-
When does a bent concatenation not belong to the completed Maiorana-McFarland class?
Authors:
Sadmir Kudin,
Enes Pasalic,
Alexandr Polujan,
Fengrong Zhang
Abstract:
Every Boolean bent function $f$ can be written either as a concatenation $f=f_1||f_2$ of two complementary semi-bent functions $f_1,f_2$; or as a concatenation $f=f_1||f_2||f_3||f_4$ of four Boolean functions $f_1,f_2,f_3,f_4$, all of which are simultaneously bent, semi-bent, or 5-valued spectra-functions. In this context, it is essential to ask: When does a bent concatenation $f$ (not) belong to…
▽ More
Every Boolean bent function $f$ can be written either as a concatenation $f=f_1||f_2$ of two complementary semi-bent functions $f_1,f_2$; or as a concatenation $f=f_1||f_2||f_3||f_4$ of four Boolean functions $f_1,f_2,f_3,f_4$, all of which are simultaneously bent, semi-bent, or 5-valued spectra-functions. In this context, it is essential to ask: When does a bent concatenation $f$ (not) belong to the completed Maiorana-McFarland class $\mathcal{M}^\#$? In this article, we answer this question completely by providing a full characterization of the structure of $\mathcal{M}$-subspaces for the concatenation of the form $f=f_1||f_2$ and $f=f_1||f_2||f_3||f_4$, which allows us to specify the necessary and sufficient conditions so that $f$ is outside $\mathcal{M}^\#$. Based on these conditions, we propose several explicit design methods of specifying bent functions outside $\mathcal{M}^\#$ in the special case when $f=g||h||g||(h+1)$, where $g$ and $h$ are bent functions.
△ Less
Submitted 24 April, 2024;
originally announced April 2024.
-
Vectorial Negabent Concepts: Similarities, Differences, and Generalizations
Authors:
Nurdagül Anbar,
Sadmir Kudin,
Wilfried Meidl,
Enes Pasalic,
Alexandr Polujan
Abstract:
In Pasalic et al., IEEE Trans. Inform. Theory 69 (2023), 2702--2712, and in Anbar, Meidl, Cryptogr. Commun. 10 (2018), 235--249, two different vectorial negabent and vectorial bent-negabent concepts are introduced, which leads to seemingly contradictory results. One of the main motivations for this article is to clarify the differences and similarities between these two concepts. Moreover, the neg…
▽ More
In Pasalic et al., IEEE Trans. Inform. Theory 69 (2023), 2702--2712, and in Anbar, Meidl, Cryptogr. Commun. 10 (2018), 235--249, two different vectorial negabent and vectorial bent-negabent concepts are introduced, which leads to seemingly contradictory results. One of the main motivations for this article is to clarify the differences and similarities between these two concepts. Moreover, the negabent concept is extended to generalized Boolean functions from \(\mathbb{F}_2^n\) to the cyclic group \(\mathbb{Z}_{2^k}\). It is shown how to obtain nega-\(\mathbb{Z}_{2^k}\)-bent functions from \(\mathbb{Z}_{2^k}\)-bent functions, or equivalently, corresponding non-splitting relative difference sets from the splitting relative difference sets. This generalizes the shifting results for Boolean bent and negabent functions. We finally point to constructions of \(\mathbb{Z}_8\)-bent functions employing permutations with the \((\mathcal{A}_m)\) property, and more generally we show that the inverse permutation gives rise to \(\mathbb{Z}_{2^k}\)-bent functions.
△ Less
Submitted 8 February, 2024;
originally announced February 2024.
-
Bent functions satisfying the dual bent condition and permutations with the $(\mathcal{A}_m)$ property
Authors:
Alexandr Polujan,
Enes Pasalic,
Sadmir Kudin,
Fengrong Zhang
Abstract:
The concatenation of four Boolean bent functions $f=f_1||f_2||f_3||f_4$ is bent if and only if the dual bent condition $f_1^* + f_2^* + f_3^* + f_4^* =1$ is satisfied. However, to specify four bent functions satisfying this duality condition is in general quite a difficult task. Commonly, to simplify this problem, certain connections between $f_i$ are assumed, as well as functions $f_i$ of a speci…
▽ More
The concatenation of four Boolean bent functions $f=f_1||f_2||f_3||f_4$ is bent if and only if the dual bent condition $f_1^* + f_2^* + f_3^* + f_4^* =1$ is satisfied. However, to specify four bent functions satisfying this duality condition is in general quite a difficult task. Commonly, to simplify this problem, certain connections between $f_i$ are assumed, as well as functions $f_i$ of a special shape are considered, e.g., $f_i(x,y)=x\cdotπ_i(y)+h_i(y)$ are Maiorana-McFarland bent functions. In the case when permutations $π_i$ of $\mathbb{F}_2^m$ have the $(\mathcal{A}_m)$ property and Maiorana-McFarland bent functions $f_i$ satisfy the additional condition $f_1+f_2+f_3+f_4=0$, the dual bent condition is known to have a relatively simple shape allowing to specify the functions $f_i$ explicitly. In this paper, we generalize this result for the case when Maiorana-McFarland bent functions $f_i$ satisfy the condition $f_1(x,y)+f_2(x,y)+f_3(x,y)+f_4(x,y)=s(y)$ and provide a construction of new permutations with the $(\mathcal{A}_m)$ property from the old ones. Combining these two results, we obtain a recursive construction method of bent functions satisfying the dual bent condition. Moreover, we provide a generic condition on the Maiorana-McFarland bent functions stemming from the permutations of $\mathbb{F}_2^m$ with the $(\mathcal{A}_m)$ property, such that their concatenation does not belong, up to equivalence, to the Maiorana-McFarland class. Using monomial permutations $π_i$ of $\mathbb{F}_{2^m}$ with the $(\mathcal{A}_m)$ property and monomial functions $h_i$ on $\mathbb{F}_{2^m}$, we provide explicit constructions of such bent functions. Finally, with our construction method, we explain how one can construct homogeneous cubic bent functions, noticing that only very few design methods of these objects are known.
△ Less
Submitted 16 October, 2023;
originally announced October 2023.
-
Design and analysis of bent functions using $\mathcal{M}$-subspaces
Authors:
Enes Pasalic,
Alexandr Polujan,
Sadmir Kudin,
Fengrong Zhang
Abstract:
In this article, we provide the first systematic analysis of bent functions $f$ on $\mathbb{F}_2^{n}$ in the Maiorana-McFarland class $\mathcal{MM}$ regarding the origin and cardinality of their $\mathcal{M}$-subspaces, i.e., vector subspaces on which the second-order derivatives of $f$ vanish. By imposing restrictions on permutations $π$ of $\mathbb{F}_2^{n/2}$, we specify the conditions, such th…
▽ More
In this article, we provide the first systematic analysis of bent functions $f$ on $\mathbb{F}_2^{n}$ in the Maiorana-McFarland class $\mathcal{MM}$ regarding the origin and cardinality of their $\mathcal{M}$-subspaces, i.e., vector subspaces on which the second-order derivatives of $f$ vanish. By imposing restrictions on permutations $π$ of $\mathbb{F}_2^{n/2}$, we specify the conditions, such that Maiorana-McFarland bent functions $f(x,y)=x\cdot π(y) + h(y)$ admit a unique $\mathcal{M}$-subspace of dimension $n/2$. On the other hand, we show that permutations $π$ with linear structures give rise to Maiorana-McFarland bent functions that do not have this property. In this way, we contribute to the classification of Maiorana-McFarland bent functions, since the number of $\mathcal{M}$-subspaces is invariant under equivalence. Additionally, we give several generic methods of specifying permutations $π$ so that $f\in\mathcal{MM}$ admits a unique $\mathcal{M}$-subspace. Most notably, using the knowledge about $\mathcal{M}$-subspaces, we show that using the bent 4-concatenation of four suitably chosen Maiorana-McFarland bent functions, one can in a generic manner generate bent functions on $\mathbb{F}_2^{n}$ outside the completed Maiorana-McFarland class $\mathcal{MM}^\#$ for any even $n\geq 8$. Remarkably, with our construction methods it is possible to obtain inequivalent bent functions on $\mathbb{F}_2^8$ not stemming from two primary classes, the partial spread class $\mathcal{PS}$ and $\mathcal{MM}$. In this way, we contribute to a better understanding of the origin of bent functions in eight variables, since only a small fraction, of which size is about $2^{76}$, stems from $\mathcal{PS}$ and $\mathcal{MM}$, whereas the total number of bent functions on $\mathbb{F}_2^8$ is approximately $2^{106}$.
△ Less
Submitted 26 April, 2023;
originally announced April 2023.
-
Generic constructions of 5-valued spectra Boolean functions
Authors:
S. Hodžić,
E. Pasalic,
W. G. Zhang
Abstract:
Whereas the design and properties of bent and plateaued functions have been frequently addressed during the past few decades, there are only a few design methods of so-called 5-valued spectra Boolean functions whose Walsh spectra takes the values in $\{0, \pm 2^{λ_1}, \pm 2^{λ_2}\}$. Moreover, these design methods mainly regards the specification of these functions in their ANF (algebraic normal f…
▽ More
Whereas the design and properties of bent and plateaued functions have been frequently addressed during the past few decades, there are only a few design methods of so-called 5-valued spectra Boolean functions whose Walsh spectra takes the values in $\{0, \pm 2^{λ_1}, \pm 2^{λ_2}\}$. Moreover, these design methods mainly regards the specification of these functions in their ANF (algebraic normal form) domain. In this article, we give a precise characterization of this class of functions in their spectral domain using the concept of a dual of plateaued functions. Both necessary and sufficient conditions on the Walsh support of these functions are given which then connects their design (in spectral domain) to a family of so-called {\em totally (non-overlap) disjoint spectra plateaued functions}. We identify some suitable families of plateaued functions having this property, thus providing some generic methods in the spectral domain. Furthermore, we also provide an extensive analysis of their constructions in the ANF domain and provide several generic design methods. The importance of this class of functions is manifolded, where apart from being suitable for some cryptographic applications we emphasize their property of being constituent functions in the so-called 4-bent decomposition.
△ Less
Submitted 27 November, 2018;
originally announced November 2018.
-
Designing plateaued Boolean functions in spectral domain and their classification
Authors:
S. Hodžić,
E. Pasalic,
Y. Wei,
F. Zhang
Abstract:
The design of plateaued functions over $GF(2)^n$, also known as 3-valued Walsh spectra functions (taking the values from the set $\{0, \pm 2^{\lceil \frac{n+s}{2} \rceil}\}$), has been commonly approached by specifying a suitable algebraic normal form which then induces this particular Walsh spectral characterization. In this article, we consider the reversed design method which specifies these fu…
▽ More
The design of plateaued functions over $GF(2)^n$, also known as 3-valued Walsh spectra functions (taking the values from the set $\{0, \pm 2^{\lceil \frac{n+s}{2} \rceil}\}$), has been commonly approached by specifying a suitable algebraic normal form which then induces this particular Walsh spectral characterization. In this article, we consider the reversed design method which specifies these functions in the spectral domain by specifying a suitable allocation of the nonzero spectral values and their signs. We analyze the properties of trivial and nontrivial plateaued functions (as affine inequivalent distinct subclasses), which are distinguished by their Walsh support $S_f$ (the subset of $GF(2)^n$ having the nonzero spectral values) in terms of whether it is an affine subspace or not. The former class exactly corresponds to partially bent functions and admits linear structures, whereas the latter class may contain functions without linear structures. A simple sufficient condition on $S_f$, which ensures the nonexistence of linear structures, is derived and some generic design methods of nontrivial plateaued functions without linear structures are given. The extended affine equivalence of plateaued functions is also addressed using the concept of dual of plateaued functions. Furthermore, we solve the problem of specifying disjoint spectra (non)trivial plateaued functions of maximal cardinality whose concatenation can be used to construct bent functions in a generic manner. This approach may lead to new classes of bent functions due to large variety of possibilities to select underlying duals that define these disjoint spectra plateaued functions. An additional method of specifying affine inequivalent plateaued functions, obtained by applying a nonlinear transform to their input domain, is also given.
△ Less
Submitted 9 November, 2018;
originally announced November 2018.
-
A general framework for secondary constructions of bent and plateaued functions
Authors:
S. Hodžić,
E. Pasalic,
Y. Wei
Abstract:
In this work, we employ the concept of {\em composite representation} of Boolean functions, which represents an arbitrary Boolean function as a composition of one Boolean function and one vectorial function, for the purpose of specifying new secondary constructions of bent/plateaued functions. This representation gives a better understanding of the existing secondary constructions and it also allo…
▽ More
In this work, we employ the concept of {\em composite representation} of Boolean functions, which represents an arbitrary Boolean function as a composition of one Boolean function and one vectorial function, for the purpose of specifying new secondary constructions of bent/plateaued functions. This representation gives a better understanding of the existing secondary constructions and it also allows us to provide a general construction framework of these objects. This framework essentially gives rise to an {\em infinite number} of possibilities to specify such secondary construction methods (with some induced sufficient conditions imposed on initial functions) and in particular we solve several open problems in this context. We provide several explicit methods for specifying new classes of bent/plateaued functions and demonstrate through examples that the imposed initial conditions can be easily satisfied. Our approach is especially efficient when defining new bent/plateaued functions on larger variable spaces than initial functions. For instance, it is shown that the indirect sum methods and Rothaus' construction are just special cases of this general framework and some explicit extensions of these methods are given. In particular, similarly to the basic indirect sum method of Carlet, we show that it is possible to derive (many) secondary constructions of bent functions without any additional condition on initial functions apart from the requirement that these are bent functions. In another direction, a few construction methods that generalize the secondary constructions which do not extend the variable space of the employed initial functions are also proposed.
△ Less
Submitted 19 September, 2018;
originally announced September 2018.
-
Permutations via linear translators
Authors:
Nastja Cepak,
Pascale Charpin,
Enes Pasalic
Abstract:
We show that many infinite classes of permutations over finite fields can be constructed via translators with a large choice of parameters. We first charac- terize some functions having linear translators, based on which several families of permutations are then derived. Extending the results of [10], we give in several cases the compositional inverse of these permutations. The connection with com…
▽ More
We show that many infinite classes of permutations over finite fields can be constructed via translators with a large choice of parameters. We first charac- terize some functions having linear translators, based on which several families of permutations are then derived. Extending the results of [10], we give in several cases the compositional inverse of these permutations. The connection with complete permutations is also utilized to provide further infinite classes of permutations. Moreover, we propose new tools to study permutations of the form x is mapped to x+(x^(p^m) - x+ lambda)^s and a few infinite classes of permutations of this form are proposed.
△ Less
Submitted 12 December, 2016; v1 submitted 29 September, 2016;
originally announced September 2016.
-
Optimizing the placement of tap positions and guess and determine cryptanalysis with variable sampling
Authors:
S. Hodžić,
E. Pasalic,
Y. Wei
Abstract:
In this article an optimal selection of tap positions for certain LFSR-based encryption schemes is investigated from both design and cryptanalytic perspective. Two novel algorithms towards an optimal selection of tap positions are given which can be satisfactorily used to provide (sub)optimal resistance to some generic cryptanalytic techniques applicable to these schemes. It is demonstrated that c…
▽ More
In this article an optimal selection of tap positions for certain LFSR-based encryption schemes is investigated from both design and cryptanalytic perspective. Two novel algorithms towards an optimal selection of tap positions are given which can be satisfactorily used to provide (sub)optimal resistance to some generic cryptanalytic techniques applicable to these schemes. It is demonstrated that certain real-life ciphers (e.g. SOBER-t32, SFINKS and Grain-128), employing some standard criteria for tap selection such as the concept of full difference set, are not fully optimized with respect to these attacks. These standard design criteria are quite insufficient and the proposed algorithms appear to be the only generic method for the purpose of (sub)optimal selection of tap positions. We also extend the framework of a generic cryptanalytic method called Generalized Filter State Guessing Attacks (GFSGA), introduced in [26] as a generalization of the FSGA method, by applying a variable sampling of the keystream bits in order to retrieve as much information about the secret state bits as possible. Two different modes that use a variable sampling of keystream blocks are presented and it is shown that in many cases these modes may outperform the standard GFSGA mode. We also demonstrate the possibility of employing GFSGA-like attacks to other design strategies such as NFSR-based ciphers (Grain family for instance) and filter generators outputting a single bit each time the cipher is clocked. In particular, when the latter scenario is considered, the idea of combining GFSGA technique and algebraic attacks appears to be a promising unified cryptanalytic method against NFSR-based stream ciphers.
△ Less
Submitted 27 September, 2016;
originally announced September 2016.
-
Full characterization of generalized bent functions as (semi)-bent spaces, their dual, and the Gray image
Authors:
Samir Hodžić,
Wilfried Meidl,
Enes Pasalic
Abstract:
In difference to many recent articles that deal with generalized bent (gbent) functions $f:\mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$ for certain small valued $q\in \{4,8,16 \}$, we give a complete description of these functions for both $n$ even and odd and for any $q=2^k$ in terms of both the necessary and sufficient conditions their component functions need to satisfy. This enables us to complete…
▽ More
In difference to many recent articles that deal with generalized bent (gbent) functions $f:\mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$ for certain small valued $q\in \{4,8,16 \}$, we give a complete description of these functions for both $n$ even and odd and for any $q=2^k$ in terms of both the necessary and sufficient conditions their component functions need to satisfy. This enables us to completely characterize gbent functions as algebraic objects, namely as affine spaces of bent or semi-bent functions with interesting additional properties, which we in detail describe. We also specify the dual and the Gray image of gbent functions for $q=2^k$. We discuss the subclass of gbent functions which corresponds to relative difference sets, which we call $\mathbb{Z}_q$-bent functions, and point out that they correspond to a class of vectorial bent functions. The property of being $\mathbb{Z}_q$-bent is much stronger than the standard concept of a gbent function. We analyse two examples of this class of functions.
△ Less
Submitted 18 May, 2016;
originally announced May 2016.
-
Large Sets of Orthogonal Sequences Suitable for Applications in CDMA Systems
Authors:
WeiGuo Zhang,
ChunLei Xie,
Enes Pasalic
Abstract:
In this paper, we employ the so-called semi-bent functions to achieve significant improvements over currently known methods regarding the number of orthogonal sequences per cell that can be assigned to a regular tessellation of hexagonal cells, typical for certain code-division multiple-access (CDMA) systems. Our initial design method generates a large family of orthogonal sets of sequences derive…
▽ More
In this paper, we employ the so-called semi-bent functions to achieve significant improvements over currently known methods regarding the number of orthogonal sequences per cell that can be assigned to a regular tessellation of hexagonal cells, typical for certain code-division multiple-access (CDMA) systems. Our initial design method generates a large family of orthogonal sets of sequences derived from vectorial semi-bent functions. A modification of the original approach is proposed to avoid a hard combinatorial problem of allocating several such orthogonal sets to a single cell of a regular hexagonal network, while preserving the orthogonality to adjacent cells. This modification increases the number of users per cell by starting from shorter codewords and then extending the length of these codewords to the desired length. The specification and assignment of these orthogonal sets to a regular tessellation of hexagonal cells have been solved regardless of the parity and size of $m$ (where $2^m$ is the length of the codewords). In particular, when the re-use distance is $D=4$ the number of users per cell is $2^{m-2}$ for almost all $m$, which is twice as many as can be obtained by the best known methods.
△ Less
Submitted 17 May, 2016;
originally announced May 2016.
-
Construction methods for generalized bent functions
Authors:
S. Hodžić,
E. Pasalic
Abstract:
Generalized bent (gbent) functions is a class of functions $f: \mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$, where $q \geq 2$ is a positive integer, that generalizes a concept of classical bent functions through their co-domain extension. A lot of research has recently been devoted towards derivation of the necessary and sufficient conditions when $f$ is represented as a collection of Boolean function…
▽ More
Generalized bent (gbent) functions is a class of functions $f: \mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$, where $q \geq 2$ is a positive integer, that generalizes a concept of classical bent functions through their co-domain extension. A lot of research has recently been devoted towards derivation of the necessary and sufficient conditions when $f$ is represented as a collection of Boolean functions. Nevertheless, apart from the necessary conditions that these component functions are bent when $n$ is even (respectively semi-bent when $n$ is odd), no general construction method has been proposed yet for $n$ odd case. In this article, based on the use of the well-known Maiorana-McFarland (MM) class of functions, we give an explicit construction method of gbent functions, for any even $q >2$ when $n$ is even and for any $q$ of the form $q=2^r$ (for $r>1$) when $n$ is odd. Thus, a long-term open problem of providing a general construction method of gbent functions, for odd $n$, has been solved. The method for odd $n$ employs a large class of disjoint spectra semi-bent functions with certain additional properties which may be useful in other cryptographic applications.
△ Less
Submitted 20 November, 2016; v1 submitted 10 April, 2016;
originally announced April 2016.
-
Generalized bent functions - sufficient conditions and related constructions
Authors:
S. Hodžić,
E. Pasalic
Abstract:
The necessary and sufficient conditions for a class of functions $f:\mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$, where $q \geq 2$ is an even positive integer, have been recently identified for $q=4$ and $q=8$. In this article we give an alternative characterization of the generalized Walsh-Hadamard transform in terms of the Walsh spectra of the component Boolean functions of $f$, which then allows us…
▽ More
The necessary and sufficient conditions for a class of functions $f:\mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$, where $q \geq 2$ is an even positive integer, have been recently identified for $q=4$ and $q=8$. In this article we give an alternative characterization of the generalized Walsh-Hadamard transform in terms of the Walsh spectra of the component Boolean functions of $f$, which then allows us to derive sufficient conditions that $f$ is generalized bent for any even $q$. The case when $q$ is not a power of two, which has not been addressed previously, is treated separately and a suitable representation in terms of the component functions is employed. Consequently, the derived results lead to generic construction methods of this class of functions. The main remaining task, which is not answered in this article, is whether the sufficient conditions are also necessary. There are some indications that this might be true which is also formally confirmed for generalized bent functions that belong to the class of generalized Maiorana-McFarland functions (GMMF), but still we were unable to completely specify (in terms of necessity) gbent conditions.
△ Less
Submitted 29 January, 2016;
originally announced January 2016.
