New classes of generalized bent functions Bimal Mandal Department - - PowerPoint PPT Presentation

new classes of generalized bent functions
SMART_READER_LITE
LIVE PREVIEW

New classes of generalized bent functions Bimal Mandal Department - - PowerPoint PPT Presentation

Dec 01, 2022 114 likes •408 views

New classes of generalized bent functions Bimal Mandal Department of Mathematics Indian Institute of Technology Roorkee Roorkee, India This is a joint work with Pantelimon St anic a and Sugata Gangopadhyay Boolean Functions and Their

slide-1
SLIDE 1

New classes of generalized bent functions

Bimal Mandal

Department of Mathematics Indian Institute of Technology Roorkee Roorkee, India This is a joint work with Pantelimon St˘ anic˘ a and Sugata Gangopadhyay Boolean Functions and Their Application (BFA) Norway, July 3-8, 2017 July 7, 2017

slide-2
SLIDE 2

Outlines

❑ Introduction ❑ Subspace sum of a generalized Boolean function and their properties ❑ Construction of Dp, Dp

0 and Cp classes of bent functions

❑ Existence and nonexistence of Cp class of bent functions ❑ References

2 / 28

slide-3
SLIDE 3

Generalized Boolean functions

❑ Fp = {0, 1, . . . , p − 1} is a field of characteristic p. ❑ Fpn is an extension field of degree n over Fp. ❑ Fn

p = {x = (x1, . . . , xn) : xi ∈ Fp} is a vector space over Fp.

❑ It can be checked that x = (x1, x2, . . . , xn) − → x1a1 + x2a2 + · · · + xnan is an Fp-vector space isomorphism from Fn

p.

❑ Any function f : Fn

p −

→ Fp is said to be a generalized Boolean function. ❑ Bp

n = the set of all generalized Boolean functions on n variables.

❑ ❚rn

1 : Fpn −

→ Fp is defined by ❚rn

1(x) = x + xp + xp2 + . . . + xpn−1.

3 / 28

slide-4
SLIDE 4

Continue

❑ Any f ∈ Bp

n can be uniquely expressed as

f(x1, x2, . . . , xn) =

  • a=(a1,...,an)∈Fn

p

µa n

  • i=1

xai

i

  • .

❑ The algebraic degree of f ∈ Bp

n is defined as

deg(f) = max

a∈Fn

p

n

  • i=1

ai : µa = 0

  • .

4 / 28

slide-5
SLIDE 5

Continue

❑ The generalized Walsh–Hadamard transform of f ∈ Bp

n at a ∈ Fn p is

defined as Hf(a) =

  • x∈Fn

p

ζf(x)−a·x. ❑ f ∈ Bp

n is called generalized bent function if

|Hf(a)| = p

n 2 for all a ∈ Fn

p.

❑ f ∈ Bp

n is a generalized bent function if for all 0 = a ∈ Fn p

  • x∈Fn

p

ζf(x+a)−f(x) = 0. ❑ The derivative of f ∈ Bp

n with respect to a ∈ Fn p is defined as

Daf(x) = f(x + a) − f(x) for all x ∈ Fn

p.

5 / 28

slide-6
SLIDE 6

Continue

❑ A class of bent functions is complete if it is globally invariant under the action of the general affine group and under the addition of affine functions. ❑ Ωf = (f(x0), f(x1), . . . , f(xpn−1)), f ∈ Bp

n.

❑ Rp(r, n)= the set of all codewords Ωf, where f ∈ Bp

n with

deg(f) ≤ r and 0 ≤ r ≤ n(p − 1). ❑ Let A be a group algebra of Fn

p over the field Fp. An element

x ∈ A can be expressed as x =

  • g∈Fn

p

xgX g, where xg ∈ Fp.

6 / 28

slide-7
SLIDE 7

Continue

❑ ψ : A − → Fp is defined by x =

  • g∈Fn

p

xgX g − →

  • gFn

p

xg for all x ∈ A. ❑ P = {x ∈ A : ψ(x) = 0} = {x ∈ A :

g∈Fn

p xg = 0} is the maximal

ideal of A. ❑ A = P0 ⊃ P ⊃ P2 ⊃ . . . ⊃ Pn(p−1) = Fp. ❑ PiPj = Pi+j and Pn(p−1)+1 = {0}. ❑ f ∈ Bp

n can be identified with the codeword Ωf = g∈Fn

p f(g)X g. 7 / 28

slide-8
SLIDE 8

Preliminary

❑ For any elements a, b ∈ Fn

p, we have [Carlet, Eurocrypt’93]

  • x∈−a+E

ζf(x)−b·x = pdim E− n

2 ζa·b

  • x∈b+E⊥

ζ

˜ f(x)−a·x,

where ζ = e

2πı p is the pth complex root of unity.

❑ The function f : Zn

q × Zn q → Zq of the form [Carlet, Eurocrypt’93]

f(x, y) = x · π(y) + q 2φE(x, y) is bent, where x · π(y) = 0 for all (x, y) ∈ E.

8 / 28

slide-9
SLIDE 9

Subspace sum of a function

❑ V = a1, · · · , ak = {a ∈ Fn

p : a = k

  • i=1

ciai, ci ∈ Fp, 1 ≤ i ≤ k}. ❑ Subspace sum of f ∈ Bp

n with respect to V is defined as

SVf(x) =

  • u∈V

f(x + u) for all x ∈ Fn

p.

Example Let f ∈ B3

n and V = a. Then SVf(x) = f(x + 2a) + f(x + a) + f(x).

Remark Let i ∈ {0, 1, . . . , p − 1} and V = a, 0 = a ∈ Fn

  • p. Then

SVf(x) = SVf(x + ia). (1)

9 / 28

slide-10
SLIDE 10

The k-th derivative

Lemma Let k ≤ p be a positive integer and f ∈ Bp

  • n. Then for any a ∈ Fn

p

DaDa . . . Da

  • k−times

f(x) =

k

  • i=0

(−1)i k i

  • f(x + (k − i)a) for all x ∈ Fn

p.

(2)

10 / 28

slide-11
SLIDE 11

The k-th derivative and the subspace sum I

Theorem Let V = a and f ∈ Bp

  • n. Then SVf(x) = DaDa . . . Da
  • (p−1)−times

f(x) for all x ∈ Fn

p.

Furthermore, for any r ∈ {0, 1, 2, . . . , p − 1} rSVf(x) = Dra Da . . . Da

  • (p−2)−times

f(x) for all x ∈ Fn

p.

Example Let f ∈ Bp

n and V = a. Then

SVf(x) = f(x + 2a) + f(x + a) + f(x) = DaDaf(x) 2SVf(x) = 2DaDaf(x) = D2aDaf(x) = DaD2af(x).

11 / 28

slide-12
SLIDE 12

More on k-th derivative and the subspace sum

Theorem Let V be a k-dimensional subspace of Fn

p generated by a1, a2, . . . , ak

and f ∈ Bp

  • n. Then

SVf(x) = Da1 . . . Da1

  • (p−1)−times

. . . Dak . . . Dak

  • (p−1)−times

f(x).

12 / 28

slide-13
SLIDE 13

Codes and the subspace sum

Proposition Let V be a k-dimensional subspace of Fn

p generated by a1, a2, . . . , ak.

Let f ∈ Bp

n be any function of degree r and h(x) = SVf(x), x ∈ Fn p.

Then

  • v∈V X v

Ωf is the associated codeword of SVf, that is, Ωh =

  • v∈V

X v

  • Ωf.

Proposition Let V be a k-dimensional subspace of Fn

p and f ∈ Bp n of degree r.

Then the degree of SVf is less than or equal to r − k(p − 1). In particular, the subspace sum of f with respect to any 1-dimensional subspace of Fn

p has degree at most r − p + 1.

13 / 28

slide-14
SLIDE 14

Affine equivalence of subspace sums

Theorem Let f ∈ Bp

n and Sk[f] denote the multiset of subspace sum of f with

respect to each k-dimensional subspace of Fn

  • p. If f, h ∈ Bp

n are affine

equivalent, then so are Sk[f] and Sk[h]. Precisely, if a nonsingular affine transformation A (operating on Fn

p) map f onto h, then it also

maps Sk[f] onto Sk[h]. Corollary If P is any affine invariant for Bp

n, then

f − → P{Sk[f]} is also an affine invariant for Bp

n.

14 / 28

slide-15
SLIDE 15

Maiorana-McFarland and subspace sums

Theorem Let m = 2n and f be a generalized Maiorana–McFarland bent function defined as f(x, y) = x · π(y) + g(y). Then there exists an n-dimensional subspace E of Fn

p × Fn p such that

  • 1. the subspace sum of f with respect to any one dimensional

subspaces of E is 0 if p is odd.

  • 2. the subspace sum of f with respect to any two dimensional

subspaces of E is 0 if p = 2.

15 / 28

slide-16
SLIDE 16

Some examples

Fact (Helleseth et al., Fact 1) Any ternary function f from F36 to F3, defined by f(x) = Tr 6

1 (α7x98),

(3) where α is a primitive element of F36, is bent and not weakly regular bent. Theorem The function f defined as in Equation (3) does not belong to the complete Mp class. Proof. Let V = a, where a ∈ F∗

  • 36. If SVf(x) = 0 for all x ∈ F36, then

2α7a34+32 = 0, which is a contradiction.

16 / 28

slide-17
SLIDE 17

Construction of Dp, Dp

0 and Cp I

Theorem Let E = E1 × E2, E1, E2 ⊆ Fn

p with dim E1 + dim E2 = n and ǫ ∈ Fp. The

generalized Boolean function f on Fn

p × Fn p of the form

f(x, y) = x · π(y) + ǫφE(x, y) (4) is a regular bent, where π is a permutation polynomial over Fn

p such

that π(E2) = E⊥

1 .

Remark The set of all the functions f defined as in Equation (4) is denoted by Dp and the dual of f is ˜ f(x, y) = y · π−1(x) + ǫφE⊥(x, y).

17 / 28

slide-18
SLIDE 18

Construction of Dp, Dp

0 and Cp II

Lemma Let n = 2t and p be an odd prime. Then for all x = (x1, x2, · · · , xn), y = (y1, y2, · · · , yn) ∈ Fn

p,

φE0(x, y) =

n

  • i=1

p−1

  • j=1

(xi − j), where E0 = {0} × Fn

p.

18 / 28

slide-19
SLIDE 19

Construction of Dp, Dp

0 and Cp III

Proof. If x = 0, then

n

  • i=1

p−1

  • j=1

(0 − j) =

n

  • i=1

(p − 1)! = 1 = ((p − 1)!)n = ((p − 1)!)2t. We know that (p − 1)! ≡ −1 (mod p). ( Wilson’s Theorem) The generalized Boolean function f on Fn

p × Fn p of the form

f(x, y) = x · π(y) + ǫφE0(x, y) = x · π(y) + ǫ

n

  • i=1

p−1

  • j=1

(xi − j) (5) is a regular bent, where E0 = {0} × Fn

p.

19 / 28

slide-20
SLIDE 20

Construction of Dp, Dp

0 and Cp IV

Remark The set of all the functions f defined as in Equation (5) is denoted by Dp

0 (Dp 0 ⊂ Dp). If f ∈ Dp 0 is an m variables, then

m ≡ 0 (mod 4). Theorem In general, Dp

0 and Dp are not included in the class Mp. Further, the

class Mp is in general not included in Dp

0 and Dp classes.

20 / 28

slide-21
SLIDE 21

Construction of Dp, Dp

0 and Cp V

Proof. x · (π(y) − π1(y)) = ǫ(φE(x, y) − φE(0, y)). (Dp → Mp) f(x, y) = x · ψ(y) + g(y) = x · ψ1(y) + ǫφE(x, y) and g(y) = ǫφE(0, y) ∈ {0, ǫ} for all y ∈ Fn

p.

(Mp → Dp)

21 / 28

slide-22
SLIDE 22

Construction of Dp, Dp

0 and Cp VI

Theorem Let L be any linear subspace of Fn

p and π be any permutation on Fn p

such that for any element λ of Fn

p, the set π−1(λ + L) is a flat. Then the

function f on Fn

p × Fn p:

f(x, y) = x · π(y) + ǫφL⊥(x), (6) where ǫ ∈ Fp, is a generalized bent Boolean function. Remark ❑ The class of bent functions defined as in Equation (6) will be denoted by Cp. ❑ In general Cp is not included in the Mp class.

22 / 28

slide-23
SLIDE 23

Existence and nonexistence of Cp I

For construction of Cp class of bent functions, we need a permutation π

  • n Fn

p such that π−1(a + L) is a flat for any a ∈ Fn p.

Lemma Let u1, u2, u3 ∈ Fn

  • 3. A set L = {u1, u2, u3} is flat of Fn

3 of dimension ≤ 1

if and only if u1 + u2 + u3 = 0. Theorem Consider the permutation polynomial φ over F34 [defined by L. Wang], φ(x) = x17 + x. Then there is no 1-dimensional subspace L of F34, such that φ(a + L) is flat for all a ∈ F34.

23 / 28

slide-24
SLIDE 24

Existence and nonexistence of Cp II

Theorem Let φ be a permutation polynomial on F34 [defined by L. Wang] of the form φ(x) = x(x16 + 1) = x17 + x. Then there is no 2-dimensional subspace L = u, v such that for all a ∈ F34, φ(a + L) is flat. Remark Consider the permutation polynomial [defined by R. Mattews] φ(x) = x + 1

  • ver F34. Then for any subspace L of F34 with dimension ≤ 2, φ(a + L)

is flat for all a ∈ F34.

24 / 28

slide-25
SLIDE 25

References

  • A. C. Ambrosimov, Properties of the Bent Functions of q-Ary Logic
  • ver Finite Fields, Discrete Mathematics, vol. 6 (3), pp. 50–60,

1994.

  • B. Mandal, P

. Stanica, S. Gangopadhyay, E. Pasalic, An Analysis

  • f the C Class of Bent Functions, Fundamenta Informaticae, vol.

146 (3), pp. 271–292, 2016.

  • C. Carlet, Two new classes of bent functions, in: Proc.

EUROCRYPT’93, LNCS, Springer, vol. 765, pp. 77–101, 1994.

  • E. F

. Assmus, J. Key, Polynomial Codes and Finite Geometries, In Handbook of Coding Theory–Part 2: Connections (V. S. Pless,

  • W. C. Huffman, and R. A. Brualdi, Eds.), Amsterdam The

Netherlands: Elsevier, Ch. 16, pp. 1269–1343, 1998.

25 / 28

slide-26
SLIDE 26

Continue

  • J. F

. Dillon, Elementary Hadamard difference sets, in: Proceedings

  • f 6th S. E. Conference on Combinatorics, Graph Theory, and

Computing, Utility Mathematics, Winnipeg, pp. 237–249, 1975.

  • L. Budaghyan, C. Carlet, T. Helleseth, A. Kholosha, Generalized

Bent Functions and their Relation to Maiorana-McFarland Class, International Symposium on Information Theory, pp. 1212–1215, 2012.

  • L. Wang, On Permutation Polynomials, Finite Fields and Their

Applications, vol. 8 (3), pp. 311–322, 2002. P . V. Kumar, R. A. Scholtz and L. R. Welch, Generalized bent functions and their properties, Journal of Combinatorial Theory, Series A, vol. 40 (1), pp. 90–107, 1985.

26 / 28

slide-27
SLIDE 27

Continue

  • R. Matthews, Permutation Properties of polynomials

1 + x + · · · + xk over a finite field, Proceedings of the American Mathematical Society, vol. 120 (1), pp. 47–51, 1994.

  • R. Lidl and H. Niederreiter. Finite Fields, Encyclopedia Math. Appl.,
  • vol. 20, Addison-Wesley, Reading, 1983.
  • S. Mesnager, Bent Functions, Fundamentals and Results,

Springer, 2016.

  • T. Helleseth and A. Kholosha, Monomial and quadratic bent

functions over the finite fields of odd characteristic, IEEE Transactions on Information Theory, vol. 52 (5), pp. 2018–2032, 2006.

  • T. W. Cusick, P

. St˘ anic˘ a, Cryptographic Boolean functions and applications, Elsevier–Academic Press, 2009.

27 / 28

slide-28
SLIDE 28

THANK YOU!