unicyclic strong permutations
play

Unicyclic strong permutations Claude Gravel (Universit e de Montr - PowerPoint PPT Presentation

Mar 13, 2024 •199 likes •820 views

Unicyclic strong permutations Claude Gravel (Universit e de Montr eal) Daniel Panario (Carleton University) David Thomson (Carleton University) Tuesday, June 19 th , and Wednesday, 20 th , 2018 The 3 rd International Workshop on B oolean

  1. Unicyclic strong permutations Claude Gravel (Universit´ e de Montr´ eal) Daniel Panario (Carleton University) David Thomson (Carleton University) Tuesday, June 19 th , and Wednesday, 20 th , 2018 The 3 rd International Workshop on B oolean F unctions and their A pplications BFA 2018 Loen (Norway) 1 / 41

  2. Some properties of permutations By unicyclic strong permutations, we mean permutations that satisfy: ( 1 ) Unicyclic (contains only one cycle of maximal length), ( 2 ) Number of terms per output bits is about 2 d − 1 , where d is the degree of the irreducible polynomial, ( 3 ) Maximal algebraic degree, ( 4 ) Easy to describe, ( 5 ) Small values of the first-order differences (differential cryptanalysis), ( 6 ) Small values of Walsh sums (Walsh spectrum cryptanalysis), ( 7 ) On-the-fly generation. We shall refer to above properties later when necessary. 2 / 41

  3. Finding unicyclic permutation For large n > 0, listing all of the n ! permutations, and retaining only the unicyclic ones is infeasible. The are exactly ( n − 1)! unicyclic permutations over a finite set of n distinct elements. 3 / 41

  4. Finding unicyclic permutation For large n > 0, listing all of the n ! permutations, and retaining only the unicyclic ones is infeasible. The are exactly ( n − 1)! unicyclic permutations over a finite set of n distinct elements. QUESTION : Is it possible to construct efficiently a subset of the set of all permutations which are easy to describe, permutations there have only one cycle (and eventually other strong properties)? 3 / 41

  5. Polynomial & permutation–example We construct a permutation over the set { 0 , 1 } d of binary words, hence n = 2 d . To fit here, d = 3. The construction uses operations over polynomials. 4 / 41

  6. Polynomial & permutation–example We construct a permutation over the set { 0 , 1 } d of binary words, hence n = 2 d . To fit here, d = 3. The construction uses operations over polynomials. NOTATION : P a ( X ) = a 0 + a 1 X + . . . + a d − 1 X d − 1 where a = ( a 0 , . . . , a d − 1 ) ∈ { 0 , 1 } d . FACT : For all nonzero a ∈ { 0 , 1 } 3 , functions over { 0 , 1 } 3 defined through P a ( X ) �→ P ℓ a ( X ) for ℓ = 1 , 2 , 3 , 4 , 5 , 6 are permutations. a ( X ) = P 2 d − 2 For example, we compute P 6 ( X ). a 4 / 41

  7. Polynomial & permutation–example cont’d For example, choosing the irreducible polynomial Q ( X ) = 1 + X 2 + X 3 , compute X j mod Q ( X ) for j = 0 , . . . , 6. 5 / 41

  8. Polynomial & permutation–example cont’d For example, choosing the irreducible polynomial Q ( X ) = 1 + X 2 + X 3 , compute X j mod Q ( X ) for j = 0 , . . . , 6. For a = a 0 a 1 a 2 ∈ { 0 , 1 } 3 , focus on P 2 k a ( X ). P 2 0 a ( X ) = P a ( X ) , P 2 1 X 2 , � � � � a ( X ) = a 0 + a 2 + a 2 X + a 1 + a 2 P 2 2 � 2 P 2 � a ( X ) = a ( X ) X + a 1 X 2 . � � � = a 0 + a 1 ) + a 1 + a 2 5 / 41

  9. Polynomial & permutation–example cont’d Finally, a ( X ) = P 2 1 a ( X ) P 2 2 P 6 a ( X ) � � = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 + � � a 1 + a 2 + a 0 a 1 + a 1 a 2 X + X 2 � � a 1 + a 0 a 2 + a 1 a 2 def = P b ( X ) , and 6 / 41

  10. Polynomial & permutation–example cont’d Finally, a 0 a 1 a 2 b 0 b 1 b 2 a ( X ) = P 2 1 a ( X ) P 2 2 P 6 0 0 0 0 0 0 a ( X ) 0 0 1 1 1 0 � � = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 + 0 1 0 0 1 1 � � a 1 + a 2 + a 0 a 1 + a 1 a 2 X + 0 1 1 0 1 0 X 2 � � a 1 + a 0 a 2 + a 1 a 2 1 0 0 1 0 0 def 1 0 1 1 1 1 = P b ( X ) , 1 1 0 0 0 1 1 1 1 1 0 1 and 6 / 41

  11. Polynomial & permutation–example cont’d Finally, a 0 a 1 a 2 b 0 b 1 b 2 a ( X ) = P 2 1 a ( X ) P 2 2 P 6 0 0 0 0 0 0 a ( X ) 0 0 1 1 1 0 � � = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 + 0 1 0 0 1 1 � � a 1 + a 2 + a 0 a 1 + a 1 a 2 X + 0 1 1 0 1 0 X 2 � � a 1 + a 0 a 2 + a 1 a 2 1 0 0 1 0 0 def 1 0 1 1 1 1 = P b ( X ) , 1 1 0 0 0 1 1 1 1 1 0 1 and FACT : For all d and irreducible polynomial Q ( X ) of degree d , the permutation obtained by considering P 2 d − 2 ( X ) mod Q has fixed a points and cycles of length two. NOTE : Another example with fixed points and cycle of length two is the non-linear part of AES for which d = 8. 6 / 41

  12. Polynomial & permutation–example cont’d Three binary coordinate functions, one for each power of X . Bits b 0 , b 1 , b 2 are themselves polynomials of the bits a 0 , a 1 , a 2 modulo 2. b 0 ( a 0 , a 1 , a 2 ) = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 , b 1 ( a 0 , a 1 , a 2 ) = a 1 + a 2 + a 0 a 1 + a 1 a 2 , b 2 ( a 0 , a 1 , a 2 ) = a 1 + a 0 a 2 + a 1 a 2 . 7 / 41

  13. Polynomial & permutation–example cont’d Three binary coordinate functions, one for each power of X . Bits b 0 , b 1 , b 2 are themselves polynomials of the bits a 0 , a 1 , a 2 modulo 2. b 0 ( a 0 , a 1 , a 2 ) = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 , b 1 ( a 0 , a 1 , a 2 ) = a 1 + a 2 + a 0 a 1 + a 1 a 2 , b 2 ( a 0 , a 1 , a 2 ) = a 1 + a 0 a 2 + a 1 a 2 . Like for polynomials with real coefficients, differential calculus can be used to approximate, and get information on the polynomials b 0 , b 1 , and b 2 ; this is differential cryptanalysis. Another cryptanalytic method is based the Walsh spectrum, and can translate easily into a quantum cryptanalytic method by using the quantum Fourier transform. 7 / 41

  14. Polynomial & permutation–example cont’d Three binary coordinate functions, one for each power of X . Bits b 0 , b 1 , b 2 are themselves polynomials of the bits a 0 , a 1 , a 2 modulo 2. b 0 ( a 0 , a 1 , a 2 ) = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 , b 1 ( a 0 , a 1 , a 2 ) = a 1 + a 2 + a 0 a 1 + a 1 a 2 , b 2 ( a 0 , a 1 , a 2 ) = a 1 + a 0 a 2 + a 1 a 2 . Like for polynomials with real coefficients, differential calculus can be used to approximate, and get information on the polynomials b 0 , b 1 , and b 2 ; this is differential cryptanalysis. Another cryptanalytic method is based the Walsh spectrum, and can translate easily into a quantum cryptanalytic method by using the quantum Fourier transform. FACT : The degree of the functions b j ( a )’s is d − 1 = 2. However, all the functions involved in P 2 k a ( X ) are linear in the a j ’s. . . 7 / 41

  15. Unicyclic strong permutations–Definition I Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is a permutation over { 0 , 1 } d constructed by composing d permutations σ k for k = 0 , . . . , d − 1 such that σ k is defined by the map: 8 / 41

  16. Unicyclic strong permutations–Definition I Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is a permutation over { 0 , 1 } d constructed by composing d permutations σ k for k = 0 , . . . , d − 1 such that σ k is defined by the map: � 2 d − 2 k − 1 � P σ k ( a ) ( X ) = P a ( X ) + P ( X ) (mod Q ) for k = 0 , . . . , d − 1 8 / 41

  17. Unicyclic strong permutations–Definition I Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is a permutation over { 0 , 1 } d constructed by composing d permutations σ k for k = 0 , . . . , d − 1 such that σ k is defined by the map: � 2 d − 2 k − 1 � P σ k ( a ) ( X ) = P a ( X ) + P ( X ) (mod Q ) for k = 0 , . . . , d − 1 a �→ σ k ( a ) 8 / 41

  18. Unicyclic strong permutations–Definition I Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is a permutation over { 0 , 1 } d constructed by composing d permutations σ k for k = 0 , . . . , d − 1 such that σ k is defined by the map: � 2 d − 2 k − 1 � P σ k ( a ) ( X ) = P a ( X ) + P ( X ) (mod Q ) for k = 0 , . . . , d − 1 a �→ σ k ( a ) And then σ = σ d − 1 ◦ σ d − 2 ◦ · · · ◦ σ 0 8 / 41

  19. Unicyclic strong permutations–Definition II Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is permutation over { 0 , 1 } d constructed by recurrence. A word a ∈ { 0 , 1 } d is mapped to b ∈ { 0 , 1 } d through a sequence of steps a = a (0) → . . . → a ( i ) → . . . → a ( d ) = σ ( a ) = b defined by 9 / 41

  20. Unicyclic strong permutations–Definition II Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is permutation over { 0 , 1 } d constructed by recurrence. A word a ∈ { 0 , 1 } d is mapped to b ∈ { 0 , 1 } d through a sequence of steps a = a (0) → . . . → a ( i ) → . . . → a ( d ) = σ ( a ) = b defined by P a (0) ( X ) = P a ( X ) � 2 d − 2 j − 1 − 1 � P a ( j ) ( X ) = P a ( j − 1) ( X ) + P ( X ) (mod Q ) for j = 1 , . . . , d 9 / 41

  21. Unicyclic strong permutations–Definition II Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is permutation over { 0 , 1 } d constructed by recurrence. A word a ∈ { 0 , 1 } d is mapped to b ∈ { 0 , 1 } d through a sequence of steps a = a (0) → . . . → a ( i ) → . . . → a ( d ) = σ ( a ) = b defined by P a (0) ( X ) = P a ( X ) � 2 d − 2 j − 1 − 1 � P a ( j ) ( X ) = P a ( j − 1) ( X ) + P ( X ) (mod Q ) for j = 1 , . . . , d a �→ b = ( b 0 ( a ) , . . . , b d − 1 ( a )) . 9 / 41

  22. An example without a giant cycle a = a ( 0 ) a = a ( 0 ) 0 32 1 33 2 34 3 35 4 36 5 37 6 38 7 39 8 40 9 41 10 42 11 43 12 44 13 45 14 46 15 47 16 48 17 49 18 50 19 51 20 52 21 53 22 54 23 55 24 56 25 57 26 58 27 59 28 60 29 61 30 62 31 63 P ( X ) = X 5 + 1, Q ( X ) = 1 + X + X 4 + X 5 + X 6 10 / 41

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Local convergence for random permutations The case of uniform pattern-avoiding permutations

Local convergence for random permutations The case of uniform pattern-avoiding permutations

Local convergence for random permutations The case of uniform pattern-avoiding permutations Jacopo Borga, Institut fr Mathematik, Universitt Zrich July 9, 2018 Dartmouth College, Hanover, New Hampshire Our goal 1. Scaling limits: Our

2.18k views • 175 slides
JUST THE MATHS SLIDES NUMBER 19.2 PROBABILITY 2 (Permutations and combinations) by

JUST THE MATHS SLIDES NUMBER 19.2 PROBABILITY 2 (Permutations and combinations) by

JUST THE MATHS SLIDES NUMBER 19.2 PROBABILITY 2 (Permutations and combinations) by A.J.Hobson 19.2.1 Introduction 19.2.2 Rules of permutations and combinations 19.2.3 Permutations of sets with some objects alike UNIT 19.2 -

400 views • 11 slides
Representing permutations without permutations The expressive power of sequential intersection

Representing permutations without permutations The expressive power of sequential intersection

Representing permutations without permutations The expressive power of sequential intersection Pierre VIAL Equipe Gallinette Inria (LS2N CNRS) June 10, 2018 Non-idempotent typing P. Vial 0 1 /33 Outline Non-idempotent Rigid vs.

1.4k views • 123 slides
Posets and Permutations in the Duplication-Loss Model: Minimal Permutations with d Descents.

Posets and Permutations in the Duplication-Loss Model: Minimal Permutations with d Descents.

Posets and Permutations in the Duplication-Loss Model: Minimal Permutations with d Descents. Mathilde Bouvel Elisa Pergola GASCom 2008 liafa Definitions Duplication-Loss Characterization Posets Enumeration Conclusion Outline of the talk 1

620 views • 31 slides
A Note on 5-bit Quadratic Permutations Classification Duan Boilov Begl Bilgin Hac

A Note on 5-bit Quadratic Permutations Classification Duan Boilov Begl Bilgin Hac

A Note on 5-bit Quadratic Permutations Classification Duan Boilov Begl Bilgin Hac Ali ahin March 6, 2017 Motivation 2/14 Permutations are main nonlinear part of symmetric primitives Quadratic permutations can be used to

381 views • 22 slides
Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1 Definitions A sequence a 1 , a 2 , . . . , a k of distinct integers is alternating if a 1 > a 2 < a 3 > a 4 < , and reverse alternating if

1.14k views • 98 slides
Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1 Basic

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1 Basic

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1 Basic definitions A sequence a 1 , a 2 , . . . , a k of distinct integers is alternating if a 1 > a 2 < a 3 > a 4 < , and reverse

1.59k views • 119 slides
Random permutations with logarithmic cycle Random permutations weights Classical measures The

Random permutations with logarithmic cycle Random permutations weights Classical measures The

Random permutations with logarithmic cycle weights Setting the scene Random permutations with logarithmic cycle Random permutations weights Classical measures The weighted measure The cycle counts C m Dirk Zeindler The cycle containing

1.6k views • 149 slides
Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. Basic

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. Basic

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. Basic definitions A sequence a 1 , a 2 , . . . , a k of distinct integers is alternating if a 1 > a 2 < a 3 > a 4 < , and reverse alternating

1.4k views • 119 slides
Algorithms and Pattern Avoiding Permutations Mikl os B ona Department of Mathematics

Algorithms and Pattern Avoiding Permutations Mikl os B ona Department of Mathematics

Algorithms and Pattern Avoiding Permutations Mikl os B ona Department of Mathematics University of Florida Gainesville FL 32611-8105 bona@ufl.edu May 27, 2013 Permutations A permutation is an arrangement of the integers { 1 , 2 ,

573 views • 40 slides
MATH 105: Finite Mathematics 6-4: Permutations Prof. Jonathan Duncan Walla Walla College Winter

MATH 105: Finite Mathematics 6-4: Permutations Prof. Jonathan Duncan Walla Walla College Winter

Types of Permutations Factorials Applications of Permutations Conclusion MATH 105: Finite Mathematics 6-4: Permutations Prof. Jonathan Duncan Walla Walla College Winter Quarter, 2006 Types of Permutations Factorials Applications of

959 views • 62 slides
s II, Acta Math. Acad. Sci. Hungar. 18 (1967), s S 151164; III, ibid. 18 (1967),

s II, Acta Math. Acad. Sci. Hungar. 18 (1967), s S 151164; III, ibid. 18 (1967),

Extremal problems Permutations How many permutations in a set (or group) with prescribed distances? Peter J. Cameron

524 views • 3 slides
Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Special

Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Special

Introduction Packing with Classical Restrictions Packing in Alternating Permutations Wrapping up Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Special Session on Patterns in Permutations AMS Fall

828 views • 50 slides
Enumeration of Pin-Permutations Fr ed erique Bassino Mathilde Bouvel Dominique Rossin ees

Enumeration of Pin-Permutations Fr ed erique Bassino Mathilde Bouvel Dominique Rossin ees

Enumeration of Pin-Permutations Fr ed erique Bassino Mathilde Bouvel Dominique Rossin ees AL Journ EA 2009 liafa Introduction Pin-permutations Decomposition tree Characterization Generating function Conclusion Main result of

665 views • 40 slides
Embeddings of Metrics on Strings and Permutations Graham Cormode joint work with S.

Embeddings of Metrics on Strings and Permutations Graham Cormode joint work with S.

Embeddings of Metrics on Strings and Permutations Graham Cormode joint work with S. Muthukrishnan, Cenk Sahinalp Miss Hepburn runs the gamut of emotions from A to B Dorothy Parker, 1933 Permutations and Strings Strings Web pages,

922 views • 42 slides
Discrete Mathematics in Computer Science Permutations Malte Helmert, Gabriele R oger

Discrete Mathematics in Computer Science Permutations Malte Helmert, Gabriele R oger

Discrete Mathematics in Computer Science Permutations Malte Helmert, Gabriele R oger University of Basel Permutations as Functions A permutation rearranges objects. Consider for example sequence o 2 , o 1 , o 3 , o 4 Lets rearrange the

634 views • 48 slides
An optimized subspace iteration eigensolver applied to sequences of dense eigenproblems in ab

An optimized subspace iteration eigensolver applied to sequences of dense eigenproblems in ab

Mitglied der Helmholtz-Gemeinschaft An optimized subspace iteration eigensolver applied to sequences of dense eigenproblems in ab initio simulations PMAA14, Lugano, Switzerland. July 4th E. Di Napoli and M. Berljafa Motivation: electronic

539 views • 37 slides
? ? ? of maximal independent subsets of A . ? Examples of matroids: E is a family

? ? ? of maximal independent subsets of A . ? Examples of matroids: E is a family

Slide 1 Slide 3 Codes Finite geometry and permutation groups: An [ n , k ] code over GF ( q ) is a k -dimensional sub- space of GF ( q ) n . Its elements are called codewords . some polynomial links The weight wt ( v ) of v is the number of

421 views • 4 slides
Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence Service 05-10-2015 05-10-2015 Who are we? Centre for Cyber Security In respect of the Rule of Law and Privacy Cyber is a priority (Gov.

455 views • 18 slides
Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October 30, 2012 Cyberwar Hits Energy Firms Escalating from Interruption to Destruction Iranian nuclear program: Stuxnet destroys 1,000+

253 views • 12 slides
AN INTRODUCTION TO THE MASLOV INDEX IN SYMPLECTIC TOPOLOGY Andrew Ranicki and Daniele Sepe

AN INTRODUCTION TO THE MASLOV INDEX IN SYMPLECTIC TOPOLOGY Andrew Ranicki and Daniele Sepe

1 AN INTRODUCTION TO THE MASLOV INDEX IN SYMPLECTIC TOPOLOGY Andrew Ranicki and Daniele Sepe (Edinburgh) http://www.maths.ed.ac.uk/ aar Maslov index seminar, 9 November 2009 2 The 1-dimensional Lagrangians Definition (i) Let R 2 have

429 views • 31 slides
Introduction Plethystic substitution Substitution operation in the ring of power series in

Introduction Plethystic substitution Substitution operation in the ring of power series in

A simplicial groupoid for plethysm Alex Cebrian Universitat Aut` onoma de Barcelona July 11, 2018 arXiv:1804.09462 Introduction Plethystic substitution Substitution operation in the ring of power series in infinitely many variables,

567 views • 30 slides
Hodge theory in combinatorics Eric Katz (University of Waterloo) joint with June Huh (IAS) and

Hodge theory in combinatorics Eric Katz (University of Waterloo) joint with June Huh (IAS) and

Hodge theory in combinatorics Eric Katz (University of Waterloo) joint with June Huh (IAS) and Karim Adiprasito (IAS) May 14, 2015 But Hodge shant be shot; no, no, Hodge shall not be shot. Samuel Johnson Eric Katz (Waterloo)

1.1k views • 93 slides
CPSC 490 Graphs+DP Part 4: SCC, 2-SAT; Part 1: Intro Lucca Siaudzionis and Jack

CPSC 490 Graphs+DP Part 4: SCC, 2-SAT; Part 1: Intro Lucca Siaudzionis and Jack

CPSC 490 Graphs+DP Part 4: SCC, 2-SAT; Part 1: Intro Lucca Siaudzionis and Jack Spalding-Jamieson 2020/01/21 University of British Columbia Announcements Assignment 1 is due this Saturday !!! In todays lecture, we will cover what

1.05k views • 67 slides

More recommend