Asymptotic enumeration of correlation-immune functions E. Rodney - PowerPoint PPT Presentation

Asymptotic enumeration of correlation-immune functions E. Rodney Canfield Jason Gao Catherine Greenhill Brendan D. McKay Robert W. Robinson Correlation-immune functions 1

Correlation-immune functions Suppose we have a secret Boolean function of ♥ Boolean variables. Suppose a malicious eavesdropper is able to observe function values while monitoring any ❦ of the variables. We would like these observations to give the eavesdropper as little information as possible. Correlation-immune functions 2

Correlation-immune functions Suppose we have a secret Boolean function of ♥ Boolean variables. Suppose a malicious eavesdropper is able to observe function values while monitoring any ❦ of the variables. We would like these observations to give the eavesdropper as little information as possible. The function is correlation-immune of order ❦ if the function value is uncorrelated with any ❦ of the arguments. Suppose the fraction ✕ of all 2 ♥ argument values give a function value 1. Then correlation-immune means that if any arbitrary ❦ of the arguments are fixed to arbitrary values, the same fraction ✕ of the remaining 2 ♥ � ❦ argument values give a function value 1. The weight of the function is ✕ 2 ♥ — the number of argument lists that give function value 1. Correlation-immune functions 2

Example (Sloan): ♥ = 12, ❦ = 3, ✕ = 24 ❂ 2 12 , weight = 24 = 2 ❦ 3. The rows of the table give the argument lists for which the function value is 1. 0 1 1 1 1 1 1 1 1 1 1 1 0 0 1 0 1 1 1 0 0 0 1 0 0 0 0 1 0 1 1 1 0 0 0 1 0 1 0 0 1 0 1 1 1 0 0 0 0 0 1 0 0 1 0 1 1 1 0 0 0 0 0 1 0 0 1 0 1 1 1 0 0 0 0 0 1 0 0 1 0 1 1 1 0 1 0 0 0 1 0 0 1 0 1 1 0 1 1 0 0 0 1 0 0 1 0 1 0 1 1 1 0 0 0 1 0 0 1 0 0 0 1 1 1 0 0 0 1 0 0 1 0 1 0 1 1 1 0 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 0 0 0 1 1 1 0 1 1 1 1 0 1 0 0 0 1 1 1 0 1 0 1 1 0 1 0 0 0 1 1 1 1 1 0 1 1 0 1 0 0 0 1 1 1 1 1 0 1 1 0 1 0 0 0 1 1 1 1 1 0 1 1 0 1 0 0 0 1 0 1 1 1 0 1 1 0 1 0 0 1 0 0 1 1 1 0 1 1 0 1 0 1 0 0 0 1 1 1 0 1 1 0 1 1 1 0 0 0 1 1 1 0 1 1 0 1 0 1 0 0 0 1 1 1 0 1 1 This is an orthogonal array of 2 levels, 12 variables, 24 runs and strength 3. Correlation-immune functions 3

Our task Since the weight is a multiple of 2 ❦ , let’s define it to be 2 ❦ q , where 0 ✔ q ✔ 2 ♥ � ❦ . Correlation-immune functions 4

Our task Since the weight is a multiple of 2 ❦ , let’s define it to be 2 ❦ q , where 0 ✔ q ✔ 2 ♥ � ❦ . Define ◆ ( ♥❀ ❦❀ q ) to be the number of ♥ -variable correlation-immune functions of order ❦ and weight 2 ❦ q . Also define ◆ ( ♥❀ ❦ ) = � q ◆ ( ♥❀ ❦❀ q ). We seek the asymptotic values of ◆ ( ♥❀ ❦❀ q ) and ◆ ( ♥❀ ❦ ) as ♥ ✦ ✶ , with ❦ and q being some functions of ♥ . Correlation-immune functions 4

Our task Since the weight is a multiple of 2 ❦ , let’s define it to be 2 ❦ q , where 0 ✔ q ✔ 2 ♥ � ❦ . Define ◆ ( ♥❀ ❦❀ q ) to be the number of ♥ -variable correlation-immune functions of order ❦ and weight 2 ❦ q . Also define ◆ ( ♥❀ ❦ ) = � q ◆ ( ♥❀ ❦❀ q ). We seek the asymptotic values of ◆ ( ♥❀ ❦❀ q ) and ◆ ( ♥❀ ❦ ) as ♥ ✦ ✶ , with ❦ and q being some functions of ♥ . Define ❦ ❦ � ♥ � ♥ � � � � ▼ = and ◗ = ✐ ✿ ✐ ✐ ✐ =0 ✐ =1 Theorem (Denisov, 1992) If ❦ ✕ 1 is a constant integer, then as ♥ ✦ ✶ , ◆ ( ♥❀ ❦ ) ✘ 2 2 ♥ + ◗ � ❦ (2 ♥ � 1 ✙ ) � ( ▼ � 1) ❂ 2 ✿ Correlation-immune functions 4

Denisov’s method (translated) For ❙ ✒ ❢ 1 ❀ 2 ❀ ✿ ✿ ✿ ❀ ♥ ❣ , let ☞ ❙ be the number of rows ( ☞ 1 ❀ ☞ 2 ❀ ✿ ✿ ✿ ❀ ☞ ♥ ) of the matrix such that ☞ ✐ = 1 for ✐ ✷ ❙ . Also ☞ ❀ = 2 ❦ q (i.e., all the rows). Then the matrix is that of a correlation-immune function of weight 2 ❦ q iff ☞ ❙ = 2 ❦ �❥ ❙ ❥ q for ❥ ❙ ❥ ✔ ❦✿ Correlation-immune functions 5

Denisov’s method (translated) For ❙ ✒ ❢ 1 ❀ 2 ❀ ✿ ✿ ✿ ❀ ♥ ❣ , let ☞ ❙ be the number of rows ( ☞ 1 ❀ ☞ 2 ❀ ✿ ✿ ✿ ❀ ☞ ♥ ) of the matrix such that ☞ ✐ = 1 for ✐ ✷ ❙ . Also ☞ ❀ = 2 ❦ q (i.e., all the rows). Then the matrix is that of a correlation-immune function of weight 2 ❦ q iff ☞ ❙ = 2 ❦ �❥ ❙ ❥ q for ❥ ❙ ❥ ✔ ❦✿ Consider � � Q ✐ ✷ ❙ ☞ ✐ � � ① ❀ 1 + ❙ ☞ ✷❢ 0 ❀ 1 ❣ ♥ ❥ ❙ ❥✔ ❦ where ❢ ① ❙ ❥ ❙ ✒ ❢ 1 ❀ 2 ❀ ✿ ✿ ✿ ❀ ♥ ❣ ❣ are indeterminates. Then ◆ ( ♥❀ ❦❀ q ) is the coefficient of the monomial ① 2 ❦ �❥ ❙ ❥ q � ✿ ❙ ❥ ❙ ❥✔ ❦ Denisov extracts ◆ ( ♥❀ ❦ ) by Fourier inversion. Correlation-immune functions 5

The inversion integral is concentrated at two equivalent places, where it is approxi- mately gaussian. Expansion near the critical points together with bounds away from the critical points establishes the asymptotics. Correlation-immune functions 6

The inversion integral is concentrated at two equivalent places, where it is approxi- mately gaussian. Expansion near the critical points together with bounds away from the critical points establishes the asymptotics. Denisov’s retraction In 2000, Denisov published a retraction of his 1992 result. He wrote that he had “made a mistake”, and gave a new asymptotic value of ◆ ( ♥❀ ❦ ). Correlation-immune functions 6

The inversion integral is concentrated at two equivalent places, where it is approxi- mately gaussian. Expansion near the critical points together with bounds away from the critical points establishes the asymptotics. Denisov’s retraction In 2000, Denisov published a retraction of his 1992 result. He wrote that he had “made a mistake”, and gave a new asymptotic value of ◆ ( ♥❀ ❦ ). This is unfortunate, since the 1992 result is correct and the 2000 result is incorrect! Correlation-immune functions 6

Alternative approach For a boolean function ❣ ( ① 1 ❀ ✿ ✿ ✿ ❀ ① ♥ ), the Walsh transform of ❣ is the real-valued ❣ over ❢ 0 ❀ 1 ❣ ♥ defined by function ˆ � ❣ ( ① 1 ❀ ✿ ✿ ✿ ❀ ① ♥ )( � 1) ✇ 1 ① 1 + ✁✁✁ + ✇ ♥ ① ♥ ✿ ❣ ( ✇ 1 ❀ ✿ ✿ ✿ ❀ ✇ ♥ ) = ˆ ( ① 1 ❀✿✿✿❀① ♥ ) ✷❢ 0 ❀ 1 ❣ ♥ It is known that ❣ is correlation-immune of order ❦ iff ˆ ❣ ( ✇ 1 ❀ ✿ ✿ ✿ ❀ ✇ ♥ ) = 0 whenever the number of 1s in ✇ 1 ❀ ✿ ✿ ✿ ❀ ✇ ♥ is between 1 and ❦ . Correlation-immune functions 7

Alternative approach For a boolean function ❣ ( ① 1 ❀ ✿ ✿ ✿ ❀ ① ♥ ), the Walsh transform of ❣ is the real-valued ❣ over ❢ 0 ❀ 1 ❣ ♥ defined by function ˆ � ❣ ( ① 1 ❀ ✿ ✿ ✿ ❀ ① ♥ )( � 1) ✇ 1 ① 1 + ✁✁✁ + ✇ ♥ ① ♥ ✿ ❣ ( ✇ 1 ❀ ✿ ✿ ✿ ❀ ✇ ♥ ) = ˆ ( ① 1 ❀✿✿✿❀① ♥ ) ✷❢ 0 ❀ 1 ❣ ♥ It is known that ❣ is correlation-immune of order ❦ iff ˆ ❣ ( ✇ 1 ❀ ✿ ✿ ✿ ❀ ✇ ♥ ) = 0 whenever the number of 1s in ✇ 1 ❀ ✿ ✿ ✿ ❀ ✇ ♥ is between 1 and ❦ . Put ❘ = ✕❂ (1 � ✕ ). Define � � ① ☛ ❙ � � ❋ ( ① ) = 1 + ❘ ❀ ❙ ☛ ✷❢✝ 1 ❣ ♥ ❥ ❙ ❥✔ ❦ where � ☛ ❙ = ☛ ✐ ✿ ✐ ✷ ❙ ◆ ( ♥❀ ❦❀ q ) is the constant term of ( ❘① ❀ ) � 2 ❦ q ❋ ( ① ). Theorem: Correlation-immune functions 7

Apply the Cauchy coefficient formula, using unit circles as contours, and change variables as ① ❙ = ❡ ✐✒ ❙ for each ❙ . Then ◆ ( ♥❀ ❦❀ q ) = (1 + ❘ ) 2 ♥ (2 ✙ ) ▼ ❘ 2 ❦ q ■ ( ♥❀ ❦❀ q ) ❀ where � ✙ � ✙ ■ ( ♥❀ ❦❀ q ) = � ✙ ✁ ✁ ✁ � ✙ ● ( ✒ ) ❞ ✒ ❀ 1 + ❘❡ ✐❢ ☛ ( ✒ ) ● ( ✒ ) = ❡ � ✐ 2 ❦ q � ❀ 1 + ❘ ☛ ✷❢✝ 1 ❣ ♥ � ❢ ☛ ( ✒ ) = ☛ ❙ ✒ ❙ ✿ ❥ ❙ ❥✔ ❦ Here ✒ is a vector of the variables ✒ ❙ , ❥ ❙ ❥ ✔ ❦ , in arbitrary order. Correlation-immune functions 8

Analysis of the domain of integration The integrand 1 + ❘❡ ✐❢ ☛ ● ( ✒ ) = ❡ � ✐ 2 ❦ q � 1 + ❘ ☛ ✷❢✝ 1 ❣ ♥ has greatest absolute value 1 when � ❢ ☛ = ❢ ☛ ( ✒ ) = ☛ ❙ ✒ ❙ ❥ ❙ ❥✔ ❦ is a multiple of 2 ✙ for each ❙ . When does that happen? Correlation-immune functions 9

Analysis of the domain of integration The integrand 1 + ❘❡ ✐❢ ☛ ● ( ✒ ) = ❡ � ✐ 2 ❦ q � 1 + ❘ ☛ ✷❢✝ 1 ❣ ♥ has greatest absolute value 1 when � ❢ ☛ = ❢ ☛ ( ✒ ) = ☛ ❙ ✒ ❙ ❥ ❙ ❥✔ ❦ is a multiple of 2 ✙ for each ❙ . When does that happen? Define the difference operator ✍ ❥ ❢ ( ☛ 1 ❀✿✿✿❀☛ ❥ ❀✿✿✿❀☛ ♥ ) = ❢ ( ☛ 1 ❀✿✿✿❀☛ ❥ ❀✿✿✿❀☛ ♥ ) � ❢ ( ☛ 1 ❀✿✿✿❀ � ☛ ❥ ❀✿✿✿❀☛ ♥ ) ✿ and in general ✍ ❙ = � ❥ ✷ ❙ ✍ ❥ . If each ❢ ☛ is a multiple of 2 ✙ , then so are all the differences. Now we compute ✍ ❙ ❢ ☛ = 2 ❥ ❙ ❥ � ☛ ❚ ✒ ❚ ✿ ❚ ✓ ❙ and apply this with decreasing ❥ ❙ ❥ . Correlation-immune functions 9