Designs, Codes and Cryptography最新文献

It is well-known that functions over finite fields play a crucial role in designing substitution boxes (S-boxes) in modern block ciphers. In order to analyze the security of an S-box, recently, three new tables have been introduced: the Extended Boomerang Connectivity Table (EBCT), the Lower Boomerang Connectivity Table (LBCT), and the Upper Boomerang Connectivity Table (UBCT). In fact, these tables offer improved methods over the usual Boomerang Connectivity Table (BCT) for analyzing the security of S-boxes against boomerang-style attacks. Here, we put in context these new EBCT, LBCT, and UBCT concepts by connecting them to the DDT for a differentially (delta )-uniform function and also determine the EBCT, LBCT, and UBCT entries of three classes of differentially 4-uniform power permutations, namely, Gold, Kasami and Bracken–Leander. We also determine the Double Boomerang Connectivity Table (DBCT) entries of the Gold function. As byproducts of our approach, we obtain some previously published results quite easily.

Side Channel Attacks (SCA) exploit physical information leakage from devices performing cryptographic operations, posing significant security threats. While SCA has been extensively studied in the context of block ciphers, similar analyses on stream ciphers and constructions like authenticated encryption are less explored. In this paper, we present a novel enhancement to existing SCA techniques based on the hamming weight model for stream ciphers. We have identified critical oversights in previous SCA attack models, allowing us to introduce additional inequalities that enhance the model’s effectiveness. For TRIVIUM and GRAIN-128-AEAD, we demonstrate that a practical state recovery attack can be achieved in significantly less time than existing attacks on the HW/32 model. Furthermore, we show that our improved model is capable of handling the HW/64 model and can recover the state even with noisy traces within a few hours. Additionally, we extend our model to the authenticated encryption schemes ACORN-128 v3 and ASCON-128a, demonstrating its broader applicability.

A combinatorial trade is a pair of sets of blocks of elements that can be exchanged while preserving relevant subset intersection constraints. The class of balanced and swap-robust minimal trades was proposed in Pan et al. (in: 2022 IEEE International Symposium on Information Theory (ISIT), IEEE, pp 2385–2390, 2022) for exchanging blocks of data chunks stored on distributed storage systems in an access- and load-balanced manner. More precisely, data chunks in the trades of interest are labeled by popularity ranks and the blocks are required to have both balanced overall popularity and stability properties with respect to swaps in chunk popularities. The original construction of such trades relied on computer search and paired balanced sets obtained through iterative combining of smaller sets that have provable stability guarantees. To reduce the substantial gap between the results of prior approaches and the known theoretical lower bound, we present new analytical upper and lower bounds on the minimal disbalance of blocks introduced by limited-magnitude popularity ranking swaps. Our constructive and near-optimal approach relies on pairs of graphs whose vertices are two balanced sets with edges/arcs that capture the balance and potential balance changes induced by limited-magnitude popularity swaps. In particular, we show that if we start with carefully selected balanced trades and limit the magnitude of rank swaps to one, the new upper and lower bound on the maximum block disbalance caused by a swap only differ by a factor of 1.07. We also extend these results for larger popularity swap magnitudes.

Linear complementary pairs (LCPs) of codes have been studied since they were introduced in the context of discussing mitigation measures against possible hardware attacks to integrated circuits. In this situation, the security parameters for LCPs of codes are defined as the (Hamming) distance and the dual distance of the codes in the pair. We study the properties of LCPs of skew constacyclic codes, since their algebraic structure provides tools for studying their duals and their distances. As a result, we give a characterization for those pairs, as well as multiple results that lead to constructing pairs with designed security parameters. We extend skew BCH codes to a constacyclic context and show that an LCP of codes can be immediately constructed from a skew BCH constacyclic code. Additionally, we describe a Hamming weight-preserving automorphism group in the set of skew constacyclic codes, which can be used for constructing LCPs of codes.

We study vectorial functions with maximal number of bent components in this paper. We first study the Walsh transform and nonlinearity of (F(x)=x^{2^e}h(textrm{Tr}_{2^{2m}/2^m}(x))), where (ege 0) and h(x) is a permutation over ({mathbb {F}}_{2^m}). If h(x) is monomial, the nonlinearity of F(x) is shown to be at most ( 2^{2,m-1}-2^{lfloor frac{3,m}{2}rfloor }) and some non-plateaued and plateaued functions attaining the upper bound are found. If h(x) is linear, the exact nonlinearity of F(x) is determined. Secondly, we give a construction of vectorial functions with maximal number of bent components from known ones, thus obtain two new classes from the Niho class and the Maiorana-McFarland class. Our construction gives a quadratic vectorial function that is not equivalent to the known functions of the form xh(x), and also contains vectorial functions outside the completed Maiorana-McFarland class. Finally, we show that the vectorial function (F: {mathbb {F}}_{2^{2m}}rightarrow {mathbb {F}}_{2^{2m}}), (xmapsto x^{2^m+1}+x^{2^i+1}) has maximal number of bent components if and only if (i=0).

Due to the operational efficiency and lower computational costs of the Chebyshev polynomial compared to ECC, this chaotic system has attracted widespread attention in public key cryptography. However, the single recurrence coefficient limitation and inherent short-period flaw, often render the Chebyshev polynomials cryptosystem ineffective against various attacks, such as Exhaustive Attacks and Ciphertext-Only Attacks. To address these vulnerabilities, the Multi-Dimensional General Chebyshev Polynomials (MDGCP) is developed in this study by parameterizing the coefficient of the Chebyshev polynomial over finite fields and converting its variable from one dimension to multiple dimensions. The MDGCP preserves the semigroup property and significantly reduces the likelihood of short periods by imposing a simple and explicit restriction on the initial state matrix. This enhancement improves the complexity and pluralism of the Chebyshev polynomial, thereby increasing its applicability in the design of public key cryptosystems. Consequently, a novel public key encryption algorithm based on MDGCP is proposed. Theoretical analyses and experimental results reveal that the proposed algorithm possesses better abilities than existing public key encryption algorithms based on Chebyshev polynomial in resisting exhaustive attacks and Ciphertext-only attacks.

Let (mathbb {F}_q) be the finite field with q elements, where q is a power of a prime p. Given a monic polynomial (f in mathbb {F}_q[x]) that is not divisible by x, there exists a positive integer (e=e(f)) such that f(x) divides the binomial (x^e-1) and e is minimal with this property. The integer e is commonly known as the order of f and we write (textrm{ord}(f)=e). Motivated by a recent work of the second author on primitive k-normal elements over finite fields, in this paper we introduce the concept of polynomials free of binomials. These are the polynomials (f in mathbb {F}_q[x]), not divisible by x, such that f(x) does not divide any binomial (x^d-delta in mathbb {F}_q[x]) with (1le d<textrm{ord}(f)). We obtain some general results on polynomials free of binomials and we focus on the problem of describing the set of degrees of the polynomials that are free of binomials and whose order is fixed. In particular, we completely describe such set when the order equals a positive integer (n>1) whose prime factors divide (p(q-1)). Moreover, we also provide a correspondence between the polynomials that are free of binomials and cyclic codes that cannot be submerged into smaller constacyclic codes.

The regular decoding problem asks for (the existence of) regular solutions to a syndrome decoding problem (SDP). This problem has increased applications in post-quantum cryptography and cryptanalysis. Recently, Esser and Santini explored in depth the connection between the regular (RSD) and classical syndrome decoding problems. They have observed that while RSD to SDP reductions are known (in any parametric regime), a similar generic reduction from SDP to RSD is not known. In our contribution, we examine two different generic polynomial reductions from a syndrome decoding problem to a regular decoding problem instance. The first reduction is based on constructing a special parity check matrix that encodes weight counter progression inside the parity check matrix, which is then the input of the regular decoding oracle. The target regular decoding problem has a significantly longer code length, that depends linearly on the weight parameter of the original SDP. The second reduction is based on translating the SDP to a non-linear system of equations in the Multiple Right-Hand Sides form, and then applying RSD oracle to solve this system. The second reduction has better code length. The ratio between RSD and SDP code length of the second reduction can be bounded by a constant (less than 8).

Let (n=2^k-1) and (m=2^{k-2}) for a certain (kge 3). Consider the point-line geometry of 2m-element subsets of an n-element set. Maximal singular subspaces of this geometry correspond to binary simplex codes of dimension k. For (kge 4) the associated collinearity graph contains maximal cliques different from maximal singular subspaces. We investigate maximal cliques corresponding to symmetric (n, 2m, m)-designs. The main results concern the case (k=4) and give a geometric interpretation of the five well-known symmetric (15, 8, 4)-designs.

For a set ({mathcal {L}}) of lines of (text{ PG }(n,q)), a set X of points of (text{ PG }(n,q)) is called an ({mathcal {L}})-blocking set if each line of ({mathcal {L}}) contains at least one point of X. Consider a possibly singular quadric Q of (text{ PG }(n,q)) and denote by ({mathcal {S}}) (respectively, ({mathcal {T}})) the set of all lines of (text{ PG }(n,q)) meeting Q in 2 (respectively, 1 or (q+1)) points. For ({mathcal {L}}in {{mathcal {S}},{mathcal {T}}cup {mathcal {S}}}), we find the minimal cardinality of an ({mathcal {L}})-blocking set of (text{ PG }(n,q)) and determine all ({mathcal {L}})-blocking sets of that minimal cardinality.