Pub Date : 2024-09-18DOI: 10.1007/s10623-024-01492-w
Nicola Durante, Giovanni Giuseppe Grimaldi, Giovanni Longobardi
By using the notion of a d-embedding (Gamma ) of a (canonical) subgeometry (Sigma ) and of exterior sets with respect to the h-secant variety (Omega _{h}({mathcal {A}})) of a subset ({mathcal {A}}), ( 0 le h le n-1), in the finite projective space ({textrm{PG}}(n-1,q^n)), (n ge 3), in this article we construct a class of non-linear (n, n, q; d)-MRD codes for any ( 2 le d le n-1). A code of this class ({mathcal {C}}_{sigma ,T}), where (1in T subseteq {mathbb {F}}_q^*) and (sigma ) is a generator of (textrm{Gal}({mathbb {F}}_{q^n}|{mathbb {F}}_q)), arises from a cone of ({textrm{PG}}(n-1,q^n)) with vertex an ((n-d-2))-dimensional subspace over a maximum exterior set ({mathcal {E}}) with respect to (Omega _{d-2}(Gamma )). We prove that the codes introduced in Cossidente et al (Des Codes Cryptogr 79:597–609, 2016), Donati and Durante (Des Codes Cryptogr 86:1175–1184, 2018), Durante and Siciliano (Electron J Comb, 2017) are suitable punctured ones of ({mathcal {C}}_{sigma ,T}) and we solve completely the inequivalence issue for this class showing that ({mathcal {C}}_{sigma ,T}) is neither equivalent nor adjointly equivalent to the non-linear MRD codes ({mathcal {C}}_{n,k,sigma ,I}), (I subseteq {mathbb {F}}_q), obtained in Otal and Özbudak (Finite Fields Appl 50:293–303, 2018).
通过使用一个(典型的)子几何的d嵌入的概念,以及关于一个子集({mathcal {A}})的h-等差数列的外部集合的概念,在有限投影空间({textrm{PG}}(n-1,q^n))中,({textrm{PG}}(n-1,q^n)),({textrm{PG}}(n-1,q^n)),({textrm{PG}}(n-1,q^n))、( 0 le h le n-1), in the finite projective space ({textrm{PG}}(n-1,q^n)), (n ge 3), in this article we construct a class of non-linear (n, n, q. d)-MRD编码;d) -MRD 代码。这一类的代码是 ({mathcal {C}}_{sigma ,T}), 其中 (1in T subseteq {mathbb {F}_q^*) 和 (sigma ) 是 (textrm{Gal}({mathbb {F}}_{q^n}|{mathbb {F}_q))的生成器、)的一个锥体,其顶点是一个关于 (Omega _{d-2}(Gamma )) 的最大外部集合 ({mathcal {E}}) 的 ((n-d-2))维子空间。我们证明了 Cossidente et al (Des Codes Cryptogr 79:597-609, 2016), Donati and Durante (Des Codes Cryptogr 86:1175-1184, 2018)、Durante 和 Siciliano(Electron J Comb, 2017)都是 ({mathcal {C}}_{sigma ,T})的合适点阵,我们完全解决了这一类的不等价性问题,表明 ({mathcal {C}}_{sigma 、T}) 与 Otal 和 Özbudak (Finite Fields Appl 50. 293-303, 2018) 中得到的非线性 MRD 代码 ({mathcal {C}}_{n,k,sigma ,I}), (I subseteq {mathbb {F}}_q) 既不等价也不邻接等价:293-303, 2018).
{"title":"Non-linear MRD codes from cones over exterior sets","authors":"Nicola Durante, Giovanni Giuseppe Grimaldi, Giovanni Longobardi","doi":"10.1007/s10623-024-01492-w","DOIUrl":"https://doi.org/10.1007/s10623-024-01492-w","url":null,"abstract":"<p>By using the notion of a <i>d</i>-embedding <span>(Gamma )</span> of a (canonical) subgeometry <span>(Sigma )</span> and of exterior sets with respect to the <i>h</i>-secant variety <span>(Omega _{h}({mathcal {A}}))</span> of a subset <span>({mathcal {A}})</span>, <span>( 0 le h le n-1)</span>, in the finite projective space <span>({textrm{PG}}(n-1,q^n))</span>, <span>(n ge 3)</span>, in this article we construct a class of non-linear (<i>n</i>, <i>n</i>, <i>q</i>; <i>d</i>)-MRD codes for any <span>( 2 le d le n-1)</span>. A code of this class <span>({mathcal {C}}_{sigma ,T})</span>, where <span>(1in T subseteq {mathbb {F}}_q^*)</span> and <span>(sigma )</span> is a generator of <span>(textrm{Gal}({mathbb {F}}_{q^n}|{mathbb {F}}_q))</span>, arises from a cone of <span>({textrm{PG}}(n-1,q^n))</span> with vertex an <span>((n-d-2))</span>-dimensional subspace over a maximum exterior set <span>({mathcal {E}})</span> with respect to <span>(Omega _{d-2}(Gamma ))</span>. We prove that the codes introduced in Cossidente et al (Des Codes Cryptogr 79:597–609, 2016), Donati and Durante (Des Codes Cryptogr 86:1175–1184, 2018), Durante and Siciliano (Electron J Comb, 2017) are suitable punctured ones of <span>({mathcal {C}}_{sigma ,T})</span> and we solve completely the inequivalence issue for this class showing that <span>({mathcal {C}}_{sigma ,T})</span> is neither equivalent nor adjointly equivalent to the non-linear MRD codes <span>({mathcal {C}}_{n,k,sigma ,I})</span>, <span>(I subseteq {mathbb {F}}_q)</span>, obtained in Otal and Özbudak (Finite Fields Appl 50:293–303, 2018).</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142245509","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-18DOI: 10.1007/s10623-024-01487-7
Lilya Budaghyan, Mohit Pal
Recently, many cryptographic primitives such as homomorphic encryption (HE), multi-party computation (MPC) and zero-knowledge (ZK) protocols have been proposed in the literature which operate on the prime field ({mathbb {F}}_p) for some large prime p. Primitives that are designed using such operations are called arithmetization-oriented primitives. As the concept of arithmetization-oriented primitives is new, a rigorous cryptanalysis of such primitives is yet to be done. In this paper, we investigate arithmetization-oriented APN functions. More precisely, we investigate APN permutations in the CCZ-classes of known families of APN power functions over the prime field ({mathbb {F}}_p). Moreover, we present a class of binomial permutation having differential uniformity at most 5 defined via the quadratic character over finite fields of odd characteristic. Computationally it is confirmed that the latter family contains new APN permutations for some small parameters. We conjecture it to contain an infinite subfamily of APN permutations.
{"title":"Arithmetization-oriented APN permutations","authors":"Lilya Budaghyan, Mohit Pal","doi":"10.1007/s10623-024-01487-7","DOIUrl":"https://doi.org/10.1007/s10623-024-01487-7","url":null,"abstract":"<p>Recently, many cryptographic primitives such as homomorphic encryption (HE), multi-party computation (MPC) and zero-knowledge (ZK) protocols have been proposed in the literature which operate on the prime field <span>({mathbb {F}}_p)</span> for some large prime <i>p</i>. Primitives that are designed using such operations are called <i>arithmetization-oriented</i> primitives. As the concept of arithmetization-oriented primitives is new, a rigorous cryptanalysis of such primitives is yet to be done. In this paper, we investigate arithmetization-oriented APN functions. More precisely, we investigate APN permutations in the CCZ-classes of known families of APN power functions over the prime field <span>({mathbb {F}}_p)</span>. Moreover, we present a class of binomial permutation having differential uniformity at most 5 defined via the quadratic character over finite fields of odd characteristic. Computationally it is confirmed that the latter family contains new APN permutations for some small parameters. We conjecture it to contain an infinite subfamily of APN permutations.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142236229","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-17DOI: 10.1007/s10623-024-01489-5
Jozefien D’haeseleer, Ferdinand Ihringer, Kai-Uwe Schmidt
We investigate what we call generalized ovoids, that is families of totally isotropic subspaces of finite classical polar spaces such that each maximal totally isotropic subspace contains precisely one member of that family. This is a generalization of ovoids in polar spaces as well as the natural q-analog of a subcube partition of the hypercube (which can be seen as a polar space with (q=1)). Our main result proves that a generalized ovoid of k-spaces in polar spaces of large rank does not exist.
{"title":"A common generalization of hypercube partitions and ovoids in polar spaces","authors":"Jozefien D’haeseleer, Ferdinand Ihringer, Kai-Uwe Schmidt","doi":"10.1007/s10623-024-01489-5","DOIUrl":"https://doi.org/10.1007/s10623-024-01489-5","url":null,"abstract":"<p>We investigate what we call generalized ovoids, that is families of totally isotropic subspaces of finite classical polar spaces such that each maximal totally isotropic subspace contains precisely one member of that family. This is a generalization of ovoids in polar spaces as well as the natural <i>q</i>-analog of a subcube partition of the hypercube (which can be seen as a polar space with <span>(q=1)</span>). Our main result proves that a generalized ovoid of <i>k</i>-spaces in polar spaces of large rank does not exist.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142235131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-17DOI: 10.1007/s10623-024-01485-9
Sascha Kurz
We consider the problem of error correction in a network where the errors can occur only on a proper subset of the network edges. For a generalization of the so-called Diamond Network we consider lower and upper bounds for the network’s (1-shot) capacity for fixed alphabet sizes.
{"title":"Capacity of an infinite family of networks related to the diamond network for fixed alphabet sizes","authors":"Sascha Kurz","doi":"10.1007/s10623-024-01485-9","DOIUrl":"https://doi.org/10.1007/s10623-024-01485-9","url":null,"abstract":"<p>We consider the problem of error correction in a network where the errors can occur only on a proper subset of the network edges. For a generalization of the so-called Diamond Network we consider lower and upper bounds for the network’s (1-shot) capacity for fixed alphabet sizes.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142235129","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-17DOI: 10.1007/s10623-024-01491-x
Michael Kiermaier, Kai-Uwe Schmidt, Alfred Wassermann
Combinatorial designs have been studied for nearly 200 years. 50 years ago, Cameron, Delsarte, and Ray-Chaudhury started investigating their q-analogs, also known as subspace designs or designs over finite fields. Designs can be defined analogously in finite classical polar spaces, too. The definition includes the m-regular systems from projective geometry as the special case where the blocks are generators of the polar space. The first nontrivial such designs for (t > 1) were found by De Bruyn and Vanhove in 2012, and some more designs appeared recently in the PhD thesis of Lansdown. In this article, we investigate the theory of classical and subspace designs for applicability to designs in polar spaces, explicitly allowing arbitrary block dimensions. In this way, we obtain divisibility conditions on the parameters, derived and residual designs, intersection numbers and an analog of Fisher’s inequality. We classify the parameters of symmetric designs. Furthermore, we conduct a computer search to construct designs of strength (t=2), resulting in designs for more than 140 previously unknown parameter sets in various classical polar spaces over (mathbb {F}_2) and (mathbb {F}_3).
{"title":"Designs in finite classical polar spaces","authors":"Michael Kiermaier, Kai-Uwe Schmidt, Alfred Wassermann","doi":"10.1007/s10623-024-01491-x","DOIUrl":"https://doi.org/10.1007/s10623-024-01491-x","url":null,"abstract":"<p>Combinatorial designs have been studied for nearly 200 years. 50 years ago, Cameron, Delsarte, and Ray-Chaudhury started investigating their <i>q</i>-analogs, also known as subspace designs or designs over finite fields. Designs can be defined analogously in finite classical polar spaces, too. The definition includes the <i>m</i>-regular systems from projective geometry as the special case where the blocks are generators of the polar space. The first nontrivial such designs for <span>(t > 1)</span> were found by De Bruyn and Vanhove in 2012, and some more designs appeared recently in the PhD thesis of Lansdown. In this article, we investigate the theory of classical and subspace designs for applicability to designs in polar spaces, explicitly allowing arbitrary block dimensions. In this way, we obtain divisibility conditions on the parameters, derived and residual designs, intersection numbers and an analog of Fisher’s inequality. We classify the parameters of symmetric designs. Furthermore, we conduct a computer search to construct designs of strength <span>(t=2)</span>, resulting in designs for more than 140 previously unknown parameter sets in various classical polar spaces over <span>(mathbb {F}_2)</span> and <span>(mathbb {F}_3)</span>.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142235130","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-03DOI: 10.1007/s10623-024-01483-x
Yiwen Gao, Yuan Li, Haibin Kan
Complex orthogonal designs (CODs) have been used to construct space-time block codes. Its real analog, real orthogonal designs, or equivalently, sum of squares composition formula, have a long history in mathematics. Driven by some practical considerations, Adams et al. (IEEE Trans Info Theory, 57(4):2254–2262, 2011) introduced the definition of balanced complex orthogonal designs (BCODs). The code rate of BCODs is 1/2, and their minimum decoding delay is proven to be (2^m), where 2m is the number of columns. We prove, when the number of columns is fixed, all (indecomposable) balanced complex orthogonal designs (BCODs) have the same parameters ([2^m, 2m, 2^{m-1}]), and moreover, they are all equivalent.
复正交设计(COD)已被用于构建时空块编码。它的实际类似物--实正交设计,或等价于平方和组成公式,在数学中有着悠久的历史。出于一些实际考虑,亚当斯等人(IEEE Trans Info Theory, 57(4):2254-2262, 2011)提出了平衡复正交设计(BCODs)的定义。BCODs 的码率是 1/2 ,其最小解码延迟被证明为 (2^m),其中 2m 是列数。我们证明,当列数固定时,所有(不可分解的)平衡复正交设计(BCODs)具有相同的参数([2^m, 2m, 2^{m-1}]),而且,它们都是等价的。
{"title":"On the uniqueness of balanced complex orthogonal design","authors":"Yiwen Gao, Yuan Li, Haibin Kan","doi":"10.1007/s10623-024-01483-x","DOIUrl":"https://doi.org/10.1007/s10623-024-01483-x","url":null,"abstract":"<p><i>Complex orthogonal designs</i> (CODs) have been used to construct <i>space-time block codes</i>. Its real analog, real orthogonal designs, or equivalently, sum of squares composition formula, have a long history in mathematics. Driven by some practical considerations, Adams et al. (IEEE Trans Info Theory, 57(4):2254–2262, 2011) introduced the definition of <i>balanced complex orthogonal designs</i> (BCODs). The code rate of BCODs is 1/2, and their minimum decoding delay is proven to be <span>(2^m)</span>, where 2<i>m</i> is the number of columns. We prove, when the number of columns is fixed, all (indecomposable) balanced complex orthogonal designs (BCODs) have the same parameters <span>([2^m, 2m, 2^{m-1}])</span>, and moreover, they are all equivalent.\u0000</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142123905","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-03DOI: 10.1007/s10623-024-01484-w
Zoltán Füredi, Alexandr Kostochka, Mohit Kumbhat
A (v, k, t) packing of size b is a system of b subsets (blocks) of a v-element underlying set such that each block has k elements and every t-set is contained in at most one block. P(v, k, t) stands for the maximum possible b. A packing is called abundant if (b> v). We give new estimates for P(v, k, t) around the critical range, slightly improving the Johnson bound and asymptotically determine the minimum (v=v_0(k,t)) when abundant packings exist. For a graph G and a positive integer c, let (chi _ell (G,c)) be the minimum value of k such that one can properly color the vertices of G from any assignment of lists L(v) such that (|L(v)|=k) for all (vin V(G)) and (|L(u)cap L(v)|le c) for all (uvin E(G)). Kratochvíl, Tuza and Voigt in 1998 asked to determine (lim _{nrightarrow infty } chi _ell (K_n,c)/sqrt{cn}) (if it exists). Using our bound on (v_0(k,t)), we prove that the limit exists and equals 1. Given c, we find the exact value of (chi _ell (K_n,c)) for infinitely many n.
大小为 b 的(v,k,t)集合是由 v 元素底层集合的 b 个子集(块)组成的系统,每个块有 k 个元素,且每个 t 集最多包含在一个块中。P(v,k,t)代表最大可能的 b。如果 (b>v),则称一个包装为丰富包装。我们给出了临界范围附近 P(v,k,t)的新估计值,略微改进了约翰逊界值,并渐进地确定了丰度包装存在时的最小值 (v=v_0(k,t))。对于一个图 G 和一个正整数 c,让 (chi _ell (G,c)) 是 k 的最小值,这样人们就可以从列表 L(v) 的任何赋值中给 G 的顶点正确着色,从而对于所有 (vin V(G)) 都可以(|L(v)|=k),对于所有 (uvin E(G)) 都可以(|L(u)cap L(v)|le c) 。Kratochvíl、Tuza 和 Voigt 在 1998 年要求确定 (lim _{nrightarrow infty }.(K_n,c)/sqrt{cn}) (如果存在的话)。利用我们对 (v_0(k,t))的约束,我们可以证明这个极限存在并且等于 1。给定 c,我们可以找到无限多 n 时 (chi _ell (K_n,c)) 的精确值。
{"title":"Minimal abundant packings and choosability with separation","authors":"Zoltán Füredi, Alexandr Kostochka, Mohit Kumbhat","doi":"10.1007/s10623-024-01484-w","DOIUrl":"https://doi.org/10.1007/s10623-024-01484-w","url":null,"abstract":"<p>A (<i>v</i>, <i>k</i>, <i>t</i>) packing of size <i>b</i> is a system of <i>b</i> subsets (blocks) of a <i>v</i>-element underlying set such that each block has <i>k</i> elements and every <i>t</i>-set is contained in at most one block. <i>P</i>(<i>v</i>, <i>k</i>, <i>t</i>) stands for the maximum possible <i>b</i>. A packing is called <i>abundant</i> if <span>(b> v)</span>. We give new estimates for <i>P</i>(<i>v</i>, <i>k</i>, <i>t</i>) around the critical range, slightly improving the Johnson bound and asymptotically determine the minimum <span>(v=v_0(k,t))</span> when <i>abundant</i> packings exist. For a graph <i>G</i> and a positive integer <i>c</i>, let <span>(chi _ell (G,c))</span> be the minimum value of <i>k</i> such that one can properly color the vertices of <i>G</i> from any assignment of lists <i>L</i>(<i>v</i>) such that <span>(|L(v)|=k)</span> for all <span>(vin V(G))</span> and <span>(|L(u)cap L(v)|le c)</span> for all <span>(uvin E(G))</span>. Kratochvíl, Tuza and Voigt in 1998 asked to determine <span>(lim _{nrightarrow infty } chi _ell (K_n,c)/sqrt{cn})</span> (if it exists). Using our bound on <span>(v_0(k,t))</span>, we prove that the limit exists and equals 1. Given <i>c</i>, we find the exact value of <span>(chi _ell (K_n,c))</span> for infinitely many <i>n</i>.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142123908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-01DOI: 10.1007/s10623-024-01472-0
Simon Masson, Antonio Sanso, Zhenfei Zhang
In this paper, we introduce Bandersnatch, a new elliptic curve built over the BLS12-381 scalar field. The curve is equipped with an efficient endomorphism, allowing a fast scalar multiplication algorithm. Our benchmark shows that the multiplication is 42% faster, 21% reduction in terms of circuit size in the form of rank 1 constraint systems (R1CS), and 10% reduction in terms of Plonk circuit, compared to another curve, called Jubjub, having similar properties. Many zero-knowledge proof systems that rely on the Jubjub curve can benefit from our result.
{"title":"Bandersnatch: a fast elliptic curve built over the BLS12-381 scalar field","authors":"Simon Masson, Antonio Sanso, Zhenfei Zhang","doi":"10.1007/s10623-024-01472-0","DOIUrl":"https://doi.org/10.1007/s10623-024-01472-0","url":null,"abstract":"<p>In this paper, we introduce Bandersnatch, a new elliptic curve built over the BLS12-381 scalar field. The curve is equipped with an efficient endomorphism, allowing a fast scalar multiplication algorithm. Our benchmark shows that the multiplication is 42% faster, 21% reduction in terms of circuit size in the form of rank 1 constraint systems (R1CS), and 10% reduction in terms of Plonk circuit, compared to another curve, called Jubjub, having similar properties. Many zero-knowledge proof systems that rely on the Jubjub curve can benefit from our result.\u0000</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142100951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-01DOI: 10.1007/s10623-024-01482-y
Daniel J. Katz, Miriam E. Ramirez
Sequences with low aperiodic autocorrelation are used in communications and remote sensing for synchronization and ranging. The autocorrelation demerit factor of a sequence is the sum of the squared magnitudes of its autocorrelation values at every nonzero shift when we normalize the sequence to have unit Euclidean length. The merit factor, introduced by Golay, is the reciprocal of the demerit factor. We consider the uniform probability measure on the (2^ell ) binary sequences of length (ell ) and investigate the distribution of the demerit factors of these sequences. Sarwate and Jedwab have respectively calculated the mean and variance of this distribution. We develop new combinatorial techniques to calculate the pth central moment of the demerit factor for binary sequences of length (ell ). These techniques prove that for (pge 2) and (ell ge 4), all the central moments are strictly positive. For any given p, one may use the technique to obtain an exact formula for the pth central moment of the demerit factor as a function of the length (ell ). Jedwab’s formula for variance is confirmed by our technique with a short calculation, and we go beyond previous results by also deriving an exact formula for the skewness. A computer-assisted application of our method also obtains exact formulas for the kurtosis, which we report here, as well as the fifth central moment.
在通信和遥感领域,具有低非周期自相关性的序列可用于同步和测距。当我们将序列归一化为单位欧几里得长度时,序列的自相关扣减因子是其自相关值在每次非零位移时的平方大小之和。戈莱提出的优点因子是缺点因子的倒数。我们考虑了长度为 (2^ell )的二进制序列上的均匀概率度量,并研究了这些序列的扣分因子的分布。Sarwate 和 Jedwab 分别计算了这一分布的均值和方差。我们开发了新的组合技术来计算长度为 (ell )的二进制序列的扣分因子的第 pth 中心矩。这些技术证明,对于(pge 2)和(ell ge 4),所有的中心矩都是严格为正的。对于任何给定的 p,我们都可以用这种技术得到扣分因素的第 p 个中心矩作为长度 (ell ) 的函数的精确公式。杰德瓦布的方差公式在我们的技术中通过简短的计算得到了证实,我们还推导出了偏度的精确公式,从而超越了之前的结果。通过计算机辅助应用我们的方法,还可以得到峰度的精确公式(我们在此报告)以及第五中心矩。
{"title":"Moments of autocorrelation demerit factors of binary sequences","authors":"Daniel J. Katz, Miriam E. Ramirez","doi":"10.1007/s10623-024-01482-y","DOIUrl":"https://doi.org/10.1007/s10623-024-01482-y","url":null,"abstract":"<p>Sequences with low aperiodic autocorrelation are used in communications and remote sensing for synchronization and ranging. The autocorrelation demerit factor of a sequence is the sum of the squared magnitudes of its autocorrelation values at every nonzero shift when we normalize the sequence to have unit Euclidean length. The merit factor, introduced by Golay, is the reciprocal of the demerit factor. We consider the uniform probability measure on the <span>(2^ell )</span> binary sequences of length <span>(ell )</span> and investigate the distribution of the demerit factors of these sequences. Sarwate and Jedwab have respectively calculated the mean and variance of this distribution. We develop new combinatorial techniques to calculate the <i>p</i>th central moment of the demerit factor for binary sequences of length <span>(ell )</span>. These techniques prove that for <span>(pge 2)</span> and <span>(ell ge 4)</span>, all the central moments are strictly positive. For any given <i>p</i>, one may use the technique to obtain an exact formula for the <i>p</i>th central moment of the demerit factor as a function of the length <span>(ell )</span>. Jedwab’s formula for variance is confirmed by our technique with a short calculation, and we go beyond previous results by also deriving an exact formula for the skewness. A computer-assisted application of our method also obtains exact formulas for the kurtosis, which we report here, as well as the fifth central moment.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142100952","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-01DOI: 10.1007/s10623-024-01481-z
Alexander Barg, Ohad Elishco, Ryan Gabrys, Geyang Wang, Eitan Yaakobi
A storage code is an assignment of symbols to the vertices of a connected graph G(V, E) with the property that the value of each vertex is a function of the values of its neighbors, or more generally, of a certain neighborhood of the vertex in G. In this work we introduce a new construction method of storage codes, enabling one to construct new codes from known ones via an interleaving procedure driven by resolvable designs. We also study storage codes on ({mathbb Z}) and ({mathbb Z}^2) (lines and grids), finding closed-form expressions for the capacity of several one and two-dimensional systems depending on their recovery set, using connections between storage codes, graphs, anticodes, and difference-avoiding sets.
存储代码是对连通图 G(V,E)顶点的符号赋值,其特性是每个顶点的值都是其邻域值的函数,或者更广泛地说,是顶点在 G 中的某个邻域值的函数。在这项工作中,我们引入了一种新的存储代码构造方法,通过可解析设计驱动的交织程序,人们可以从已知代码中构造出新的代码。我们还研究了({mathbb Z})和({mathbb Z}^2)(线和网格)上的存储编码,利用存储编码、图、反编码和避差集之间的联系,找到了几种一维和二维系统容量的闭式表达式,这取决于它们的恢复集。
{"title":"Storage codes and recoverable systems on lines and grids","authors":"Alexander Barg, Ohad Elishco, Ryan Gabrys, Geyang Wang, Eitan Yaakobi","doi":"10.1007/s10623-024-01481-z","DOIUrl":"https://doi.org/10.1007/s10623-024-01481-z","url":null,"abstract":"<p>A storage code is an assignment of symbols to the vertices of a connected graph <i>G</i>(<i>V</i>, <i>E</i>) with the property that the value of each vertex is a function of the values of its neighbors, or more generally, of a certain neighborhood of the vertex in <i>G</i>. In this work we introduce a new construction method of storage codes, enabling one to construct new codes from known ones via an interleaving procedure driven by resolvable designs. We also study storage codes on <span>({mathbb Z})</span> and <span>({mathbb Z}^2)</span> (lines and grids), finding closed-form expressions for the capacity of several one and two-dimensional systems depending on their recovery set, using connections between storage codes, graphs, anticodes, and difference-avoiding sets.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142100950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}