On unbalanced Boolean functions with best correlation immunity

It is known that the order of correlation immunity of a nonconstant unbalanced Boolean function in $n$ variables cannot exceed $2n/3-1$; moreover, it is $2n/3-1$ if and only if the function corresponds to an equitable $2$-partition of the $n$-cube with an eigenvalue $-n/3$ of the quotient matrix. The known series of such functions have proportion $1:3$, $3:5$, or $7:9$ of the number of ones and zeros. We prove that if a nonconstant unbalanced Boolean function attains the correlation-immunity bound and has ratio $C:B$ of the number of ones and zeros, then $CB$ is divisible by $3$. In particular, this proves the nonexistence of equitable partitions for an infinite series of putative quotient matrices. We also establish that there are exactly $2$ equivalence classes of the equitable partitions of the $12$-cube with quotient matrix $[[3,9],[7,5]]$ and $16$ classes, with $[[0,12],[4,8]]$. These parameters correspond to the Boolean functions in $12$ variables with correlation immunity $7$ and proportion $7:9$ and $1:3$, respectively (the case $3:5$ remains unsolved). This also implies the characterization of the orthogonal arrays OA$(1024,12,2,7)$ and OA$(512,11,2,6)$.Comment: v3: final; title changed; revised; OA(512,11,2,6) discusse

On Some Properties of Quadratic APN Functions of a Special Form

In a recent paper, it is shown that functions of the form $L_1(x^3)+L_2(x^9)$, where $L_1$ and $L_2$ are linear, are a good source for construction of new infinite families of APN functions. In the present work we study necessary and sufficient conditions for such functions to be APN

A new class of codes for Boolean masking of cryptographic computations

We introduce a new class of rate one-half binary codes: {\bf complementary information set codes.} A binary linear code of length $2n$ and dimension $n$ is called a complementary information set code (CIS code for short) if it has two disjoint information sets. This class of codes contains self-dual codes as a subclass. It is connected to graph correlation immune Boolean functions of use in the security of hardware implementations of cryptographic primitives. Such codes permit to improve the cost of masking cryptographic algorithms against side channel attacks. In this paper we investigate this new class of codes: we give optimal or best known CIS codes of length $<132.$ We derive general constructions based on cyclic codes and on double circulant codes. We derive a Varshamov-Gilbert bound for long CIS codes, and show that they can all be classified in small lengths $\le 12$ by the building up construction. Some nonlinear permutations are constructed by using $\Z_4$-codes, based on the notion of dual distance of an unrestricted code.Comment: 19 pages. IEEE Trans. on Information Theory, to appea

Higher-order CIS codes

We introduce {\bf complementary information set codes} of higher-order. A binary linear code of length $tk$ and dimension $k$ is called a complementary information set code of order $t$ ($t$-CIS code for short) if it has $t$ pairwise disjoint information sets. The duals of such codes permit to reduce the cost of masking cryptographic algorithms against side-channel attacks. As in the case of codes for error correction, given the length and the dimension of a $t$-CIS code, we look for the highest possible minimum distance. In this paper, this new class of codes is investigated. The existence of good long CIS codes of order $3$ is derived by a counting argument. General constructions based on cyclic and quasi-cyclic codes and on the building up construction are given. A formula similar to a mass formula is given. A classification of 3-CIS codes of length $\le 12$ is given. Nonlinear codes better than linear codes are derived by taking binary images of $\Z_4$-codes. A general algorithm based on Edmonds' basis packing algorithm from matroid theory is developed with the following property: given a binary linear code of rate $1/t$ it either provides $t$ disjoint information sets or proves that the code is not $t$-CIS. Using this algorithm, all optimal or best known $[tk, k]$ codes where $t=3, 4, \dots, 256$ and $1 \le k \le \lfloor 256/t \rfloor$ are shown to be $t$-CIS for all such $k$ and $t$, except for $t=3$ with $k=44$ and $t=4$ with $k=37$.Comment: 13 pages; 1 figur

Categorical invariance and structural complexity in human concept learning

An alternative account of human concept learning based on an invariance measure of the categorical\ud stimulus is proposed. The categorical invariance model (CIM) characterizes the degree of structural\ud complexity of a Boolean category as a function of its inherent degree of invariance and its cardinality or\ud size. To do this we introduce a mathematical framework based on the notion of a Boolean differential\ud operator on Boolean categories that generates the degrees of invariance (i.e., logical manifold) of the\ud category in respect to its dimensions. Using this framework, we propose that the structural complexity\ud of a Boolean category is indirectly proportional to its degree of categorical invariance and directly\ud proportional to its cardinality or size. Consequently, complexity and invariance notions are formally\ud unified to account for concept learning difficulty. Beyond developing the above unifying mathematical\ud framework, the CIM is significant in that: (1) it precisely predicts the key learning difficulty ordering of\ud the SHJ [Shepard, R. N., Hovland, C. L.,&Jenkins, H. M. (1961). Learning and memorization of classifications.\ud Psychological Monographs: General and Applied, 75(13), 1-42] Boolean category types consisting of three\ud binary dimensions and four positive examples; (2) it is, in general, a good quantitative predictor of the\ud degree of learning difficulty of a large class of categories (in particular, the 41 category types studied\ud by Feldman [Feldman, J. (2000). Minimization of Boolean complexity in human concept learning. Nature,\ud 407, 630-633]); (3) it is, in general, a good quantitative predictor of parity effects for this large class of\ud categories; (4) it does all of the above without free parameters; and (5) it is cognitively plausible (e.g.,\ud cognitively tractable)