Authors:Qiuyan Wang; Kelan Ding; Dongdai Lin; Rui Xue Pages: 315 - 322 Abstract: Abstract Recently, linear codes with few weights have been constructed through defining sets. Results show that some optimal codes can be obtained if the defining sets were well chosen. In this paper, we investigate the linear codes constructed from the absolute trace function. It is shown that the constructed codes are binary linear codes with three weights. The dual codes of the proposed linear codes are also studied and proved to be optimal or almost optimal. PubDate: 2017-05-01 DOI: 10.1007/s12095-015-0180-3 Issue No:Vol. 9, No. 3 (2017)

Authors:Ziling Heng; Qin Yue Pages: 323 - 343 Abstract: Abstract Complete weight distribution can be used to study authentication codes and the Walsh transform of monomial functions over finite fields. Also, the Hamming weight distribution of a code can be obtained from its complete weight distribution. In this paper, we investigate the complete weight distributions of two classes of cyclic codes. We explicitly present the complete weight enumerators of the cyclic codes. Particularly, we partly solve an open problem proposed in Luo and Feng (IEEE Trans. Inf. Theory 54(12), 5345–5353 (2008)). PubDate: 2017-05-01 DOI: 10.1007/s12095-015-0177-y Issue No:Vol. 9, No. 3 (2017)

Authors:Jian Liu; Sihem Mesnager; Lusheng Chen Pages: 345 - 361 Abstract: Abstract For multi-output Boolean functions (also called S-boxes), various measures of nonlinearity have been widely discussed in the literature but many problems are left open in this topic. The purpose of this paper is to present a new approach to estimating the nonlinearity of S-boxes. A more fine-grained view on the notion of nonlinearity of S-boxes is presented and new connections to some linear codes are established. More precisely, we mainly study the nonlinearity indicator (denoted by \(\mathcal {N}_{\mathrm {v}}\) ) for S-boxes from a coding theory point of view. Such a cryptographic parameter \(\mathcal {N}_{\mathrm {v}}\) is more related to best affine approximation attacks on stream ciphers. We establish a direct link between \(\mathcal {N}_{\mathrm {v}}\) and the minimum distance of the corresponding linear code. We exploit that connection to derive the first general lower bounds on \(\mathcal {N}_{\mathrm {v}}\) of non-affine functions from \(\mathbb {F}_{2^{n}}\) to \(\mathbb {F}_{2^{m}}\) for m dividing n. Furthermore, we show that \(\mathcal {N}_{\mathrm {v}}\) can be determined directly by the weight distribution of the corresponding linear code. PubDate: 2017-05-01 DOI: 10.1007/s12095-015-0176-z Issue No:Vol. 9, No. 3 (2017)

Authors:Jie Peng; Chik How Tan Pages: 363 - 378 Abstract: Abstract Permutations over \(\mathbb {F}_{2^{2k}}\) with low differential uniformity, high algebraic degree and high nonlinearity are of great cryptographic importance since they can be chosen as the substitution boxes (S-boxes) for many block ciphers with SPN (Substitution Permutation Network) structure. A well known example is that the S-box of the famous Advanced Encryption Standard (AES) is derived from the inverse function on \(\mathbb {F}_{2^{8}}\) , which has been proved to be a differentially 4-uniform permutation with the optimal algebraic degree and known best nonlinearity. Recently, Zha et al. proposed two constructions of differentially 4-uniform permutations over \(\mathbb {F}_{2^{2k}}\) , say G t and G s, t with T r(s −1) = 1, by applying affine transformations to the inverse function on some subfields of \(\mathbb {F}_{2^{2k}}\) (Zha et al. Finite Fields Appl. 25, 64–78, 2014). In this paper, we generalize their method by applying other types of EA (extended affine) equivalent transformations to the inverse function on some subfields of \(\mathbb {F}_{2^{2k}}\) and present two new constructions of differentially 4-uniform permutations, say F α and F β, α with T r(β −1) = 1. Furthermore, we prove that all the functions G t with different t are CCZ (Carlet-Charpin-Zinoviev) equivalent to our subclass F 0, while all the functions G s, t with different t are CCZ-equivalent to our subclass F s,0. In addition, both our two constructions give many new CCZ-inequivalent classes of such functions, as checked by computer in small numbers of variables. Moreover, all these newly constructed permutations are proved to have the optimal algebraic degree and high nonlinearity. PubDate: 2017-05-01 DOI: 10.1007/s12095-016-0181-x Issue No:Vol. 9, No. 3 (2017)

Authors:M. Esmaeili; M. Moosavi; T. A. Gulliver Pages: 379 - 396 Abstract: Abstract A new class of matrices is introduced for use in error control coding. This extends previous results on the class of Fibonacci error correcting codes. For a given integer p, a (p+1)×(p+1) binary matrix M p is given whose nonzero entries are located either on the superdiagonal or the last row of the matrix. The matrices \({M^{n}_{p}}\) and \(M^{-n}_{p}\) , the nth power of M p and its inverse, are employed as the encoding and decoding matrices, respectively. It is shown that for sufficiently large n, independent of the message matrix M, relations exist among the elements of the encoded matrix \(E=M\times {M_{p}^{n}}\) . These relations play a key role in the error detection and correction. PubDate: 2017-05-01 DOI: 10.1007/s12095-015-0178-x Issue No:Vol. 9, No. 3 (2017)

Authors:Minquan Cheng; Jing Jiang; Xiaohu Tang Pages: 397 - 405 Abstract: Abstract Multimedia fingerprinting is an effective technique to trace the sources of pirate copies of copyrighted multimedia information. Separable codes can be used to construct fingerprints resistant to the averaging collusion attack on multimedia contents. In this paper, we first show an equivalent condition of a \(\overline {2}\) -SC (4,M,q), and then construct two infinite families of \(\overline {2}\) -SCs of length 4, one of which is asymptotically optimal. PubDate: 2017-05-01 DOI: 10.1007/s12095-016-0182-9 Issue No:Vol. 9, No. 3 (2017)

Authors:Miao Liang; Lijun Ji; Jingcai Zhang Pages: 407 - 430 Abstract: Abstract Optimal restricted strong partially balanced t-design can be used to construct splitting authentication codes which achieve combinatorial lower bounds or information-theoretic lower bounds. In this paper, we investigate the existence of optimal restricted strong partially balanced 2-designs ORSPBD (v, k×c,1), and show that there exists an ORSPBD (v,2×c,1) for any positive integer v≡ v 0 (mod 2c 2) and \(v_{0}\in \{1\leq x\leq 2c^{2}:\ \gcd (x,c)=1\ \text {or} \ \gcd (x,c)=c \} \setminus \) \(\{c^{2}+1\leq x\leq (c+1)^{2} :\gcd (x,c)=1\ \text {and}\ \gcd (x,2)=2\}\) . Furthermore, we determine the existence of an ORSPBD (v,k×c,1) for any integer v≥k c with (k,c)=(2,4), (2,5), (3,2) or for any even integer v≥k c with (k,c)=(4,2). As their applications, we obtain six new infinite classes of 2-fold optimal or perfect c-splitting authentication codes. PubDate: 2017-05-01 DOI: 10.1007/s12095-015-0179-9 Issue No:Vol. 9, No. 3 (2017)

Abstract: Abstract The linear complexity is a measure for the unpredictability of a sequence over a finite field and thus for its suitability in cryptography. In 2012, Diem introduced a new figure of merit for cryptographic sequences called expansion complexity. We study the relationship between linear complexity and expansion complexity. In particular, we show that for purely periodic sequences both figures of merit provide essentially the same quality test for a sufficiently long part of the sequence. However, if we study shorter parts of the period or nonperiodic sequences, then we can show, roughly speaking, that the expansion complexity provides a stronger test. We demonstrate this by analyzing a sequence of binomial coefficients modulo p. Finally, we establish a probabilistic result on the behavior of the expansion complexity of random sequences over a finite field. PubDate: 2017-07-01

Abstract: Abstract Let \(n_{1}=df+1\) and \(n_{2}=df^{\prime }+1\) be two distinct odd primes with positive integers \(d,\ f,\ f^{\prime }\) and \(\gcd (f,f^{\prime })=1\) . In this paper, we compute the linear complexity and the minimal polynomial of the two-prime Whiteman’s generalized cyclotomic sequence of order \(d=6\) over \(\text {GF}(q)\) , where \(q=p^{m}\) and p is an odd prime and m is an integer. We employ this sequence of order 6 to construct several classes of cyclic codes over \(\text {GF}(q)\) with length \(n_{1}n_{2}\) . We also obtain lower bounds on the minimum distance of these cyclic codes. PubDate: 2017-07-01

Abstract: Abstract Differential Fault Attack (DFA) considers injection of faults and the most general set-up should take care of faults at random location and random time. Then one should be able to identify the exact location as well as the exact timing of the fault (including the multi bit ones) with the help of fault signatures. In this paper we solve the problem of DFA under a general frame-work, introducing the idea of probabilistic signatures. The method considers the Maximum Likelihood approach related to probability distributions. Our techniques subsume all the existing DFAs against the Grain family, MICKEY 2.0 and Trivium. In the process we provide improved fault attacks for all the versions of Grain family and also for MICKEY 2.0. Our generalized method successfully takes care of the cases where certain parts of the keystream bits are missing (this situation may arise for authentication purpose). In particular, we show that the unsolved problem of identifying the faults in random time for Grain 128a can be solved in this manner. Moreover, for MICKEY 2.0, our method not only provides improvement in fault identification probability but also reduces the required faults by 60 %, compared to the best known result. PubDate: 2017-07-01

Abstract: Abstract We define a family of quaternary sequences over the residue class ring modulo 4 of length pq, a product of two distinct odd primes, using the generalized cyclotomic classes modulo pq and calculate the discrete Fourier transform (DFT) of the sequences. The DFT helps us to determine the exact values of linear complexity and the trace representation of the sequences. PubDate: 2017-07-01

Abstract: Abstract In quasi-synchronous frequency-hopping multiple-access systems where relative delays are restricted within a certain correlation zone, low-hit-zone frequency-hopping sequences (LHZ-FHSs) are commonly employed to minimize multiple-access interferences. In this paper, we present two classes of optimal LHZ-FHS sets with respect to the Peng-Fan-Lee bound, which are obtained from an m-sequence and its decimated sequence, respectively. The parameters of these LHZ-FHS sets are new and flexible. PubDate: 2017-07-01

Abstract: Abstract Linear Feedback Shift Registers (LFSRs) and Feedback with Carry Shift Registers (FCSRs) are two pseudo-random generators which are widely used in many cryptographic applications. The Ring representation of them has been proposed using a matrix approach. In this paper, we show how to construct Ring LFSRs and Ring FCSRs with low diffusion delay (close to the expected value \(\sqrt {n}\) ) when considering other hardware cryptographic criteria. PubDate: 2017-07-01

Abstract: Abstract Let \(\mathcal {R}=\mathbb {F}_{p}+u\mathbb {F}_{p}+u^{2}\mathbb {F}_{p}+u^{3}\mathbb {F}_{p}\) with u 4 = u be a finite non-chain ring, where p is a prime congruent to 1 modulo 3. In this paper we study (1−2u 3)-constacyclic codes over the ring \(\mathcal {R}\) , their equivalence to cyclic codes and find their Gray images. To illustrate this, examples of (1−2u 3)-constacyclic codes of lengths 2 m for p = 7 and of lengths 3 m for p = 19 are given. We also discuss quadratic residue codes over the ring \(\mathcal {R}\) and their extensions. A Gray map from \(\mathcal {R}\) to \(\mathbb {F}_{p}^{4}\) is defined which preserves self duality and gives self-dual and formally self-dual codes over \(\mathbb {F}_{p}\) from extended quadratic residue codes. PubDate: 2017-07-01

Authors:Gaojun Luo; Xiwang Cao; Shanding Xu; Jiafu Mi Abstract: Abstract Linear codes with few weights have applications in secret sharing, authentication codes, association schemes, date storage systems, strongly regular graphs and some other fields. In this paper, we present several classes of binary linear codes with two or three weights and study their weight distributions. Two classes of strongly regular graphs are constructed from binary linear codes with two weights. Numerical results show that some of the obtained codes are either optimal or near optimal with respect to certain bounds on linear codes. PubDate: 2017-03-17 DOI: 10.1007/s12095-017-0220-2

Authors:Pan Tan; Zhengchun Zhou; Deng Tang; Tor Helleseth Abstract: Abstract Linear codes with few weights have applications in data storage systems, secret sharing schemes, and authentication codes. In this paper, a class of p-ary two-weight linear codes is constructed using a generic construction developed by Ding et al. recently, where p is a prime. Their length and weight distribution are closed-form expressions of Kloosterman sums over prime finite fields, and are completely determined when p = 2 and p = 3. The dual of this class of linear codes is also studied and is shown to be optimal or almost optimal in the binary case. PubDate: 2017-03-15 DOI: 10.1007/s12095-017-0221-1

Authors:Lin Sok; MinJia Shi; Patrick Solé Abstract: Abstract Quaternary self-dual bent functions are studied from the viewpoints of existence, construction, and symmetry. A search algorithm is described to classify their orbits under the orthogonal group in low dimensions. A connection with self-dual bent Boolean functions shows that they do not exist in odd number of variables. PubDate: 2017-03-14 DOI: 10.1007/s12095-017-0216-y

Authors:Zuling Chang; Martianus Frederic Ezerman; San Ling; Huaxiong Wang Abstract: Abstract We study a class of Linear Feedback Shift Registers (LFSRs) with characteristic polynomial f(x) = p(x)q(x) where p(x) and q(x) are distinct irreducible polynomials in ð”½2[x]. Important properties of the LFSRs, such as the cycle structure and the adjacency graph, are derived. A method to determine a state belonging to each cycle and a generic algorithm to find all conjugate pairs shared by any pair of cycles are given. The process explicitly determines the edges and their labels in the adjacency graph. The results are then combined with the cycle joining method to efficiently construct a new class of de Bruijn sequences. An estimate of the number of resulting sequences is given. In some cases, using cyclotomic numbers, we can determine the number exactly. PubDate: 2017-03-08 DOI: 10.1007/s12095-017-0219-8

Authors:Michael Scott Abstract: Abstract There are a variety of ways of applying the Karatsuba idea to multi-digit multiplication. These apply particularly well in the context where digits do not use the full word-length of the computer, so that partial products can be safely accumulated without fear of overflow. Here we re-visit the “arbitrary degree” version of Karatsuba and show that the cost of this little-known variant has been over-estimated in the past. We also attempt to definitively answer the question as to the cross-over point where Karatsuba performs better than the classic method. PubDate: 2017-03-07 DOI: 10.1007/s12095-017-0217-x

Authors:Brett Hemenway; Rafail Ostrovsky Abstract: Abstract Threshold secret sharing allows a dealer to share a secret among n players so that any coalition of t players learns nothing about the secret, but any t+1 players can reconstruct the secret in its entirety. Robust secret sharing (RSS) provides the additional guarantee that even if t malicious players mangle their shares, they cannot cause the honest players to reconstruct an incorrect secret. In this work, we construct a simple RSS protocol for \(t = \left ({ \frac {1}{2} - \epsilon }\right )n\) that achieves logarithmic overhead in terms of share size and simultaneously allows efficient reconstruction. Our shares size increases by an additive term of \(\mathcal {O}(\kappa + \log n)\) , and reconstruction succeeds except with probability at most 2−κ . Previous efficient RSS protocols like that of Rabin and Ben-Or (STOC ’89) and Cevallos et al. (Eurocrypt ’12) use MACs to allow each player to check the shares of each other player in the protocol. These checks provide robustness, but require significant overhead in share size. Our construction identifies the n players as nodes in an expander graph, each player only checks its neighbors in the expander graph. PubDate: 2017-03-07 DOI: 10.1007/s12095-017-0215-z