Pub Date : 2024-09-01DOI: 10.1007/s10623-024-01481-z
Alexander Barg, Ohad Elishco, Ryan Gabrys, Geyang Wang, Eitan Yaakobi
A storage code is an assignment of symbols to the vertices of a connected graph G(V, E) with the property that the value of each vertex is a function of the values of its neighbors, or more generally, of a certain neighborhood of the vertex in G. In this work we introduce a new construction method of storage codes, enabling one to construct new codes from known ones via an interleaving procedure driven by resolvable designs. We also study storage codes on ({mathbb Z}) and ({mathbb Z}^2) (lines and grids), finding closed-form expressions for the capacity of several one and two-dimensional systems depending on their recovery set, using connections between storage codes, graphs, anticodes, and difference-avoiding sets.
存储代码是对连通图 G(V,E)顶点的符号赋值,其特性是每个顶点的值都是其邻域值的函数,或者更广泛地说,是顶点在 G 中的某个邻域值的函数。在这项工作中,我们引入了一种新的存储代码构造方法,通过可解析设计驱动的交织程序,人们可以从已知代码中构造出新的代码。我们还研究了({mathbb Z})和({mathbb Z}^2)(线和网格)上的存储编码,利用存储编码、图、反编码和避差集之间的联系,找到了几种一维和二维系统容量的闭式表达式,这取决于它们的恢复集。
{"title":"Storage codes and recoverable systems on lines and grids","authors":"Alexander Barg, Ohad Elishco, Ryan Gabrys, Geyang Wang, Eitan Yaakobi","doi":"10.1007/s10623-024-01481-z","DOIUrl":"https://doi.org/10.1007/s10623-024-01481-z","url":null,"abstract":"<p>A storage code is an assignment of symbols to the vertices of a connected graph <i>G</i>(<i>V</i>, <i>E</i>) with the property that the value of each vertex is a function of the values of its neighbors, or more generally, of a certain neighborhood of the vertex in <i>G</i>. In this work we introduce a new construction method of storage codes, enabling one to construct new codes from known ones via an interleaving procedure driven by resolvable designs. We also study storage codes on <span>({mathbb Z})</span> and <span>({mathbb Z}^2)</span> (lines and grids), finding closed-form expressions for the capacity of several one and two-dimensional systems depending on their recovery set, using connections between storage codes, graphs, anticodes, and difference-avoiding sets.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142100950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-31DOI: 10.1007/s10623-024-01475-x
Radi Abubaker, Guang Gong
In this paper, we investigate how to construct the required sequences to be used as pilot signals for packet detection in physical-layer security. Our construction starts from the frequency domain, where a set of orthogonal frequencies cover an entire given bandwidth. The construction is a generalized construction from Milewski’s construction, where it takes the inverse discrete Fourier transform of the given frequency domain sequences. In this paper, we call a set of the q sequences of length (ell q) with an equal distanced, nonzero frequency response in the frequency domain a frequency distance sequence set (FDSS) and a sequence interleaved from this set an FDSS interleaved sequence. By applying frequency and time domain relations, we show that such a set is mutually orthogonal, and is a complementary sequence set if and only if the seed sequence is perfect (i.e., zero autocorrelation at all out-of-phase shift). The FDSS interleaved sequence is perfect if and only if the seed sequence is perfect. We apply the proposed sequences to real world experiments as pilot sequences for coarse synchronization. In our experiments, we selected Frank–Zadoff–Chu sequences and Golay pair sequences in our construction for use with an ADALM-Pluto SDR from Analog Devices and simulations, and we show the pilot detection rate under different noisy channel conditions, when compared to alternative pilot selections. The false negative detection rate of our pilot decreases to zero when the SNR is 20 dB. In contrast, a general OFDM QPSK pilot has a false-negative detection rate near 70% at the same SNR. In general, our pilot sequence consistently has a lower false-negative rate to the OFDM QPSK pilot, which failed to detect most packets in the ADALM-Pluto SDR environment.
{"title":"Frequency distance sequences for packet detection in physical-layer security","authors":"Radi Abubaker, Guang Gong","doi":"10.1007/s10623-024-01475-x","DOIUrl":"https://doi.org/10.1007/s10623-024-01475-x","url":null,"abstract":"<p>In this paper, we investigate how to construct the required sequences to be used as pilot signals for packet detection in physical-layer security. Our construction starts from the frequency domain, where a set of orthogonal frequencies cover an entire given bandwidth. The construction is a generalized construction from Milewski’s construction, where it takes the inverse discrete Fourier transform of the given frequency domain sequences. In this paper, we call a set of the <i>q</i> sequences of length <span>(ell q)</span> with an equal distanced, nonzero frequency response in the frequency domain a <i>frequency distance sequence set</i> (<i>FDSS</i>) and a sequence interleaved from this set an <i>FDSS interleaved sequence</i>. By applying frequency and time domain relations, we show that such a set is mutually orthogonal, and is a complementary sequence set if and only if the seed sequence is perfect (i.e., zero autocorrelation at all out-of-phase shift). The FDSS interleaved sequence is perfect if and only if the seed sequence is perfect. We apply the proposed sequences to real world experiments as pilot sequences for coarse synchronization. In our experiments, we selected Frank–Zadoff–Chu sequences and Golay pair sequences in our construction for use with an ADALM-Pluto SDR from Analog Devices and simulations, and we show the pilot detection rate under different noisy channel conditions, when compared to alternative pilot selections. The false negative detection rate of our pilot decreases to zero when the SNR is 20 dB. In contrast, a general OFDM QPSK pilot has a false-negative detection rate near 70% at the same SNR. In general, our pilot sequence consistently has a lower false-negative rate to the OFDM QPSK pilot, which failed to detect most packets in the ADALM-Pluto SDR environment.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142100953","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-31DOI: 10.1007/s10623-024-01467-x
Feixiang Zhao, Jian Weng, Wenli Xie, Lin Hou, Ming Li
Proxy re-encryption (PRE) is a cryptosystem that realizes efficient encrypted data sharing by allowing a third party proxy to transform a ciphertext intended for a delegator (i.e., Alice) to a ciphertext intended for a delegatee (i.e., Bob). Attribute-based proxy re-encrypftion (AB-PRE) generalizes PRE to the attribute-based scenarios, enabling fine-grained access control on ciphertexts. However, the existing AB-PRE schemes do not adequately address the following problems: (1) the risk of decryption key leakage, and (2) the need of time-based delegation. To resolve these problems, we introduce a primitive called time-based attribute-based proxy re-encryption (TB-AB-PRE) with decryption key update. TB-AB-PRE associates keys with the current time information and supports efficient periodical decryption key update for each time transition. This property guarantees that a compromise of a decryption key for some time does not breach the security of ciphertexts from the others. Leveraging this time-based property, the proposed TB-AB-PRE elegantly achieves time-based delegation which enables Alice to decide which ciphertexts can be transformed and their decryptable timeframe after being transformed. The proposed construction is proven to be secure against honest re-encryption attacks with decryption key exposure resistance, under the learning with errors assumption.
代理重加密(PRE)是一种加密系统,通过允许第三方代理将针对委托人(即 Alice)的密文转换为针对被委托人(即 Bob)的密文,从而实现高效的加密数据共享。基于属性的代理重加密(AB-PRE)将 PRE 推广到基于属性的方案中,实现了对密文的细粒度访问控制。然而,现有的 AB-PRE 方案没有充分解决以下问题:(1)解密密钥泄漏的风险;(2)基于时间的授权需求。为了解决这些问题,我们引入了一种带有解密密钥更新的基于时间属性的代理重加密(TB-AB-PRE)。TB-AB-PRE 将密钥与当前的时间信息关联起来,并支持每次时间转换的高效周期性解密密钥更新。这一特性保证了某个时间段的解密密钥泄露不会破坏其他时间段密文的安全性。利用这一基于时间的特性,所提出的 TB-AB-PRE 优雅地实现了基于时间的授权,使 Alice 能够决定哪些密文可以转换以及转换后的可解密时限。事实证明,在错误学习假设下,所提出的结构可以安全地抵御诚实的重加密攻击,并具有抗解密密钥暴露的能力。
{"title":"Time-based attribute-based proxy re-encryption with decryption key update","authors":"Feixiang Zhao, Jian Weng, Wenli Xie, Lin Hou, Ming Li","doi":"10.1007/s10623-024-01467-x","DOIUrl":"https://doi.org/10.1007/s10623-024-01467-x","url":null,"abstract":"<p>Proxy re-encryption (PRE) is a cryptosystem that realizes efficient encrypted data sharing by allowing a third party proxy to transform a ciphertext intended for a delegator (i.e., Alice) to a ciphertext intended for a delegatee (i.e., Bob). Attribute-based proxy re-encrypftion (AB-PRE) generalizes PRE to the attribute-based scenarios, enabling fine-grained access control on ciphertexts. However, the existing AB-PRE schemes do not adequately address the following problems: (1) the risk of decryption key leakage, and (2) the need of time-based delegation. To resolve these problems, we introduce a primitive called time-based attribute-based proxy re-encryption (TB-AB-PRE) with decryption key update. TB-AB-PRE associates keys with the current time information and supports efficient periodical decryption key update for each time transition. This property guarantees that a compromise of a decryption key for some time does not breach the security of ciphertexts from the others. Leveraging this time-based property, the proposed TB-AB-PRE elegantly achieves time-based delegation which enables Alice to decide which ciphertexts can be transformed and their decryptable timeframe after being transformed. The proposed construction is proven to be secure against honest re-encryption attacks with decryption key exposure resistance, under the learning with errors assumption.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142100949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-27DOI: 10.1007/s10623-024-01479-7
Melek Çil, Barış Bülent Kırlar
For an odd prime power q, let (mathbb {F}_{q^2}=mathbb {F}_q(alpha )), (alpha ^2=tin mathbb {F}_q) be the quadratic extension of the finite field (mathbb {F}_q). In this paper, we consider the irreducible polynomials (F(x)=x^k-c_1x^{k-1}+c_2x^{k-2}-cdots -c_{2}^qx^2+c_{1}^qx-1) over (mathbb {F}_{q^2}), where k is an odd integer and the coefficients (c_i) are in the form (c_i=a_i+b_ialpha ) with at least one (b_ine 0). For a given such irreducible polynomial F(x) over (mathbb {F}_{q^2}), we provide an algorithm to construct an irreducible polynomial (G(x)=x^k-A_1x^{k-1}+A_2x^{k-2}-cdots -A_{k-2}x^2+A_{k-1}x-A_k) over (mathbb {F}_q), where the (A_i)’s are explicitly given in terms of the (c_i)’s. This gives a bijective correspondence between irreducible polynomials over (mathbb {F}_{q^2}) and (mathbb {F}_q). This fact generalizes many recent results on this subject in the literature.
{"title":"On the construction of certain odd degree irreducible polynomials over finite fields","authors":"Melek Çil, Barış Bülent Kırlar","doi":"10.1007/s10623-024-01479-7","DOIUrl":"https://doi.org/10.1007/s10623-024-01479-7","url":null,"abstract":"<p>For an odd prime power <i>q</i>, let <span>(mathbb {F}_{q^2}=mathbb {F}_q(alpha ))</span>, <span>(alpha ^2=tin mathbb {F}_q)</span> be the quadratic extension of the finite field <span>(mathbb {F}_q)</span>. In this paper, we consider the irreducible polynomials <span>(F(x)=x^k-c_1x^{k-1}+c_2x^{k-2}-cdots -c_{2}^qx^2+c_{1}^qx-1)</span> over <span>(mathbb {F}_{q^2})</span>, where <i>k</i> is an odd integer and the coefficients <span>(c_i)</span> are in the form <span>(c_i=a_i+b_ialpha )</span> with at least one <span>(b_ine 0)</span>. For a given such irreducible polynomial <i>F</i>(<i>x</i>) over <span>(mathbb {F}_{q^2})</span>, we provide an algorithm to construct an irreducible polynomial <span>(G(x)=x^k-A_1x^{k-1}+A_2x^{k-2}-cdots -A_{k-2}x^2+A_{k-1}x-A_k)</span> over <span>(mathbb {F}_q)</span>, where the <span>(A_i)</span>’s are explicitly given in terms of the <span>(c_i)</span>’s. This gives a bijective correspondence between irreducible polynomials over <span>(mathbb {F}_{q^2})</span> and <span>(mathbb {F}_q)</span>. This fact generalizes many recent results on this subject in the literature.\u0000</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142084946","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-21DOI: 10.1007/s10623-024-01476-w
Robert Christian Subroto
Circulant Column Parity Mixers (CCPMs) are a particular type of linear maps, used as the mixing layer in permutation-based cryptographic primitives like Keccak-f (SHA3) and Xoodoo. Although being successfully applied, not much is known regarding their algebraic properties. They are limited to invertibility of CCPMs, and that the set of invertible CCPMs forms a group. A possible explanation is due to the complexity of describing CCPMs in terms of linear algebra. In this paper, we introduce a new approach to studying CCPMs using module theory from commutative algebra. We show that many interesting algebraic properties can be deduced using this approach, and that known results regarding CCPMs resurface as trivial consequences of module theoretic concepts. We also show how this approach can be used to study the linear layer of Xoodoo, and other linear maps with a similar structure which we call DCD-compositions. Using this approach, we prove that every DCD-composition where the underlying vector space with the same dimension as that of Xoodoo has a low order. This provides a solid mathematical explanation for the low order of the linear layer of Xoodoo, which equals 32. We design a DCD-composition using this module-theoretic approach, but with a higher order using a different dimension.
{"title":"An algebraic approach to circulant column parity mixers","authors":"Robert Christian Subroto","doi":"10.1007/s10623-024-01476-w","DOIUrl":"https://doi.org/10.1007/s10623-024-01476-w","url":null,"abstract":"<p>Circulant Column Parity Mixers (CCPMs) are a particular type of linear maps, used as the mixing layer in permutation-based cryptographic primitives like <span>Keccak</span>-<i>f</i> (SHA3) and <span>Xoodoo</span>. Although being successfully applied, not much is known regarding their algebraic properties. They are limited to invertibility of CCPMs, and that the set of invertible CCPMs forms a group. A possible explanation is due to the complexity of describing CCPMs in terms of linear algebra. In this paper, we introduce a new approach to studying CCPMs using module theory from commutative algebra. We show that many interesting algebraic properties can be deduced using this approach, and that known results regarding CCPMs resurface as trivial consequences of module theoretic concepts. We also show how this approach can be used to study the linear layer of <span>Xoodoo</span>, and other linear maps with a similar structure which we call DCD-compositions. Using this approach, we prove that every DCD-composition where the underlying vector space with the same dimension as that of <span>Xoodoo</span> has a low order. This provides a solid mathematical explanation for the low order of the linear layer of <span>Xoodoo</span>, which equals 32. We design a DCD-composition using this module-theoretic approach, but with a higher order using a different dimension.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142022186","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-16DOI: 10.1007/s10623-024-01478-8
Deepak Agrawal, Srinivasan Krishnaswamy, Smarajit Das
The Gray map converts a symbol in (mathbb {Z}_4) to a pair of binary symbols. Therefore, under the Gray map, a linear function from (mathbb {Z}_4^n) to (mathbb {Z}_4) gives rise to a pair of boolean functions from (mathbb {F}_2^{2n}) to (mathbb {F}_2). This paper studies such boolean functions. We state and prove a condition for the nonlinearity of such functions and derive closed-form expressions for them. Further, results related to the mutual information between random variables that satisfy such expressions have been derived. These results are then used to construct a couple of nonlinear boolean secret sharing schemes. These schemes are then analyzed for their closeness to ‘perfectness’ and their ability to resist ‘Tompa–Woll’-like attacks.
{"title":"On Boolean functions derived from linear maps over $$mathbb {Z}_4$$ and their application to secret sharing","authors":"Deepak Agrawal, Srinivasan Krishnaswamy, Smarajit Das","doi":"10.1007/s10623-024-01478-8","DOIUrl":"https://doi.org/10.1007/s10623-024-01478-8","url":null,"abstract":"<p>The Gray map converts a symbol in <span>(mathbb {Z}_4)</span> to a pair of binary symbols. Therefore, under the Gray map, a linear function from <span>(mathbb {Z}_4^n)</span> to <span>(mathbb {Z}_4)</span> gives rise to a pair of boolean functions from <span>(mathbb {F}_2^{2n})</span> to <span>(mathbb {F}_2)</span>. This paper studies such boolean functions. We state and prove a condition for the nonlinearity of such functions and derive closed-form expressions for them. Further, results related to the mutual information between random variables that satisfy such expressions have been derived. These results are then used to construct a couple of nonlinear boolean secret sharing schemes. These schemes are then analyzed for their closeness to ‘perfectness’ and their ability to resist ‘Tompa–Woll’-like attacks.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141992009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-16DOI: 10.1007/s10623-024-01480-0
Noy Soffer Aranov, Angelot Behajaina
Let ({mathcal {K}}) be a discrete valued field with finite residue field. In analogy with orthogonality in the Euclidean space ({mathbb {R}}^n), there is a well-studied notion of “ultrametric orthogonality” in ({mathcal {K}}^n). In this paper, motivated by a question of Erdős in the real case, given integers (k ge ell ge 2), we investigate the maximum size of a subset (S subseteq {mathcal {K}}^n {setminus }{textbf{0}}) satisfying the following property: for any (E subseteq S) of size k, there exists (F subseteq E) of size (ell ) such that any two distinct vectors in F are orthogonal. Other variants of this property are also studied.
{"title":"On the maximum size of ultrametric orthogonal sets over discrete valued fields","authors":"Noy Soffer Aranov, Angelot Behajaina","doi":"10.1007/s10623-024-01480-0","DOIUrl":"https://doi.org/10.1007/s10623-024-01480-0","url":null,"abstract":"<p>Let <span>({mathcal {K}})</span> be a discrete valued field with finite residue field. In analogy with orthogonality in the Euclidean space <span>({mathbb {R}}^n)</span>, there is a well-studied notion of “ultrametric orthogonality” in <span>({mathcal {K}}^n)</span>. In this paper, motivated by a question of Erdős in the real case, given integers <span>(k ge ell ge 2)</span>, we investigate the maximum size of a subset <span>(S subseteq {mathcal {K}}^n {setminus }{textbf{0}})</span> satisfying the following property: for any <span>(E subseteq S)</span> of size <i>k</i>, there exists <span>(F subseteq E)</span> of size <span>(ell )</span> such that any two distinct vectors in <i>F</i> are orthogonal. Other variants of this property are also studied.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141992048","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-14DOI: 10.1007/s10623-024-01464-0
Ferruh Özbudak, Buket Özkaya
We consider the minimum weight of codewords in a quasi-cyclic code and characterize the estimate in its most general setup using their concatenated structure. The new bound we derive generalizes the Jensen and Güneri–Özbudak bounds and it holds for the more general class of multilevel concatenated codes.
{"title":"New distance bounds for quasi-cyclic codes","authors":"Ferruh Özbudak, Buket Özkaya","doi":"10.1007/s10623-024-01464-0","DOIUrl":"https://doi.org/10.1007/s10623-024-01464-0","url":null,"abstract":"<p>We consider the minimum weight of codewords in a quasi-cyclic code and characterize the estimate in its most general setup using their concatenated structure. The new bound we derive generalizes the Jensen and Güneri–Özbudak bounds and it holds for the more general class of multilevel concatenated codes.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141980986","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-12DOI: 10.1007/s10623-024-01470-2
Yuan Gao, Weijun Fang, Jingke Xu, Dong Wang, Sihuang Hu
Locally repairable codes (LRCs) have attracted a lot of attention due to their applications in distributed storage systems. In this paper, we provide new constructions of optimal ((2, delta ))-LRCs over (mathbb {F}_q) with flexible parameters. Firstly, employing techniques from finite geometry, we introduce a simple yet useful condition to ensure that a punctured simplex code becomes a ((2, delta ))-LRC. It is worth noting that this condition only imposes a requirement on the size of the puncturing set. Secondly, utilizing character sums over finite fields and Krawtchouk polynomials, we determine the parameters of more punctured simplex codes with puncturing sets of new structures. Several infinite families of LRCs with new parameters are derived. All of our new LRCs are optimal with respect to the generalized Cadambe–Mazumdar bound and some of them are also Griesmer codes or distance-optimal codes.
{"title":"Optimal $$(2,delta )$$ locally repairable codes via punctured simplex codes","authors":"Yuan Gao, Weijun Fang, Jingke Xu, Dong Wang, Sihuang Hu","doi":"10.1007/s10623-024-01470-2","DOIUrl":"https://doi.org/10.1007/s10623-024-01470-2","url":null,"abstract":"<p>Locally repairable codes (LRCs) have attracted a lot of attention due to their applications in distributed storage systems. In this paper, we provide new constructions of optimal <span>((2, delta ))</span>-LRCs over <span>(mathbb {F}_q)</span> with flexible parameters. Firstly, employing techniques from finite geometry, we introduce a simple yet useful condition to ensure that a punctured simplex code becomes a <span>((2, delta ))</span>-LRC. It is worth noting that this condition only imposes a requirement on the size of the puncturing set. Secondly, utilizing character sums over finite fields and Krawtchouk polynomials, we determine the parameters of more punctured simplex codes with puncturing sets of new structures. Several infinite families of LRCs with new parameters are derived. All of our new LRCs are optimal with respect to the generalized Cadambe–Mazumdar bound and some of them are also Griesmer codes or distance-optimal codes.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141918770","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-08-12DOI: 10.1007/s10623-024-01468-w
Jinrui Sha, Shengli Liu, Shuai Han
A functional commitment (FC) scheme enables committing to a vector ({textbf{x}}) and later producing an opening proof (pi ) for a function value (y=f({textbf{x}})) with function f in some function set ({mathcal {F}}). Everyone can verify the validity of the opening proof (pi ) w.r.t. the function f and the function value y. Up to now, the largest function set is the bounded-depth circuits and achieved by FC schemes in [Peikeit et al. TCC 2021, De Castro et al. TCC 2023, Wee et al. Eurocrypt 2023, Wee et al. Asiacrypt 2023] with the help of the homomorphic encoding and evaluation techniques from lattices. In fact, these FC schemes can hardly support circuits of large depth, due to the fast accumulation of noises in the homomorphic evaluations. For example, if the depth of the circuit is linear to the security parameter (lambda ), then the underlying (textsf {GapSVP}_{gamma }) problem will be accompanied with a super-exponentially large parameter (gamma >(lambda log lambda )^{Theta (lambda )}) and can be easily solved by the LLL algorithm. In this work, we propose a new FC scheme supporting arbitrary circuits of bounded sizes. We make use of homomorphic encoding and evaluation as well, but we disassemble the circuit gate by gate, process the gates, and reassemble the processed gates to a flattened circuit of logarithm depth (O(log lambda )). This makes possible for our FC scheme to support arbitrary polynomial-size circuits. Our FC scheme has the common reference string (CRS) growing linear to the size of the circuit. So CRSs of different sizes allow our FC scheme to support circuits of different (bounded) sizes. Just like the recent work on FC schemes [Wee et al. Eurocrypt 2023, Asiacrypt 2023], our FC scheme achieves private opening and target binding based on a falsifiable family of “basis-augmented” SIS assumptions. Our FC scheme has succinct commitment but not succinct opening proof which of course does not support fast verification. To improve the running time of verification, we resort to the non-interactive GKR protocol to outsource the main computation in verification to the proof generation algorithm. As a result, we obtain an improved FC scheme which decreases the computational complexity of verification with a factor (O(lambda )).
功能承诺(FC)方案能够承诺一个向量({textbf{x}}),之后为函数值(y=f({textbf{x}}))生成一个开局证明(pi ),函数f在某个函数集({mathcal {F}})中。到目前为止,最大的函数集是有界深度电路,并且是在[Peikeit et al. TCC 2021, De Castro et al. TCC 2023, Wee et al. Eurocrypt 2023, Wee et al. Asiacrypt 2023]的 FC 方案中借助同态编码和网格评估技术实现的。事实上,这些 FC 方案很难支持大深度电路,因为同态评估中的噪声会快速积累。例如,如果电路的深度与安全参数(lambda )呈线性关系,那么底层的(textsf {GapSVP}_{gamma } )问题将伴随着一个超指数大参数(gamma >(lambda log lambda )^{Theta(lambda )}),并且可以通过 LLL 算法轻松解决。在这项工作中,我们提出了一种新的 FC 方案,支持大小有界的任意电路。我们也使用了同态编码和评估,但我们逐个门拆解电路,处理门,并将处理过的门重新组装成对数深度为 (O(log lambda )) 的扁平化电路。这使得我们的 FC 方案可以支持任意多项式大小的电路。我们的 FC 方案的公共参考字符串(CRS)与电路的大小呈线性增长。因此,不同大小的 CRS 可以让我们的 FC 方案支持不同(有界)大小的电路。就像最近关于 FC 方案的研究一样[Wee 等人,Eurocrypt 2023,Asiacrypt 2023],我们的 FC 方案基于可证伪的 "基础增强 "SIS 假设系列,实现了私人开启和目标绑定。我们的 FC 方案有简洁的承诺,但没有简洁的开启证明,这当然不支持快速验证。为了改进验证的运行时间,我们采用了非交互式 GKR 协议,将验证中的主要计算外包给证明生成算法。因此,我们得到了一种改进的 FC 方案,它将验证的计算复杂度降低了 (O(lambda )) 倍。
{"title":"Functional commitments for arbitrary circuits of bounded sizes","authors":"Jinrui Sha, Shengli Liu, Shuai Han","doi":"10.1007/s10623-024-01468-w","DOIUrl":"https://doi.org/10.1007/s10623-024-01468-w","url":null,"abstract":"<p>A functional commitment (FC) scheme enables committing to a vector <span>({textbf{x}})</span> and later producing an opening proof <span>(pi )</span> for a function value <span>(y=f({textbf{x}}))</span> with function <i>f</i> in some function set <span>({mathcal {F}})</span>. Everyone can verify the validity of the opening proof <span>(pi )</span> w.r.t. the function <i>f</i> and the function value <i>y</i>. Up to now, the largest function set is the bounded-depth circuits and achieved by FC schemes in [Peikeit et al. TCC 2021, De Castro et al. TCC 2023, Wee et al. Eurocrypt 2023, Wee et al. Asiacrypt 2023] with the help of the homomorphic encoding and evaluation techniques from lattices. In fact, these FC schemes can hardly support circuits of large depth, due to the fast accumulation of noises in the homomorphic evaluations. For example, if the depth of the circuit is linear to the security parameter <span>(lambda )</span>, then the underlying <span>(textsf {GapSVP}_{gamma })</span> problem will be accompanied with a super-exponentially large parameter <span>(gamma >(lambda log lambda )^{Theta (lambda )})</span> and can be easily solved by the LLL algorithm. In this work, we propose a new FC scheme supporting arbitrary circuits of bounded sizes. We make use of homomorphic encoding and evaluation as well, but we disassemble the circuit gate by gate, process the gates, and reassemble the processed gates to a flattened circuit of logarithm depth <span>(O(log lambda ))</span>. This makes possible for our FC scheme to support arbitrary polynomial-size circuits. Our FC scheme has the common reference string (CRS) growing linear to the size of the circuit. So CRSs of different sizes allow our FC scheme to support circuits of different (bounded) sizes. Just like the recent work on FC schemes [Wee et al. Eurocrypt 2023, Asiacrypt 2023], our FC scheme achieves private opening and target binding based on a falsifiable family of “basis-augmented” SIS assumptions. Our FC scheme has succinct commitment but not succinct opening proof which of course does not support fast verification. To improve the running time of verification, we resort to the non-interactive GKR protocol to outsource the main computation in verification to the proof generation algorithm. As a result, we obtain an improved FC scheme which decreases the computational complexity of verification with a factor <span>(O(lambda ))</span>.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.6,"publicationDate":"2024-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141918778","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}