26 research outputs found

    Cyclic codes with few weights and Niho exponents

    Get PDF
    AbstractThis paper studies the values of the sums Sk(a)=∑x∈F2m(-1)Tr(xk+ax),a∈F2m,where Tr is the trace function on F2m, m=2t and gcd(2m-1,k)=1. We mainly prove that when k≡2j(mod2t-1), for some j, then Sk(a) takes at least four values when a runs through F2m. This result, and other derived properties, can be viewed in the study of weights of some cyclic codes and of crosscorrelation function of m-sequences

    Cryptanalysis of block ciphers and weight divisibility of some binary codes

    Get PDF
    International audienceThe resistance of an iterated block cipher to most classical attacks can be quantified by some properties of its round function. The involved parameters (nonlinearity, degrees of the derivatives...) for a function F from GF(2^m) into GF(2^m) are related to the weight distribution of a binary linear code C_F of length (2^m − 1) and dimension 2m. In particular, the weight divisibility of C_F appears as an important criterion in the context of linear cryptanalysis and of higher-order differential attacks. When the round function F is a power permutation over GF(2^m), the associated code C_F is the dual of a primitive cyclic code with two zeroes. Therefore, McEliece's theorem provides a powerful tool for evaluating the resistance of some block ciphers to linear and higherorder differential attacks

    On maximal period linear sequences and their crosscorrelation functions /

    Get PDF
    For an nth order linear recurring sequence over the finite field Fp. the largest possible period is pn --- 1. When such a sequence attains this upper bound as its period, it is called a maximal period linear sequence, or m-sequence in short. Interest in such sequences originated from applications. Indeed, there is an interaction between m-sequences, coding theory and cryptography via the relation with cyclic codes.Boolean functions, etc. One of the main goals is to construct a pair of binary m-sequences whose crosscorrelation takes few values, preferably with small magnitude. By a theorem of Helleseth. the crosscorrelation function takes at least three values.Hence, existence and construction of sequences with 3-valued crosscorrelation is of particular interest. This is also the main theme of our work. The aim of this thesis is to introduce foundational material on m-sequences, explain the relations with other topics mentioned above, and to present proofs of three conjectures on the existence/nonexistence of 3-valued crosscorrelation functions for binary m-sequences. These conjectures are due to Sarwate-Pursley, Helleseth and Welch and were proved by McGuire-Calderbank. Calderank-MeGnire-Poonen-Rubinstein and. Canteaut-Charpin-Dobbertin respectively

    The Weight Distributions of Cyclic Codes and Elliptic Curves

    Full text link
    Cyclic codes with two zeros and their dual codes as a practically and theoretically interesting class of linear codes, have been studied for many years. However, the weight distributions of cyclic codes are difficult to determine. From elliptic curves, this paper determines the weight distributions of dual codes of cyclic codes with two zeros for a few more cases

    Linear Codes from Some 2-Designs

    Full text link
    A classical method of constructing a linear code over \gf(q) with a tt-design is to use the incidence matrix of the tt-design as a generator matrix over \gf(q) of the code. This approach has been extensively investigated in the literature. In this paper, a different method of constructing linear codes using specific classes of 22-designs is studied, and linear codes with a few weights are obtained from almost difference sets, difference sets, and a type of 22-designs associated to semibent functions. Two families of the codes obtained in this paper are optimal. The linear codes presented in this paper have applications in secret sharing and authentication schemes, in addition to their applications in consumer electronics, communication and data storage systems. A coding-theory approach to the characterisation of highly nonlinear Boolean functions is presented

    On Two Fundamental Problems on APN Power Functions

    Get PDF
    The six infinite families of power APN functions are among the oldest known instances of APN functions, and it has been conjectured in 2000 that they exhaust all possible power APN functions. Another long-standing open problem is that of the Walsh spectrum of the Dobbertin power family, which is still unknown. Those of Kasami, Niho and Welch functions are known, but not the precise values of their Walsh transform, with rare exceptions. One promising approach that could lead to the resolution of these problems is to consider alternative representations of the functions in questions. We derive alternative representations for the infinite APN monomial families. We show how the Niho, Welch, and Dobbertin functions can be represented as the composition xi∘x1/j of two power functions, and prove that our representations are optimal, i.e. no two power functions of lesser algebraic degree can be used to represent the functions in this way. We investigate compositions xi∘L∘x1/j for a linear polynomial L , show how the Kasami functions in odd dimension can be expressed in this way with i=j being a Gold exponent and compute all APN functions of this form for n≤9 and for L with binary coefficients, thereby showing that our theoretical constructions exhaust all possible cases. We present observations and data on power functions with exponent ∑k−1i=122ni−1 which generalize the inverse and Dobbertin families. We present data on the Walsh spectrum of the Dobbertin function for n≤35 , and conjecture its exact form. As an application of our results, we determine the exact values of the Walsh transform of the Kasami function at all points of a special form. Computations performed for n≤21 show that these points cover about 2/3 of the field.acceptedVersio
    corecore