Divisibility of Weil Sums of Binomials

Consider the Weil sum $W_{F,d}(u)=\sum_{x \in F} \psi(x^d+u x)$, where $F$ is a finite field of characteristic $p$, $\psi$ is the canonical additive character of $F$, $d$ is coprime to $|F^*|$, and $u \in F^*$. We say that $W_{F,d}(u)$ is three-valued when it assumes precisely three distinct values as $u$ runs through $F^*$: this is the minimum number of distinct values in the nondegenerate case, and three-valued $W_{F,d}$ are rare and desirable. When $W_{F,d}$ is three-valued, we give a lower bound on the $p$-adic valuation of the values. This enables us to prove the characteristic $3$ case of a 1976 conjecture of Helleseth: when $p=3$ and $[F:{\mathbb F}_3]$ is a power of $2$, we show that $W_{F,d}$ cannot be three-valued.Comment: 11 page

On maximal period linear sequences and their crosscorrelation functions /

For an nth order linear recurring sequence over the finite field Fp. the largest possible period is pn --- 1. When such a sequence attains this upper bound as its period, it is called a maximal period linear sequence, or m-sequence in short. Interest in such sequences originated from applications. Indeed, there is an interaction between m-sequences, coding theory and cryptography via the relation with cyclic codes.Boolean functions, etc. One of the main goals is to construct a pair of binary m-sequences whose crosscorrelation takes few values, preferably with small magnitude. By a theorem of Helleseth. the crosscorrelation function takes at least three values.Hence, existence and construction of sequences with 3-valued crosscorrelation is of particular interest. This is also the main theme of our work. The aim of this thesis is to introduce foundational material on m-sequences, explain the relations with other topics mentioned above, and to present proofs of three conjectures on the existence/nonexistence of 3-valued crosscorrelation functions for binary m-sequences. These conjectures are due to Sarwate-Pursley, Helleseth and Welch and were proved by McGuire-Calderbank. Calderank-MeGnire-Poonen-Rubinstein and. Canteaut-Charpin-Dobbertin respectively

Cyclic codes with few weights and Niho exponents

AbstractThis paper studies the values of the sums Sk(a)=∑x∈F2m(-1)Tr(xk+ax),a∈F2m,where Tr is the trace function on F2m, m=2t and gcd(2m-1,k)=1. We mainly prove that when k≡2j(mod2t-1), for some j, then Sk(a) takes at least four values when a runs through F2m. This result, and other derived properties, can be viewed in the study of weights of some cyclic codes and of crosscorrelation function of m-sequences

A number theoretic view on binary shift registers

We describe a number theoretic view on binary shift registers. We illustrate this approach on some basic shift registers by revisiting known and obtaining new results, which we prove using tools from basic number theory, including modular arithmetic.publishedVersio

Index tables of finite fields and modular golomb rulers

For a Galois field GF(2 n ) defined by a primitive element α with minimal polynomial f, the index table contains in row i the coordinates of α i in the polynomial basis α n − 1, α n − 2,…, α, 1. Each column i in this table equals the m-sequence with characteristic polynomial f, shifted cyclically by some offset h i . In this paper we show that the set of the n shifts h i contains large subsets which are modular Golomb rulers modulo 2 n  − 1 (i.e. all the differences are different). Let D be the set of integers j such that the coefficient of x j in f is non-zero. We prove that the set H D of shifts corresponding to columns j ∈ D can be partitioned into two subsets (the columns in the left half of the table and the ones in the right half) each of which is a modular Golomb ruler. Based on this result and on computational data, we conjecture that in fact the whole set H D is a modular Golomb ruler. We give a polynomial time algorithm for deciding if given a subset of column positions, the corresponding shifts are a modular Golomb ruler. These results are applied to filter generators used in the design of stream ciphers. Golić recommends that in order to withstand his inversion attack, one of the design requirements should be that the inputs of the non-linear filtering function are taken from positions of a Fibonacci LFSR which form a Golomb ruler. We propose using a Galois LFSR instead and selecting positions such that the corresponding shifts form a modular Golomb ruler. This would allow for a larger number of inputs to be selected (roughly n/2 rather than 2n − − √ ) while still satisfying Golić’s requirement