457 research outputs found

    Hadamard Matrices, dd-Linearly Independent Sets and Correlation-Immune Boolean Functions with Minimum Hamming Weights

    Get PDF
    It is known that correlation-immune (CI) Boolean functions used in the framework of side channel attacks need to have low Hamming weights. In 2013, Bhasin et al. studied the minimum Hamming weight of dd-CI Boolean functions, and presented an open problem: the minimal weight of a dd-CI function in nn variables might not increase with nn. Very recently, Carlet and Chen proposed some constructions of low-weight CI functions, and gave a conjecture on the minimum Hamming weight of 33-CI functions in nn variables. In this paper, we determine the values of the minimum Hamming weights of dd-CI Boolean functions in nn variables for infinitely many nn\u27s and give a negative answer to the open problem proposed by Bhasin et al. We then present a method to construct minimum-weight 2-CI functions through Hadamard matrices, which can provide all minimum-weight 2-CI functions in 4k14k-1 variables. Furthermore, we prove that the Carlet-Chen conjecture is equivalent to the famous Hadamard conjecture. Most notably, we propose an efficient method to construct low-weight nn-variable CI functions through dd-linearly independent sets, which can provide numerous minimum-weight dd-CI functions. Particularly, we obtain some new values of the minimum Hamming weights of dd-CI functions in nn variables for n13n\leq 13. We conjecture that the functions constructed by us are of the minimum Hamming weights if the sets are of absolute maximum dd-linearly independent. If our conjecture holds, then all the values for n13n\leq 13 and most values for general nn are determined

    Simplicity conditions for binary orthogonal arrays

    Get PDF
    It is known that correlation-immune (CI) Boolean functions used in the framework of side-channel attacks need to have low Hamming weights. The supports of CI functions are (equivalently) simple orthogonal arrays when their elements are written as rows of an array. The minimum Hamming weight of a CI function is then the same as the minimum number of rows in a simple orthogonal array. In this paper, we use Rao's Bound to give a sufficient condition on the number of rows, for a binary orthogonal array (OA) to be simple. We apply this result for determining the minimum number of rows in all simple binary orthogonal arrays of strengths 2 and 3; we show that this minimum is the same in such case as for all OA, and we extend this observation to some OA of strengths 44 and 55. This allows us to reply positively, in the case of strengths 2 and 3, to a question raised by the first author and X. Chen on the monotonicity of the minimum Hamming weight of 2-CI Boolean functions, and to partially reply positively to the same question in the case of strengths 4 and 5

    Simplicity conditions for binary orthogonal arrays

    Get PDF
    It is known that correlation-immune (CI) Boolean functions used in the framework of side channel attacks need to have low Hamming weights. The supports of CI functions are (equivalently) simple orthogonal arrays, when their elements are written as rows of an array. The minimum Hamming weight of a CI function is then the same as the minimum number of rows in a simple orthogonal array. In this paper, we use Rao's Bound to give a sufficient condition on the number of rows, for a binary orthogonal array (OA) to be simple. We apply this result for determining the minimum number of rows in all simple binary orthogonal arrays of strengths 2 and 3; we show that this minimum is the same in such case as for all OA, and we extend this observation to some OA of strengths 4 and 5. This allows us to reply positively, in the case of strengths 2 and 3, to a question raised by the first author and X. Chen on the monotonicity of the minimum Hamming weight of 2-CI Boolean functions, and to partially reply positively to the same question in the case of strengths 4 and 5

    Boolean Dynamics with Random Couplings

    Full text link
    This paper reviews a class of generic dissipative dynamical systems called N-K models. In these models, the dynamics of N elements, defined as Boolean variables, develop step by step, clocked by a discrete time variable. Each of the N Boolean elements at a given time is given a value which depends upon K elements in the previous time step. We review the work of many authors on the behavior of the models, looking particularly at the structure and lengths of their cycles, the sizes of their basins of attraction, and the flow of information through the systems. In the limit of infinite N, there is a phase transition between a chaotic and an ordered phase, with a critical phase in between. We argue that the behavior of this system depends significantly on the topology of the network connections. If the elements are placed upon a lattice with dimension d, the system shows correlations related to the standard percolation or directed percolation phase transition on such a lattice. On the other hand, a very different behavior is seen in the Kauffman net in which all spins are equally likely to be coupled to a given spin. In this situation, coupling loops are mostly suppressed, and the behavior of the system is much more like that of a mean field theory. We also describe possible applications of the models to, for example, genetic networks, cell differentiation, evolution, democracy in social systems and neural networks.Comment: 69 pages, 16 figures, Submitted to Springer Applied Mathematical Sciences Serie

    A new class of codes for Boolean masking of cryptographic computations

    Full text link
    We introduce a new class of rate one-half binary codes: {\bf complementary information set codes.} A binary linear code of length 2n2n and dimension nn is called a complementary information set code (CIS code for short) if it has two disjoint information sets. This class of codes contains self-dual codes as a subclass. It is connected to graph correlation immune Boolean functions of use in the security of hardware implementations of cryptographic primitives. Such codes permit to improve the cost of masking cryptographic algorithms against side channel attacks. In this paper we investigate this new class of codes: we give optimal or best known CIS codes of length <132.<132. We derive general constructions based on cyclic codes and on double circulant codes. We derive a Varshamov-Gilbert bound for long CIS codes, and show that they can all be classified in small lengths 12\le 12 by the building up construction. Some nonlinear permutations are constructed by using Z4\Z_4-codes, based on the notion of dual distance of an unrestricted code.Comment: 19 pages. IEEE Trans. on Information Theory, to appea
    corecore