A classification of S-boxes generated by Orthogonal Cellular Automata

Most of the approaches published in the literature to construct S-boxes via Cellular Automata (CA) work by either iterating a finite CA for several time steps, or by a one-shot application of the global rule. The main characteristic that brings together these works is that they employ a single CA rule to define the vectorial Boolean function of the S-box. In this work, we explore a different direction for the design of S-boxes that leverages on Orthogonal CA (OCA), i.e. pairs of CA rules giving rise to orthogonal Latin squares. The motivation stands on the facts that an OCA pair already defines a bijective transformation, and moreover the orthogonality property of the resulting Latin squares ensures a minimum amount of diffusion. We exhaustively enumerate all S-boxes generated by OCA pairs of diameter $4 \le d \le 6$, and measure their nonlinearity. Interestingly, we observe that for $d=4$ and $d=5$ all S-boxes are linear, despite the underlying CA local rules being nonlinear. The smallest nonlinear S-boxes emerges for $d=6$, but their nonlinearity is still too low to be used in practice. Nonetheless, we unearth an interesting structure of linear OCA S-boxes, proving that their Linear Components Space (LCS) is itself the image of a linear CA, or equivalently a polynomial code. We finally classify all linear OCA S-boxes in terms of their generator polynomials

A classification of S-boxes generated by orthogonal cellular automata

Most of the approaches published in the literature to construct S-boxes via Cellular Automata (CA) work by either iterating a finite CA for several time steps, or by a one-shot application of the global rule. The main characteristic that brings together these works is that they employ a single CA rule to define the vectorial Boolean function of the S-box. In this work, we explore a different direction for the design of S-boxes that leverages on Orthogonal CA (OCA), i.e. pairs of CA rules giving rise to orthogonal Latin squares. The motivation stands on the facts that an OCA pair already defines a bijective transformation, and moreover the orthogonality property of the resulting Latin squares ensures a minimum amount of diffusion. We exhaustively enumerate all S-boxes generated by OCA pairs of diameter 4≤d≤6, and measure their nonlinearity. Interestingly, we observe that for d=4 and d=5 all S-boxes are linear, despite the underlying CA local rules being nonlinear. The smallest nonlinear S-boxes emerges for d=6, but their nonlinearity is still too low to be used in practice. Nonetheless, we unearth an interesting structure of linear OCA S-boxes, proving that their Linear Components Space is itself the image of a linear CA, or equivalently a polynomial code. We finally classify all linear OCA S-boxes in terms of their generator polynomials.</p

Code design and analysis for multiple access communications

This thesis explores various coding aspects of multiple access communications, mainly for spread spectrum multiaccess(SSMA) communications and collaborative coding multiaccess(CCMA) communications. Both the SSMA and CCMA techniques permit efficient simultaneous transmission by several users sharing a common channel, without subdivision in time or frequency. The general principle behind these two multiaccess schemes is that one can find sets of signals (codes) which can be combined together to form a composite signal; on reception, the individual signals in the set can each be recovered from the composite signal. For the CCMA scheme, the isolation between users is based on the code structure; for the SSMA scheme, on the other hand, the isolation between users is based on the autocorrelation functions(ACFs) and crosscorrelation functions (CCFs) of the code sequences. It is clear that, in either case, the code design is the key to the system design.For the CCMA system with a multiaccess binary adder channel, a class of superimposed codes is analyzed. It is proved that every constant weight code of weight w and maximal correlation λ corresponds to a subclass of disjunctive codes of order T 3, the out-of-phase ACFs and CCFs of the codes are constant and equal to √L. In addition, all codes of the same length are mutually orthogonal.2. Maximal length sequences (m-sequences) over Gaussian integers, suitable for use with QAM modulation, are considered. Two sub-classes of m-sequences with quasi-perfect periodic autocorrelations are obtained. The CCFs between the decimated m-sequences are studied. By applying a simple operation, it is shown that some m-sequences over rational and Gaussian integers can be transformed into perfect sequences with impulsive ACFs.3. Frank codes and Chu codes have perfect periodic ACFs and optimum periodic CCFs. In addition, it is shown that they also have very favourable nonperiodic ACFs; some new results concerning the behaviour of the nonperiodic ACFs are derived. Further, it is proved that the sets of combinedFrank/Chu codes, which contain a larger number of codes than either of the two constituent sets, also have very good periodic CCFs. Based on Frank codes and Chu codes, two interesting classes of real-valued codes with good correlation properties are defined. It is shown that these codes have periodic complementary properties and good periodic and nonperiodic ACF/CCFs.Finally, a hybrid CCMA/SSMA coding scheme is proposed. This new hybrid coding scheme provides a very flexible and powerful multiple accessing capability and allows simple and efficient decoding. Given an SSMA system with K users and a CCMA system with N users, where at most T users are active at any time, then the hybrid system will have K . N users with at most T.K users active at any time. The hybrid CCMA/SSMA coding scheme is superior to the individual CCMA system or SSMA system in terms of information rate, number of users, decoding complexity and external interference rejection capability

Code design and analysis for multiple access communications

This thesis explores various coding aspects of multiple access communications, mainly for spread spectrum multiaccess(SSMA) communications and collaborative coding multiaccess(CCMA) communications. Both the SSMA and CCMA techniques permit efficient simultaneous transmission by several users sharing a common channel, without subdivision in time or frequency. The general principle behind these two multiaccess schemes is that one can find sets of signals (codes) which can be combined together to form a composite signal; on reception, the individual signals in the set can each be recovered from the composite signal. For the CCMA scheme, the isolation between users is based on the code structure; for the SSMA scheme, on the other hand, the isolation between users is based on the autocorrelation functions(ACFs) and crosscorrelation functions (CCFs) of the code sequences. It is clear that, in either case, the code design is the key to the system design.For the CCMA system with a multiaccess binary adder channel, a class of superimposed codes is analyzed. It is proved that every constant weight code of weight w and maximal correlation λ corresponds to a subclass of disjunctive codes of order T 3, the out-of-phase ACFs and CCFs of the codes are constant and equal to √L. In addition, all codes of the same length are mutually orthogonal.2. Maximal length sequences (m-sequences) over Gaussian integers, suitable for use with QAM modulation, are considered. Two sub-classes of m-sequences with quasi-perfect periodic autocorrelations are obtained. The CCFs between the decimated m-sequences are studied. By applying a simple operation, it is shown that some m-sequences over rational and Gaussian integers can be transformed into perfect sequences with impulsive ACFs.3. Frank codes and Chu codes have perfect periodic ACFs and optimum periodic CCFs. In addition, it is shown that they also have very favourable nonperiodic ACFs; some new results concerning the behaviour of the nonperiodic ACFs are derived. Further, it is proved that the sets of combinedFrank/Chu codes, which contain a larger number of codes than either of the two constituent sets, also have very good periodic CCFs. Based on Frank codes and Chu codes, two interesting classes of real-valued codes with good correlation properties are defined. It is shown that these codes have periodic complementary properties and good periodic and nonperiodic ACF/CCFs.Finally, a hybrid CCMA/SSMA coding scheme is proposed. This new hybrid coding scheme provides a very flexible and powerful multiple accessing capability and allows simple and efficient decoding. Given an SSMA system with K users and a CCMA system with N users, where at most T users are active at any time, then the hybrid system will have K . N users with at most T.K users active at any time. The hybrid CCMA/SSMA coding scheme is superior to the individual CCMA system or SSMA system in terms of information rate, number of users, decoding complexity and external interference rejection capability

Design of sequences with good correlation properties

This thesis is dedicated to exploring sequences with good correlation properties. Periodic sequences with desirable correlation properties have numerous applications in communications. Ideally, one would like to have a set of sequences whose out-of-phase auto-correlation magnitudes and cross-correlation magnitudes are very small, preferably zero. However, theoretical bounds show that the maximum magnitudes of auto-correlation and cross-correlation of a sequence set are mutually constrained, i.e., if a set of sequences possesses good auto-correlation properties, then the cross-correlation properties are not good and vice versa. The design of sequence sets that achieve those theoretical bounds is therefore of great interest. In addition, instead of pursuing the least possible correlation values within an entire period, it is also interesting to investigate families of sequences with ideal correlation in a smaller zone around the origin. Such sequences are referred to as sequences with zero correlation zone or ZCZ sequences, which have been extensively studied due to their applications in 4G LTE and 5G NR systems, as well as quasi-synchronous code-division multiple-access communication systems. Paper I and a part of Paper II aim to construct sequence sets with low correlation within a whole period. Paper I presents a construction of sequence sets that meets the Sarwate bound. The construction builds a connection between generalised Frank sequences and combinatorial objects, circular Florentine arrays. The size of the sequence sets is determined by the existence of circular Florentine arrays of some order. Paper II further connects circular Florentine arrays to a unified construction of perfect polyphase sequences, which include generalised Frank sequences as a special case. The size of a sequence set that meets the Sarwate bound, depends on a divisor of the period of the employed sequences, as well as the existence of circular Florentine arrays. Paper III-VI and a part of Paper II are devoted to ZCZ sequences. Papers II and III propose infinite families of optimal ZCZ sequence sets with respect to some bound, which are used to eliminate interference within a single cell in a cellular network. Papers V, VI and a part of Paper II focus on constructions of multiple optimal ZCZ sequence sets with favorable inter-set cross-correlation, which can be used in multi-user communication environments to minimize inter-cell interference. In particular, Paper~II employs circular Florentine arrays and improves the number of the optimal ZCZ sequence sets with optimal inter-set cross-correlation property in some cases.Doktorgradsavhandlin

Design of tch-type sequences for communications

This thesis deals with the design of a class of cyclic codes inspired by TCH codewords. Since TCH codes are linked to finite fields the fundamental concepts and facts about abstract algebra, namely group theory and number theory, constitute the first part of the thesis. By exploring group geometric properties and identifying an equivalence between some operations on codes and the symmetries of the dihedral group we were able to simplify the generation of codewords thus saving on the necessary number of computations. Moreover, we also presented an algebraic method to obtain binary generalized TCH codewords of length N = 2k, k = 1,2, . . . , 16. By exploring Zech logarithm’s properties as well as a group theoretic isomorphism we developed a method that is both faster and less complex than what was proposed before. In addition, it is valid for all relevant cases relating the codeword length N and not only those resulting from N = p

Some Notes on Code-Based Cryptography

This thesis presents new cryptanalytic results in several areas of coding-based cryptography. In addition, we also investigate the possibility of using convolutional codes in code-based public-key cryptography. The first algorithm that we present is an information-set decoding algorithm, aiming towards the problem of decoding random linear codes. We apply the generalized birthday technique to information-set decoding, improving the computational complexity over previous approaches. Next, we present a new version of the McEliece public-key cryptosystem based on convolutional codes. The original construction uses Goppa codes, which is an algebraic code family admitting a well-defined code structure. In the two constructions proposed, large parts of randomly generated parity checks are used. By increasing the entropy of the generator matrix, this presumably makes structured attacks more difficult. Following this, we analyze a McEliece variant based on quasi-cylic MDPC codes. We show that when the underlying code construction has an even dimension, the system is susceptible to, what we call, a squaring attack. Our results show that the new squaring attack allows for great complexity improvements over previous attacks on this particular McEliece construction. Then, we introduce two new techniques for finding low-weight polynomial multiples. Firstly, we propose a general technique based on a reduction to the minimum-distance problem in coding, which increases the multiplicity of the low-weight codeword by extending the code. We use this algorithm to break some of the instances used by the TCHo cryptosystem. Secondly, we propose an algorithm for finding weight-4 polynomials. By using the generalized birthday technique in conjunction with increasing the multiplicity of the low-weight polynomial multiple, we obtain a much better complexity than previously known algorithms. Lastly, two new algorithms for the learning parities with noise (LPN) problem are proposed. The first one is a general algorithm, applicable to any instance of LPN. The algorithm performs favorably compared to previously known algorithms, breaking the 80-bit security of the widely used (512,1/8) instance. The second one focuses on LPN instances over a polynomial ring, when the generator polynomial is reducible. Using the algorithm, we break an 80-bit security instance of the Lapin cryptosystem

Error-Correction Coding and Decoding: Bounds, Codes, Decoders, Analysis and Applications

Coding; Communications; Engineering; Networks; Information Theory; Algorithm

Complexity measures for classes of sequences and cryptographic apllications

Pseudo-random sequences are a crucial component of cryptography, particularly in stream cipher design. In this thesis we will investigate several measures of randomness for certain classes of finitely generated sequences. We will present a heuristic algorithm for calculating the k-error linear complexity of a general sequence, of either finite or infinite length, and results on the closeness of the approximation generated. We will present an linear time algorithm for determining the linear complexity of a sequence whose characteristic polynomial is a power of an irreducible element, again presenting variations for both finite and infinite sequences. This algorithm allows the linear complexity of such sequences to be determined faster than was previously possible. Finally we investigate the stability of m-sequences, in terms of both k-error linear complexity and k-error period. We show that such sequences are inherently stable, but show that some are more stable than others