prohibit cryptanalysis attacks that exploit weak constructions and enable fast and area-efficient hardware implementations on a variety of platforms. To date, most published and standardized S-boxes are bijective functions on elements of 4 or 8 bits. In this work, we explore the cryptographic properties and implementations of 8 and 16 bit S-boxes. We study the strength of these S-boxes in the context of Boolean functions and investigate area-optimized combinational hardware implementations. We then present a variety of new 8 and 16 bit S-boxes that have ideal cryptographic properties and enable low-area combinational implementations

Implementing Symmetric Cryptography Using Sequence of Semi-Bent Functions

Symmetric cryptography is a cornerstone of everyday digital security, where two parties must share a common key to communicate. The most common primitives in symmetric cryptography are stream ciphers and block ciphers that guarantee confidentiality of communications and hash functions for integrity. Thus, for securing our everyday life communication, it is necessary to be convinced by the security level provided by all the symmetric-key cryptographic primitives. The most important part of a stream cipher is the key stream generator, which provides the overall security for stream ciphers. Nonlinear Boolean functions were preferred for a long time to construct the key stream generator. In order to resist several known attacks, many requirements have been proposed on the Boolean functions. Attacks against the cryptosystems have forced deep research on Boolean function to allow us a more secure encryption. In this work we describe all main requirements for constructing of cryptographically significant Boolean functions. Moreover, we provide a construction of Boolean functions (semi-bent Boolean functions) which can be used in the construction of orthogonal variable spreading factor codes used in code division multiple access (CDMA) systems as well as in certain cryptographic applications

D.STVL.7 - Algebraic cryptanalysis of symmetric primitives

The recent development of algebraic attacks can be considered an important breakthrough in the analysis of symmetric primitives; these are powerful techniques that apply to both block and stream ciphers (and potentially hash functions). The basic principle of these techniques goes back to Shannon's work: they consist in expressing the whole cryptographic algorithm as a large system of multivariate algebraic equations (typically over F2), which can be solved to recover the secret key. Efficient algorithms for solving such algebraic systems are therefore the essential ingredients of algebraic attacks. Algebraic cryptanalysis against symmetric primitives has recently received much attention from the cryptographic community, particularly after it was proposed against some LFSR- based stream ciphers and against the AES and Serpent block ciphers. This is currently a very active area of research. In this report we discuss the basic principles of algebraic cryptanalysis of stream ciphers and block ciphers, and review the latest developments in the field. We give an overview of the construction of such attacks against both types of primitives, and recall the main algorithms for solving algebraic systems. Finally we discuss future research directions

On the complexity of nonlinear mixed-integer optimization

This is a survey on the computational complexity of nonlinear mixed-integer optimization. It highlights a selection of important topics, ranging from incomputability results that arise from number theory and logic, to recently obtained fully polynomial time approximation schemes in fixed dimension, and to strongly polynomial-time algorithms for special cases.Comment: 26 pages, 5 figures; to appear in: Mixed-Integer Nonlinear Optimization, IMA Volumes, Springer-Verla