Authors:Chunming Tang; Yanfeng Qi; Zhengchun Zhou; Cuiling Fan Pages: 197 - 208 Abstract: Abstract In the literature, few n-variable rotation symmetric bent functions have been constructed. In this paper, we present two infinite classes of rotation symmetric bent functions on \({\mathbb {F}}_2^{n}\) of the two forms: \(f(x)=\sum _{i=0}^{m-1}x_ix_{i+m} + {\upgamma }(x_0+x_m,\ldots , x_{m-1}+x_{2m-1})\) , \(f_t(x)= \sum _{i=0}^{n-1}(x_ix_{i+t}x_{i+m} +x_{i}x_{i+t})+ \sum _{i=0}^{m-1}x_ix_{i+m}+ {\upgamma }(x_0+x_m,\ldots , x_{m-1}+x_{2m-1})\) , where \(n=2m\) , \({\upgamma }(X_0,X_1,\ldots , X_{m-1})\) is any rotation symmetric polynomial, and \(m/\textit{gcd}(m,t)\) is odd. The class (i) of rotation symmetric bent functions has algebraic degree ranging from 2 to m and the other class (ii) has algebraic degree ranging from 3 to m. Moreover, the two classes of rotation symmetric bent functions are disjoint. PubDate: 2018-06-01 DOI: 10.1007/s00200-017-0337-8 Issue No:Vol. 29, No. 3 (2018)

Authors:Can Xiang; Xianfang Wang; Chunming Tang; Fangwei Fu Pages: 209 - 225 Abstract: Abstract Linear codes have been an interesting topic in both theory and practice for many years. In this paper, two classes of linear codes over the finite field \({\mathrm {GF}}(p)\) are presented and their weight distributions are also determined, where p is an odd prime. Some of the linear codes obtained are optimal or almost optimal in the sense that their parameters meet certain bound on linear codes. PubDate: 2018-06-01 DOI: 10.1007/s00200-017-0338-7 Issue No:Vol. 29, No. 3 (2018)

Authors:J. D. Key; B. G. Rodrigues Pages: 227 - 244 Abstract: Abstract It is shown how LCD codes with a particularly useful feature can be found from row spans over finite fields of adjacency matrices of graphs by considering these together with the codes from the associated reflexive graphs and complementary graphs. Application is made to some particular classes, including uniform subset graphs and strongly regular graphs where, if a p-ary code from a graph has this special LCD feature, the dimension can be found from the multiplicities modulo p of the eigenvalues of an adjacency matrix and, bounds on the minimum weight of the code and the dual code follow from the valency of the graph. PubDate: 2018-06-01 DOI: 10.1007/s00200-017-0339-6 Issue No:Vol. 29, No. 3 (2018)

Authors:Omar Akchiche; Omar Khadir Pages: 245 - 259 Abstract: Abstract We address the problem of factoring a large RSA modulus \(N=pq\) with p and q sharing a portion of bits in the middle. New polynomial time algorithms for computing the prime decomposition of N under certain conditions are presented. As an application, several attacks against RSA system using this class of moduli with low public exponent are described. Our results suggest that such integers are not appropriate for cryptographic purposes. PubDate: 2018-06-01 DOI: 10.1007/s00200-017-0340-0 Issue No:Vol. 29, No. 3 (2018)

Authors:Dae-Woong Lee Pages: 261 - 282 Abstract: Abstract In this paper, we study the digital Hopf groups and the digital Hopf functions between digital Hopf spaces with digital multiplications, and construct a near-ring structure on the set of all pointed digital homotopy classes of digital Hopf functions between pointed digital Hopf groups. We also investigate a near-ring homomorphism between near-rings based on the pointed digital Hopf groups to find a new method of how to give answers to the original problems or how to get a new information out of old ones more effectively. PubDate: 2018-06-01 DOI: 10.1007/s00200-017-0341-z Issue No:Vol. 29, No. 3 (2018)

Authors:Yang Zhang Pages: 103 - 112 Abstract: Abstract An extension of Bergman’s ring (Israel J Math 18:257–277, 1974) was introduced by Climent et al. (Appl Algebra Eng Commun Comput 23:347–361, 2014). For this ring called \(E_p^{(m)}\) , they established that only a negligible fraction of elements are invertible, and then proposed a key exchange protocol based on this property. Shortly afterwards, they constructed another key agreement protocol for multicast over this ring (WIT Trans Inf Commun Technol 45:13–24, 2013). In this paper, we introduce a polynomial-time attack to these two protocols without using invertible elements. PubDate: 2018-03-01 DOI: 10.1007/s00200-017-0332-0 Issue No:Vol. 29, No. 2 (2018)

Authors:Sylvain Duquesne; Nadia El Mrabet; Safia Haloui; Franck Rondepierre Pages: 113 - 147 Abstract: Abstract Because pairings have many applications, many hardware and software pairing implementations can be found in the literature. However, the parameters generally used have been invalidated by the recent results on the discrete logarithm problem over pairing friendly elliptic curves (Kim and Barbulescu in CRYPTO 2016, volume 9814 of lecture notes in computer science, Springer, Berlin, pp 543–571, 2016). New parameters must be generated to insure enough security in pairing based protocols. More generally it could be useful to generate nice pairing parameters in many real-world applications (specific security level, resistance to specific attacks on a protocol, database of curves). The main purpose of this paper is to describe explicitly and exhaustively what should be done to generate the best possible parameters and to make the best choices depending on the implementation context (in terms of pairing algorithm, ways to build the tower field, \(\mathbb {F}_{p^{12}}\) arithmetic, groups involved and their generators, system of coordinates). We focus on low level implementations, assuming that \(\mathbb {F}_p\) additions have a significant cost compared to other \(\mathbb {F}_p\) operations. However, our results are still valid if \(\mathbb {F}_p\) additions can be neglected. We also explain why the best choice for the polynomials defining the tower field \(\mathbb {F}_{p^{12}}\) is only dependent on the value of the BN parameter u mod small integers (like 12 for instance) as a nice application of old elementary arithmetic results. This should allow a faster generation of this parameter. Moreover, we use this opportunity to give some new slight improvements on \(\mathbb {F}_{p^{12}}\) arithmetic (in a pairing context). PubDate: 2018-03-01 DOI: 10.1007/s00200-017-0334-y Issue No:Vol. 29, No. 2 (2018)

Authors:Deepa Sinha; Deepakshi Sharma Pages: 149 - 167 Abstract: Abstract In this paper, we generalize the iterated local transitivity (ILT) model for online social networks for signed networks. Signed networks focus on the type of relations (friendship or enmity) between the vertices (members of online social networks). The ILT model for signed networks provide an insight into how networks react to the addition of clone vertex. In this model, at each time step t and for already existing vertex x, a new vertex (clone) \(x'\) is added which joins to x and neighbors of x. The sign of new edge \(yx', \ y \in N[x]\) neighborhood of x is defined by calculating the number of positive and negative neighbors of x. We also discuss properties such as balance and clusterability, sign-compatibility and C-sign-compatibility. PubDate: 2018-03-01 DOI: 10.1007/s00200-017-0333-z Issue No:Vol. 29, No. 2 (2018)

Authors:Yoshinori Aono; Manindra Agrawal; Takakazu Satoh; Osamu Watanabe Pages: 169 - 195 Abstract: Abstract We investigate a method for finding small integer solutions of a univariate modular equation, that was introduced by Coppersmith (Proceedings of Eurocrypt 1996, LNCS, vol 1070, pp 155–165, 1996) and extended by May (New RSA vulnerabilities using lattice reduction methods, Ph.D. thesis, University of Paderborn, 2003). We will refer this method as the Coppersmith technique. This paper provides a way to analyze a general limitations of the lattice construction for the Coppersmith technique. Our analysis upper bounds the possible range of U that is asymptotically equal to the bound given by the original result of Coppersmith and May. This means that they have already given the best lattice construction. In addition, we investigate the optimality for the bivariate equation to solve the small inverse problem, which was inspired by Kunihiro’s (LNCS 7483:55–69, 2012) argument. In particular, we show the optimality for the Boneh–Durfee’s equation (Proceedings of Eurocrypt 1999, LNCS, vol 1592, pp 389–401, 1999) used for RSA cryptoanalysis, To show our results, we establish framework for the technique by following the relation of Howgrave-Graham (Proceedings of cryptography and coding, LNCS, vol 1355, pp 131–142, 1997), and then concretely define the conditions in which the technique succeed and fails. We then provide a way to analyze the range of U that satisfies these conditions. Technically, we show that the original result of Coppersmith achieves the optimal bound for U when constructing a lattice in the standard way. We then provide evidence which indicates that constructing a non-standard lattice is generally difficult. PubDate: 2018-03-01 DOI: 10.1007/s00200-017-0336-9 Issue No:Vol. 29, No. 2 (2018)

Authors:Fei Li; Yang Yan; Qiuyan Wang; Tongjiang Yan Abstract: Abstract In the past decades, linear codes with a few weights have been extensively studied for their applications in space communication, data storage and cryptography etc. We construct several classes of binary linear codes and determine their weight distributions. Most of these codes can be used in secret sharing schemes. PubDate: 2018-05-29 DOI: 10.1007/s00200-018-0361-3

Authors:Xiaoqiang Wang; Dabin Zheng; Hongwei Liu Abstract: Abstract In this paper, several classes of two-weight or three-weight linear codes over \( {{\mathbb {F}}}_p\) from quadratic or non-quadratic functions are constructed and their weight distributions are determined. From the constructed codes, we obtain some optimal linear codes with respect to the Singleton bound and the Griesmer bound. These two- or three-weight linear codes may have applications in secret sharing, authentication codes, association schemes and strongly regular graphs. PubDate: 2018-05-24 DOI: 10.1007/s00200-018-0359-x

Authors:Krzysztof Ziemiański Abstract: Abstract Let K be an arbitrary semi-cubical set that can be embedded in a standard cube. Using Discrete Morse Theory, we construct a CW-complex that is homotopy equivalent to the space \(\vec {P}(K)_v^w\) of directed paths between two given vertices v, w of K. In many cases, this construction is minimal: the cells of the constructed CW-complex are in 1–1 correspondence with the generators of the homology of \(\vec {P}(K)_v^w\) . PubDate: 2018-05-23 DOI: 10.1007/s00200-018-0360-4

Authors:Joris van der Hoeven Abstract: Abstract In this paper, we will present several algorithms for computing with D-algebraic power series. Such power series are specified by one or more algebraic differential equations and a sufficient number of initial conditions. The emphasis is not on the efficient computation of coefficients of such power series (various techniques are known for that), but rather on the ability to decide whether expressions involving D-algebraic power series are zero. We will both consider univariate and multivariate series and, besides the usual ring operations and differentiation, we will also consider composition, implicitly determined power series and monomial transformations. PubDate: 2018-05-03 DOI: 10.1007/s00200-018-0358-y

Authors:Shanding Xu; Xiwang Cao; Guangkui Xu; Chunming Tang Abstract: Abstract Direct-sequence spread spectrum and frequency-hopping (FH) spread spectrum are two main spread-coding technologies. Frequency-hopping sequences (FHSs) achieving the well-known Lempel–Greenberger bound play an important part in FH code-division multiple-access systems. Our objective is to construct more FHSs with new parameters attaining the above bound. In this paper, two classes of FHSs are proposed by means of two partitions of \({{\mathbb {Z}}_{v}}\) , where v is an odd positive integer. It is shown that all the constructed FHSs are optimal with respect to the Lempel–Greenberger bound. By choosing appropriate injective functions, infinitely many optimal FHSs can be recursively obtained. Above all, these FHSs have new parameters which are not covered in the former literature. PubDate: 2018-04-13 DOI: 10.1007/s00200-018-0356-0

Authors:Yanfeng Qi; Chunming Tang; Dongmei Huang Abstract: Abstract This paper considers two classes of p-ary functions studied by Li et al. (IEEE Trans Inf Theory 59(3):1818–1831, 2013). The first class of p-ary functions is of the form $$\begin{aligned} f(x)=Tr^n_1\left( a x^{l(q-1)}+b x^{\left( l+\frac{q+1}{2}\right) (q-1)}\right) +\epsilon x^{\frac{q^2-1}{2}}. \end{aligned}$$ Another class of p-ary functions is of the form $$\begin{aligned} f(x)={\left\{ \begin{array}{ll} \sum ^{q-1}_{i=0} Tr^n_1(a x^{(ri+s)(q-1)})+\epsilon x^{\frac{q^2-1}{2}},&{} x\ne 0,\\ f(0),&{} x=0. \end{array}\right. } \end{aligned}$$ We generalize Li et al.’s results, give necessary conditions for two classes of bent functions, and present more explicit characterization of these regular bent functions for different cases. PubDate: 2018-04-07 DOI: 10.1007/s00200-018-0357-z

Authors:J. Wolfmann Abstract: Abstract We introduce a construction of binary 3-weight codes and near-bent functions from 2-weight projective codes. PubDate: 2018-04-04 DOI: 10.1007/s00200-018-0354-2

Authors:Fei Li Abstract: Abstract Firstly, we give a formula on the generalized Hamming weights of linear codes constructed generically by defining sets. Secondly, by choosing properly the defining set we obtain a class of cyclotomic linear codes and then present two alternative formulas for calculating their generalized Hamming weights. Lastly, we determine their weight distributions and generalized Hamming weights partially. Especially, we solve the generalized Hamming weights completely in one case. PubDate: 2018-04-02 DOI: 10.1007/s00200-018-0355-1

Authors:Yanping Wang; Zhengbang Zha; Weiguo Zhang Abstract: Abstract Permutation trinomials over finite fields are of great interest for their simple algebraic forms and important applications in many areas of mathematics and engineering. In this paper, six new classes of permutation trinomials over \(\mathbb {F}_{3^{3k}}\) are presented based on the multivariate method. Their permutation properties are proved by using the resultant elimination method. PubDate: 2018-03-20 DOI: 10.1007/s00200-018-0353-3

Authors:Yuan Cao; Yonglin Cao; Fang-Wei Fu Abstract: Abstract Let m, e be positive integers, p a prime number, \(\mathbb {F}_{p^m}\) be a finite field of \(p^m\) elements and \(R=\mathbb {F}_{p^m}[u]/\langle u^e\rangle \) which is a finite chain ring. For any \(\omega \in R^\times \) and positive integers k, n satisfying \(\mathrm{gcd}(p,n)=1\) , we prove that any \((1+\omega u)\) -constacyclic code of length \(p^kn\) over R is monomially equivalent to a matrix-product code of a nested sequence of \(p^k\) cyclic codes with length n over R and a \(p^k\times p^k\) matrix \(A_{p^k}\) over \(\mathbb {F}_p\) . Using the matrix-product structures, we give an iterative construction of every \((1+\omega u)\) -constacyclic code by \((1+\omega u)\) -constacyclic codes of shorter lengths over R. PubDate: 2018-03-06 DOI: 10.1007/s00200-018-0352-4

Authors:Francis N. Castro; Luis A. Medina; Pantelimon Stănică Abstract: Abstract Exponential sums of symmetric Boolean functions are linear recurrent with integer coefficients. This was first established by Cai, Green and Thierauf in the mid nineties. Consequences of this result has been used to study the asymptotic behavior of symmetric Boolean functions. Recently, Cusick extended it to rotation symmetric Boolean functions, which are functions with good cryptographic properties. In this article, we put all these results in the general context of Walsh transforms and some of its generalizations (nega–Hadamard transform, for example). Precisely, we show that Walsh transforms, for which exponential sums are just an instance, of symmetric and rotation symmetric Boolean functions satisfy linear recurrences with integer coefficients. We also provide a closed formula for the Walsh transform and nega–Hadamard transform of any symmetric Boolean functions. Moreover, using the techniques presented in this work, we show that some families of rotation symmetric Boolean functions are not bent when the number of variables is sufficiently large and provide asymptotic evidence to a conjecture of Stănică and Maitra. PubDate: 2018-02-20 DOI: 10.1007/s00200-018-0351-5