Constructing Commutative Semifields of Square Order Advances in - - PowerPoint PPT Presentation
Constructing Commutative Semifields of Square Order Advances in Mathematics of Communications, 10(2), 2016, p291-306 Stephen M. Gagola III & Joanne L. Hall Department of Mathematics, Miami University, USA School of Science, RMIT
Advances in Mathematics of Communications, 10(2), 2016, p291-306
Stephen M. Gagola III & Joanne L. Hall
Department of Mathematics, Miami University, USA School of Science, RMIT
Information Security Seminar 10 March 2017
Semifields 10 Mar 2017 1 / 31
Alternating Fridays Cryptography Cyber Security Discrete Mathematics Information Theory Theory of telecomunications Upcoming Seminars 24th March: Stephen Davis 7 April: Jessica Leibig
Semifields 10 Mar 2017 2 / 31
1
Semifields and Planar Functions
2
Projection Construction for Semifields and Planar Functions
3
New Semifields
Semifields 10 Mar 2017 3 / 31
1
Semifields and Planar Functions
2
Projection Construction for Semifields and Planar Functions
3
New Semifields
Semifields 10 Mar 2017 4 / 31
Semi fields
A semi field is a set S with two binary operations + and × such that ♣ (S, +) is an abelian group ♥ (S \ {0}, ×) has an identity and division is always possible. ♦ The left and right distribution laws hold. ♣ Abelian group: + is well behaved + commutativity x+y=y+x + associativity (x+y)+z=x+(y+z) + identity x+0=0+x=x + inverses x+ (-x)=0 Familiar Abelian Groups (Z, +), (Zn, +), (R, +), (R \ {0}, ×)
Semifields 10 Mar 2017 5 / 31
♥ (S \ {0}, ×) has an identity, x × 1 = 1 × x = x. Division is always possible: for each a, b ∈ S there is a unique x, y ∈ S such that a × x = b and y × a = b. If (S \ {0}, ×) is also an abelian group, then S is a field. Familiar Fields: (R, +, ×), (C, +, ×), (Fq, +×). The set of m × m invertible matrices is a semi field. (Z, +, ×) is not a semifield, eg. 5 × x = 3 has no solution in integers.
Semifields 10 Mar 2017 6 / 31
♦ The left and right distribution laws hold. (a + b) × c = (a × c) + (b × c) + and × behave well together
Semifields 10 Mar 2017 7 / 31
Planar Function
Let F be a field. A function f : F → F is called a planar function if for every a ∈ F∗ the function ∆f,a : x → f(x + a) − f(x) is a permutation. Example 1 f(x) = x2 on R. ∆f,a(x) = (x + a)2 − x2 = 2ax − a2 This is a linear function, which is a permutation of R Example 2 g(x) = x10 + x6 − x2 on F34. ∆f,a(x) = (x + a)10 + (x + a)6 − (x + a)2 − x10 − x6 + x2 = a10 + a9x + a6 + 2a3x3 − a2 + ax9 − 2ax Which is a permutation on F4
3
Semifields 10 Mar 2017 8 / 31
Example 2 g(x) = x10 + x6 − x2 on F34. Rewrite the powers as sums of powers of the characteristic of the field g(x) = x32+30 + x31+31 + x30+30
Dembowski-Ostrom Polynoimial
A polynomial f(x) ∈ Fpr [x] is a Dembowski-Ostrom polynomial if it has the shape f(x) =
k
aijxpi+pj. Almost all known planar functions on finite fields are Dembowski-Ostrom polynomials.
Semifields 10 Mar 2017 9 / 31
Theorem 1 [Coulter and Henderson 2008]
A planar function which is a Dembowski-Ostrom polynomial is equivalent to a commutative semi field Let p be an odd prime, and let f(x) be a polynomial on (Fpr , +, ×) Then an operation may be defined by x ⋆ y = f(x + y) − f(x) − f(y) Then the structure S = (Fpr , +, ⋆) is a commutative semi-field if and only if f(x) is a Dembowski-Ostrom planar polynomial. Furthermore EA equivalence of planar functions corresponds with isotopism (≃) of commutative semi fields.
Semifields 10 Mar 2017 10 / 31
Finite Geometry Hadamard matrices Cryptography Quantum Information Theory Error correcting codes Signal sets for wireless transmission
Semifields 10 Mar 2017 11 / 31
x2, Galois Fields xpk+1 on Fpr such that r/gcd(r, k) is odd, Alberts Twisted Semi Fields [Dembowski & Ostrom, 1968] x2 + j (x − xpr )2 (β − βpr )2 − β2 (x − xpr )2 (β − βpr )2
Semi Fields [Dickson 1906, Bundunghyn & Helleseth 2008] xpr+1 + ω(βxps+1 + βpr x(ps+1)pr )
p2r such that apr = −a
and aps = −a and βpr−1 is not contained in the subgroup of order pr + 1/gcd(pr + 1, ps + 1). Projection Semi Fields [Bierbrauer, 2009] . . .
Semifields 10 Mar 2017 12 / 31
x10 ± x6 − x2 on F3r [Coulter & Mathews, 1997] x2 + x90 on F35 (Weng, 2007) x(3k+1)/2 on F3r where k is odd and gcd(k, r) = 1 [Coulter & Mathews,1997)]No Semifield Not Dembowski-Ostrom Generalised Budaghyan-Helleseth semifields [Bierbrauer, 2011] Zhou Pott Semifield [Zhout & Pott, 2013] . . .
Semifields 10 Mar 2017 13 / 31
Planar polynomials Π and Π′ with Π′(x) = (L1 ◦ Π ◦ L2) (x) + L3(x) are said to be EA-equivalent if L1(x), L2(x), L3(x) are affine polynomials and L1(x), L2(x) are bijections Two presemifields S1 = (S, +, ∗) and S2 = (S, +, ◦) are isotopic if there exist three linearized permutation polynomials L1, L2, L3 over S such that L1(x) ◦ L2(y) = L3(x ∗ y) for any x, y ∈ S.
Theorem [Coulter & Henderson 2008]
EA-equivalent Dembowski-Ostrom planar polynomials construct isotopic commutative semifields.
Semifields 10 Mar 2017 14 / 31
1
Semifields and Planar Functions
2
Projection Construction for Semifields and Planar Functions
3
New Semifields
Semifields 10 Mar 2017 15 / 31
Semifields 10 Mar 2017 16 / 31
Theorem 3 [Gagola & Hall, 2016]
Let g(x) and h(x) be planar Dembowski-Ostrom monomials over Fp2r . If either g(x) = x2 or h(x) = x2, then f(x) = g(x) + g(x)pr + h(x) − h(x)pr is planar over Fp2r . The corresponding semifield multiplication is x ⋆ y = f(x + y) − f(x) − f(y)
Semifields 10 Mar 2017 17 / 31
Theorem 4 [Gagola & Hall, 2016]
Let h(x) = x2 ∈ Fp2r [x], g(x) = xpk+1 be a planar function on Fp2r , and let f(x) = g(x) + g(x)pr + h(x) − h(x)pr . Then the semifield associated with f(x) is isotopic to the Zhou-Pott commutative semifield .
x ◦ y = (x1 + x2ω) ◦ (y1 + y2ω) Let L1 and L2 be linearized permutation polynomials over Fp2r L1(x) = 3x − xpr L2(x) = 3
2x − 1 2xpr .
L1(x1 + x2ω) ◦ L2(y1 + y2ω) = (x1 + x2ω)⋆(y1 + y2ω)
Semifields 10 Mar 2017 18 / 31
Theorem 5 [Gagola & Hall, 2016]
Let g(x) = x2 ∈ Fp2r [x], h(x) = xpk+pi be a planar function on Fp2r and let f(x) = g(x) + g(x)pr + h(x) − h(x)pr . If either r is even or p ≡ 1 (mod 4), then f(x) is equivalent to a generalized Budaghyan-Helleseth planar function.
Theorem 6 [Gagola & Hall, 2016]
Let g(x) = x2 ∈ Fp2r [x], h(x) = xpk+1 a planar function on Fp2r and let f(x) = g(x) + g(x)pr + h(x) − h(x)pr . If r is odd and p ≡ 3 (mod 4), then the semifield associated with f(x) is isotopic to a Zhou-Pott semifield.
Semifields 10 Mar 2017 19 / 31
Semifields 10 Mar 2017 20 / 31
1
Semifields and Planar Functions
2
Projection Construction for Semifields and Planar Functions
3
New Semifields
Semifields 10 Mar 2017 21 / 31
The following are examples of planar functions of the form xpi+1 + x(pi+1)pr + xps+1 − x(ps+1)pr ∈ Fp2r [x]. F1 x6 + x(6)53 + x26 − x(26)53 ∈ F56[x] F2 x8 + x(8)73 + x50 − x(50)73 ∈ F76[x] F3 x10 + x(10)36 + x82 − x(82)36 ∈ F312[x] F4 x10 + x(10)36 + x28 − x(28)36 ∈ F312[x]
Obtained via computer search using GAP .
Semifields 10 Mar 2017 22 / 31
The multiplication operation on a semifield is not always associative. a(bc) = (ab)c is not always true Let S be a semifield. The subsets Nl(S) = {a ∈ S | a(xy) = (ax)y for all x, y ∈ S} , Nm(S) = {a ∈ S | x(ay) = (xa)y for all x, y ∈ S} , Nr(S) = {a ∈ S | x(ya) = (xy)a for all x, y ∈ S} , are called the left, middle and right nucleus of S, respectively. Nuclei are fields. The size of the nuclei is invariant under isotopism [Knuth1965]. We use the size of Nuclei as a tool to show non-isotopism.
Semifields 10 Mar 2017 23 / 31
Let f(x) be a planar function over a finite field F. If the middle nucleus
associated with f is F, and hence, f(x) is EA-equivalent to x2 ∈ F[x].
Semifields 10 Mar 2017 24 / 31
Theorem 7 [Gagola & Hall 2016]
Suppose f(x) = xpn+1 + x(pn+1)pr + xpm+1 − x(pm+1)pr is planar over Fp2r . If xpm+1 is planar over Fp2r , then the middle nucleus of a commutative semifield associated with f has order equal to pgcd(2n,m,2r).
Theorem 8 [Gagola & Hall 2016]
Suppose f(x) = xpn+1 + x(pn+1)p3n + xp2n+1 − x(p2n+1)p3n is planar over
equal to the middle nucleus and has order of p2n.
Semifields 10 Mar 2017 25 / 31
Corollary: The orders of the nuclei of the first 3 computationally
Planar function |Nm| |Nl| F1 x6 + x(6)53 + x26 − x(26)53 ∈ F56[x 52 52 F2 x8 + x(8)73 + x50 − x(50)73 ∈ F76[x] 72 72 F3 x10 + x(10)36 + x82 − x(82)36 ∈ F312[x] 34 34
Semifields 10 Mar 2017 26 / 31
Note x10 + x(10)36 + 228 − x(28)36 does not fit Theorem 8. Use direct computations Planar function |Nm| |Nl| F1 x6 + x(6)53 + x26 − x(26)53 ∈ F56[x 52 52 F2 x8 + x(8)73 + x50 − x(50)73 ∈ F76[x] 72 72 F3 x10 + x(10)36 + x82 − x(82)36 ∈ F312[x] 34 34 F4 x10 + x(10)36 + 228 − x(28)36 ∈ F313[x] 32 3 Compare to the nuclei of the Zhou-Pott semifields. [Zhou & Pott 2013] Semifield |Nm| |Nl| Zhou-Pott of order 56 52 or 54 5 or 54 Zhou-Pott of order 76 72 or 74 7 or 74 Zhou-Pott of order 312 32 or 34 or 36 3 or 34 or 36 Hence F1,F2,F3 are not Zhou-Pott Semifields.
Semifields 10 Mar 2017 27 / 31
Note x10 + x(10)36 + 228 − x(28)36 does not fit Theorem 8. Use direct computations Planar function |Nm| |Nl| F1 x6 + x(6)53 + x26 − x(26)53 ∈ F56[x 52 52 F2 x8 + x(8)73 + x50 − x(50)73 ∈ F76[x] 72 72 F3 x10 + x(10)36 + x82 − x(82)36 ∈ F312[x] 34 34 F4 x10 + x(10)36 + 228 − x(28)36 ∈ F313[x] 32 3 Generalised Budaghyan-Helleseth semifield [Marino & Polverino 2012] Semifield |Nm| |Nl| BH of order 56 52 or 54 5 or 52 BH of order 76 72 or 74 7 or 72 BH of order 312 32 or 34 or 36 3 or 32 or 33 Hence F1,F2,F3 are not Generalised Budaghyan-Helleseth Semifields.
Semifields 10 Mar 2017 28 / 31
Theorem 8 [Gagola & Hall 2016]
The planar function F4 : f(x) = x10 + x(10)36 + x28 − x(28)36 ∈ F312[x] is not EA-equivalent to any previously known planar functions and its corresponding semifield is not isotopic to any previously known semifields. Proof: If F4 is EA equivalent to the BH planar function then BH(L1(x)) = L2(f(x)) with L1(x) = c0x + c1xp + c2xp2 + · · · + c2r−1xp2r−1 L2(x) = d0x + d1xp + d2xp2 + · · · + d2r−1xp2r−1 With some rearanging we get the following equation BH(L1(x)) + BH(L1(x))pr = L2(f(x)) + L2(f(x))pr , which implies that the coefficient cjcpr
j+r, is zero for any 0 ≤ j < r.
Hence L1 = 0, and is not a bijection. Similar proof F4 is not equivalent to Zhou Pott semi field.
Semifields 10 Mar 2017 29 / 31
The projection construction of Planar functions extends to Dembowski-Ostrom planar monomials, If either g(x) = x2 or h(x) = x2, then f(x) = g(x) + g(x)pr + h(x) − h(x)pr is planar over Fp2r . Four new planar functions.
F1 x6 + x(6)53 + x26 − x(26)53 ∈ F56[x] F2 x8 + x(8)73 + x50 − x(50)73 ∈ F76[x] F3 x10 + x(10)36 + x82 − x(82)36 ∈ F312[x] F4 x10 + x(10)36 + x28 − x(28)36 ∈ F312[x]
Semifields 10 Mar 2017 30 / 31
Square Order Advances in Mathematics of Communications, 10(2), 2016, p291-306
Semifields 10 Mar 2017 31 / 31