MATRIX POWER S-BOX ANALYSIS 1. Kestutis Luksys, Petras Nefas
|
|
- Adele Cole
- 5 years ago
- Views:
Transcription
1 International Book Series "Inforation Science and Coputing" 97 MATRIX POWER S-BOX ANALYSIS Keutis Luksys, Petras Nefas Abract: Conruction of syetric cipher S-bo based on atri power function and dependant on key is analyzed. The atri consiing of plain data bit rings is cobined with three round key atrices using arithetical addition and eponent operations. The atri power eans the atri powered by other atri. This operation is linked with two sound one-way functions: the discrete logarith proble and decoposition proble. The latter is used in the infinite non-coutative group based public key cryptosyes. The atheatical description of proposed S-bo in its nature possesses a good confusion and diffusion properties and contains variables of a cople type as was forulated by Shannon. Core properties of atri power operation are forulated and proven. Soe preliinary cryptographic characteriics of conructed S-bo are calculated. Keywords: Matri power, syetric encryption, S-bo. ACM Classification Keywords: E.3 Data Encryption, F.2. Nuerical Algoriths and Probles. Conference: The paper is selected fro Sith International Conference on Inforation Research and Applications i.tech 2008, Varna, Bulgaria, June-July 2008 Introduction As it is known, the design criteria for the block ciphers as for other cryptographic syes are related with the known cryptoanalytic attacks. It is essential that after the new attack invention the old design criteria u be changed. Traditional design criteria are oriented to the o powerful attacks such as linear and differential and were successfully satisfied for the several known ciphers, for eaple AES, Serpent, Caellia Miy/Kasui etc. It was shown that the non-linearity properties of the inverse function in GF(2 n ) used as a single non-linear coponent in AES are close to optiality with respect to linear, differential and higher-order differential attacks [Canteaut and Videau, 2002]. But nevertheless it is shown that any known optial ciphers have a very siple algebraic ructure and are potentially vulnerable to the algebraic attack. This attack was declared in [Schauuller-Bihl, 983] and developed in [Courtois and Pieprzyk, 2002]. The vulnerability is related to S-bo description by iplicit input/output and key variables algebraic equations of polynoial type. For eaple the AES can be described by the sye of ultivariate quadratic equations in GF (2 8 ) for which the XL or XSL attack can be applied in principle. Then there is a principal opportunity to find the solution of these equations by soe feasible algorith that ight be of subeponential tie and recover the key fro a few plaintet/ciphertet pairs. The algebraic attack changes soe old security poulates [Courtois, 2005]:. The copleity is no longer condened to grow eponentially with the nuber of rounds. 2. The nuber of required plaintets ay be quite sall (e.g. ). 3. The wide trail rategy should have no ipact whatsoever for the copleity of the attack. Despite the fact that there are no practical results of breaking the entire AES by algebraic attack yet, it is sensible to build the new design ethods possessing a higher resiance to algebraic attack. According to Courtois the design of ciphers will never be the sae again and this is supported by the declared new ideas for the S-bo Work supported by the Lithuanian State Science and Studies Foundation
2 98 Advanced Studies in Software and Knowledge Engineering conruction laying on the sufficiently large rando S-boes to prevent all algebraic attacks one can think [Courtois et al., 2005]. In this paper we further discus so called atri power operation introduced in [Sakalauskas and Luksys, 2007] for a atri power S-bo conruction. Matri power S-bo is based on odular eponentiation over GF(2 n ). This leads to soe generalization of discrete logarith proble (DLP) using a atri group action proble over Galois field. The idea to use the group or seigroup action proble in vectorial spaces for the asyetric cryptographic priitives conruction can be found in [Monico, 2002]. We have generalized this approach and applied it to our S-bo conruction. As a result we have obtained soe one way function (OWF) which is linked not only with a classical DLP but also with so called decoposition proble (DP), used in the asyetric cryptosyes based on the hard probles in infinite non-coutative groups [Shpilrain and Ushakov, 2005]. The sae kind of DP is used also in digital signature schee and key agreeent protocol conruction [Sakalauskas, 2005] and [Sakalauskas et al., 2007]. Preliinaries Let us define atrices over GF(2 n ). The set of all those atrices over GF(2 n ) we denote as M. Plaintet and ciphertet data is represented in this set. We do not introduce any internal operations in the set M. For further considerations we are intereed only in eternal operations perfored in this set. Let M G be a group of atrices over N 2 n with the coonly defined atri ultiplication operation and atri inverse. Keys atrices should be chosen fro M G. Matri group M G left and right action operations in the set M are denoted by and respectively. In a foral way is a apping : M G M M and : M M G M. Then L, R M G and X M there ei soe Y, Z M such that L X Y and X R Z. The eleents of atrices L, X, R, Y and Z we denote by the indeed set of its eleents respectively, i.e. by { } we denote atri X. We have chosen the following action operations which can be written for the atri equation L X Y eleents y s l is sj, () and for the atri equation X R Z eleents z t rtj it. (2) The ultiplication and power operations are perfored using GF (2 n ) arithetic, i.e. odulo irreducible polynoial. Eaple. To give a siple eaple, let us assue that all atrices have two rows and two coluns, i.e. 2. In this case, atri Y can be epressed in the following way l l2 l l l 2 l Y L X l2 l22 l2 l22. l 2 l Matri Z can be epressed in the following way r r2 r2 r 22 2 r r2 2 2 Z X R r r r 2 22 r2 r
3 International Book Series "Inforation Science and Coputing" 99 Matri power S-bo The S-bo input data we denote by atri D with eleents being binary rings in vector space F 2. n Using the certain key epansion procedure we can generate the round keys for encryption: atri K over F 2 and atrices L, R M G. Input/output and key atrices are all of the sae size. S-bo transforations of input data D to ciphered output data C are perfored as follows: D + K + X, (3) L X R C, (4) where D + K + denotes the ordinary arithetical addition of atrices odulo 2 n ; is the atri consiing of arithetical unity eleents in. Cobining (3) and (4) we obtain n F 2 L (D + K + ) R C. (5) Fro (3) we obtain a atri X M which does not contain zero eleents, i.e. is without zero binary rings. This is necessary because of ultiplications. If there would be at lea one zero eleent, then ciphertet will be zero atri. We can write now the iplicit forula for an eleent c : c t s lis rtj t s where is a bit ring corresponding to arithetical unit in l r is tj ( d + k + ), (6) Since M G is a group of atrices, then there eis the inverse atri R such that RR R R I, where I is the identity atri. Decryption operation can be written siilarly to (5): L C R K D. (7) Resulting atri of inverse S-bo can be epressed like this: d where { / t s l r n F 2. is tl c k, (8) / l } L and { r } R. Thus, we have to be able to calculate inverse atrices of L and R keys for decryption. Key atri K reains the sae, only during decryption ordinary subtraction is used inead of addition. For the validity of the la equations the left-right action operations u satisfy the following properties:. The action operations u be associative, i.e. L 2 (L X) (L 2 L ) X, (9a) (X R ) R 2 X (R R 2 ). (9b) 2. The action operations are both left and right invertible, i.e. L (L X) (L L) X I X X, (0a) (X R ) R X (R R) X I X. (0b) Theore. The action operations are associative. Proof. Let us consider encryption and decryption schee with plaintet atri X, key atries L and R, their inverse atrices L and R and cipher tet atri C. According to (4) and (7), following relations should be true: L X R C, L C R X. n
4 00 Advanced Studies in Software and Knowledge Engineering For the siplicity, we oit atri K here and consider that atri X has no zero eleents. This does not affect generality because atri K is added before atri power operation and subtracted after, in case of inverse S- bo. Then plaintet atri X can be epressed following way: X L C R v u t s Thus we receive that L t s ( L X R) lus rtv l iu rvj / / lus l iu rtv rvj u v R L t s v u t s ( L X R) R ( L L) X ( RR ) L // lik rtj t s lus rtv l iu rvj // lis rtj R // L X R t s v u t s lus rtv l iu rvj v u ( L L) X ( RR ). () We used ordinary features of power function and atri ultiplication, so this equation holds for any atrices. Lea. Defined atri power operation has the following property: if key atrices are identities, then resulting atri of ciphertet is equal to the atri of plaintet. Proof. Any eleent of ciphertet atri can be written following way: c t lii rjj rivluj tvu. u v v j & u i If key atrices are L R I, then we have that l ii r jj for any i and j fro to, and l r jj 0, if i j: 0 t tvu u v v j & u i c t. Theore 2. The action operations are both left and right invertible. Proof. According to () and Lea we obtain: ( L X R) R ( L L) X ( RR ) I X I X L Key atrices lus rtv liu rvj. (2) Key atrices L and R should be invertible in order that defined atri power S-bo would be bective, i.e. would have inverse S-bo. This is obvious fro the (2). Decryption of the ciphertet can be done only with L and R atrices. If L or R did not have inverse, then atri power S-bo is surjective and inverse S-bo does not ei. Matrices L and R are chosen fro group M G, therefore they have inverse atrices. The proble is, how to conruct group M G that it would be large enough and brute force attacks would be useless. One of the ethods is to use the certain non-coutative group representation in the set of atri group GL(, GF(2 n )). The non-coutative group is presented by finite sets of generators and relations. Then it is required to conruct representation atrices and their inverses for each initial group generator [Sakalauskas and Luksys, 2007]. Other ethod is to generate rando atrices and to check if they are invertible. We have used this ethod to evaluate key space and atri power S-bo security properties.
5 International Book Series "Inforation Science and Coputing" 0 For the analysis, we have chosen 3 3 atrices ( 3) and n 7. In this case key atrices L and R are over N 27 and data atrices are over GF(2 7 ). Irreducible polynoial was Key atrices L and R have nine eleents and each eleent can be randoly chosen fro 27 values. Thus we can generate diinct atrices. But that would be all possible variants, including those atrices, which do not have inverse. We have generated 2 34 atrices and 0.969% of those atrices were not invertible. Therefore rough eiate of atri power key space would be around 2 63 (for two key atrices). Group No. Table. Cryptographic characteriics of rando invertible atri power S-boes Algebraic Algebraic Algebraic k- quadratic biaffine Percentage, Bective Nonlinearity degree unifor equations equations % iunity iunity. T ,53-0,9 2. T ,63 2 2,68 5,5 3. T ,53 2 9,65 3,5 4. T ,53 2 9,44,8 5. T ,53 2 9,23 0,2 6. T , ,9 7. T ,75 2 9,65 3,5 8. T ,75 2 9,44,8 9. T ,75 2 9,23 0,2 0. T ,72 2 2,0. T , ,0 2. T ,53 2 9,65 3,6 3. T ,53 2 9,44,8 4. T ,53 2 9,23 0,2 5. T ,84 2 2,0 6. T ,75 2 9,65 3,5 7. T ,75 2 9,44,8 8. T ,75 2 9,23 0,2 9. T , ,9 20. T ,84 2 6,34 5,5 2. F ,7 2 6,34,5 22. F ,35 2 6,294 0, It is very difficult to evaluate cryptographic characteriics of S-bo with 54 bit input and 63 bit output. Therefore we have ade two siplifications for the security analysis. Fir of all we did not do key addition (3). If data atri had zero eleent (-s) that atri was left unchanged. This let us to analyze S-bo with equal input and output size. For the second siplification, we fied all input atri eleents ecept one and analyzed only one particular eleent of the output atri. This led us to the analysis of the S-bo with input and output size of 7 bits. We have chosen to evaluate five cryptographic characteriics: algebraic degree [Meier et al., 2004], nonlinearity, differential coefficient k-unifor, algebraic quadratic equations iunity and algebraic biaffine equations iunity [Courtois et al., 2005]. Algebraic iunity is calculated as follows: Γ t n where t is nuber of ters in algebraic noral for (ANF) of Boole function, n nuber of variables, r nuber of biaffine or quadratic equations. t r,
6 02 Advanced Studies in Software and Knowledge Engineering We have generated rando invertible atri power S-boes. Analysis results are shown in Table. We have grouped all generated S-boes into 22 groups according their characteriics. Two groups of S-boes are not bective, i.e. the representation of one eleent of input atri into one output atri eleent is not bective, but the whole atri power S-bo reains invertible. Group 20 th represents S-boes which perfors a linear transforation. Characteriics of groups 9 are siilar to those of ordinary power functions, like Gold, Kasai, Niho etc. [Cheon and Lee, 2004]. These are ju preliinary results and further analysis of atri power S-bo should be done. Conclusion In this paper we have analyzed key depended S-bo based on introduced atri power operation. We have forulated and proven core properties of this operation. Soe preliinary cryptographic characteriics of conructed S-bo are calculated. Characteriics of siplified version of atri power S-bo are siilar to those of ordinary power functions, like Gold, Kasai, Niho etc. Bibliography [Canteaut and Videau, 2002] A. Canteaut and M. Videau. Degree of coposition of highly nonlinear functions and applications to higher order differential cryptanalysis. Advances in Cryptology Eurocrypt 2002, Springer Verlag [Cheon and Lee, 2004] J.H. Cheon, D.H. Lee. Resiance of S-boes again Algebraic Attacks. Fa Software Encryp tion, LNCS 307, pp , Springer-Verlag, [Courtois, 2005] N.T. Courtois. General Principles of Algebraic Attacks and New Design Criteria for Cipher Coponents. Advanced Encryption Standard AES, LNCS 3373, pp , [Courtois et al., 2005] N.T. Courtois, B. Debraize and E. Garrido. On eact algebraic [non-]iunity of S-boes based on power functions. Cryptology eprint Archive: Report, no. 203 (2005), [Courtois and Pieprzyk, 2002] N.T. Courtois and J. Pieprzyk. Cryptanalysis of Block Ciphers with Overdefined Syes of Equations. Proceedings of Asiacrypt 2002, LNCS 250, pp , Springer-Verlag, [Meier et al., 2004] W.Meier, E.Pasalic and C.Carlet. Algebraic Attacks and Decoposition of Boolean Functions. Advances in Cryptology - EUROCRYPT 2004, LNCS 3027, Springer Berlin / Heidelberg, 2004, pp [Monico, 2002] C. Monico. Seirings and Seigroup actions in Public Key Cryptography. PhD. thesis, University of Notre Dae, May [Sakalauskas and Luksys, 2007] E.Sakalauskas and K.Luksys, Matri Power S-Bo Conruction. Cryptology eprint Archive: Report, no. 24 (2007), [Sakalauskas et al., 2007] E. Sakalauskas, P. Tvaronas and A. Raulinaitis. Key Agreeent Protocol (KAP) Using Conjugacy and Discrete Logarith Probles in Group Representation Level, Inforatica, Vol. 8, No., 2007, pp [Sakalauskas, 2005] E. Sakalauskas. One Digital Signature Schee in Seiodule over Seiring, Inforatica, vol. 6, no. 3, 2005, pp [Schauuller-Bichl, 983] Schauuller-Bichl. Cryptanalysis of the Data Encryption Standard by the Method of Foral Coding. Advances in Cryptology EUROCRYPT-982, LNCS 49, Springer-Verlag, 983, pp [Shpilrain and Ushakov, 2005] V. Shpilrain and A. Ushakov. A new key echange protocol based on the decoposition proble. Cryptology eprint Archive: Report, no. 447 (2005), Authors' Inforation Keutis Luksys PhD udent, Kaunas University of Technology, Studentu A, Kaunas 5368, Lithuania; e-ail: keutis.luksys@ktu.lt. Petras Nefas Dr., Head of Division, GRC of State Security Departent, Lithuania; e-ail: petras.nefas@gail.co.
Matrix Power S-Box Construction
Matrix Power S-Box Construction Eligijus Sakalauskas a and Kestutis Luksys b Department of Applied Mathematics, Kaunas University of Technology, Studentu g. 50, 52368 Kaunas, Lithuania a Eligijus.Sakalauskas@ktu.lt
More informationThe simplest method for constructing APN polynomials EA-inequivalent to power functions
The siplest ethod for constructing APN polynoials EA-inequivalent to power functions Lilya Budaghyan Abstract The first APN polynoials EA-inequivalent to power functions have been constructed in [7, 8]
More informationAn Attack Bound for Small Multiplicative Inverse of ϕ(n) mod e with a Composed Prime Sum p + q Using Sublattice Based Techniques
Article An Attack Bound for Sall Multiplicative Inverse of ϕn) od e with a Coposed Prie Su p + q Using Sublattice Based Techniques Pratha Anuradha Kaeswari * and Labadi Jyotsna Departent of Matheatics,
More informationA note on the multiplication of sparse matrices
Cent. Eur. J. Cop. Sci. 41) 2014 1-11 DOI: 10.2478/s13537-014-0201-x Central European Journal of Coputer Science A note on the ultiplication of sparse atrices Research Article Keivan Borna 12, Sohrab Aboozarkhani
More informationFinite fields. and we ve used it in various examples and homework problems. In these notes I will introduce more finite fields
Finite fields I talked in class about the field with two eleents F 2 = {, } and we ve used it in various eaples and hoework probles. In these notes I will introduce ore finite fields F p = {,,...,p } for
More informationBlock designs and statistics
Bloc designs and statistics Notes for Math 447 May 3, 2011 The ain paraeters of a bloc design are nuber of varieties v, bloc size, nuber of blocs b. A design is built on a set of v eleents. Each eleent
More informations = (Y Q Y P)/(X Q - X P)
Elliptic Curves and their Applications in Cryptography Preeti Shara M.Tech Student Mody University of Science and Technology, Lakshangarh Abstract This paper gives an introduction to elliptic curves. The
More informationFeature Extraction Techniques
Feature Extraction Techniques Unsupervised Learning II Feature Extraction Unsupervised ethods can also be used to find features which can be useful for categorization. There are unsupervised ethods that
More informationUniform Approximation and Bernstein Polynomials with Coefficients in the Unit Interval
Unifor Approxiation and Bernstein Polynoials with Coefficients in the Unit Interval Weiang Qian and Marc D. Riedel Electrical and Coputer Engineering, University of Minnesota 200 Union St. S.E. Minneapolis,
More informationFast Montgomery-like Square Root Computation over GF(2 m ) for All Trinomials
Fast Montgoery-like Square Root Coputation over GF( ) for All Trinoials Yin Li a, Yu Zhang a, a Departent of Coputer Science and Technology, Xinyang Noral University, Henan, P.R.China Abstract This letter
More informationThis model assumes that the probability of a gap has size i is proportional to 1/i. i.e., i log m e. j=1. E[gap size] = i P r(i) = N f t.
CS 493: Algoriths for Massive Data Sets Feb 2, 2002 Local Models, Bloo Filter Scribe: Qin Lv Local Models In global odels, every inverted file entry is copressed with the sae odel. This work wells when
More informationLecture 21. Interior Point Methods Setup and Algorithm
Lecture 21 Interior Point Methods In 1984, Kararkar introduced a new weakly polynoial tie algorith for solving LPs [Kar84a], [Kar84b]. His algorith was theoretically faster than the ellipsoid ethod and
More informationEstimation of the Mean of the Exponential Distribution Using Maximum Ranked Set Sampling with Unequal Samples
Open Journal of Statistics, 4, 4, 64-649 Published Online Septeber 4 in SciRes http//wwwscirporg/ournal/os http//ddoiorg/436/os4486 Estiation of the Mean of the Eponential Distribution Using Maiu Ranked
More information. The univariate situation. It is well-known for a long tie that denoinators of Pade approxiants can be considered as orthogonal polynoials with respe
PROPERTIES OF MULTIVARIATE HOMOGENEOUS ORTHOGONAL POLYNOMIALS Brahi Benouahane y Annie Cuyt? Keywords Abstract It is well-known that the denoinators of Pade approxiants can be considered as orthogonal
More informationAN APPLICATION OF CUBIC B-SPLINE FINITE ELEMENT METHOD FOR THE BURGERS EQUATION
Aksan, E..: An Applıcatıon of Cubıc B-Splıne Fınıte Eleent Method for... THERMAL SCIECE: Year 8, Vol., Suppl., pp. S95-S S95 A APPLICATIO OF CBIC B-SPLIE FIITE ELEMET METHOD FOR THE BRGERS EQATIO by Eine
More informationThe Fundamental Basis Theorem of Geometry from an algebraic point of view
Journal of Physics: Conference Series PAPER OPEN ACCESS The Fundaental Basis Theore of Geoetry fro an algebraic point of view To cite this article: U Bekbaev 2017 J Phys: Conf Ser 819 012013 View the article
More informationLecture 13 Eigenvalue Problems
Lecture 13 Eigenvalue Probles MIT 18.335J / 6.337J Introduction to Nuerical Methods Per-Olof Persson October 24, 2006 1 The Eigenvalue Decoposition Eigenvalue proble for atrix A: Ax = λx with eigenvalues
More informationModel Fitting. CURM Background Material, Fall 2014 Dr. Doreen De Leon
Model Fitting CURM Background Material, Fall 014 Dr. Doreen De Leon 1 Introduction Given a set of data points, we often want to fit a selected odel or type to the data (e.g., we suspect an exponential
More informationLinear recurrences and asymptotic behavior of exponential sums of symmetric boolean functions
Linear recurrences and asyptotic behavior of exponential sus of syetric boolean functions Francis N. Castro Departent of Matheatics University of Puerto Rico, San Juan, PR 00931 francis.castro@upr.edu
More informationA remark on a success rate model for DPA and CPA
A reark on a success rate odel for DPA and CPA A. Wieers, BSI Version 0.5 andreas.wieers@bsi.bund.de Septeber 5, 2018 Abstract The success rate is the ost coon evaluation etric for easuring the perforance
More informationMulticollision Attacks on Some Generalized Sequential Hash Functions
Multicollision Attacks on Soe Generalized Sequential Hash Functions M. Nandi David R. Cheriton School of Coputer Science University of Waterloo Waterloo, Ontario N2L 3G1, Canada 2nandi@uwaterloo.ca D.
More informationTABLE FOR UPPER PERCENTAGE POINTS OF THE LARGEST ROOT OF A DETERMINANTAL EQUATION WITH FIVE ROOTS. By William W. Chen
TABLE FOR UPPER PERCENTAGE POINTS OF THE LARGEST ROOT OF A DETERMINANTAL EQUATION WITH FIVE ROOTS By Willia W. Chen The distribution of the non-null characteristic roots of a atri derived fro saple observations
More informationGoals of Cryptography. Definition of a Cryptosystem. Security Kerckhoff's Requirements
Goals of Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network Transport Layer Chapter 4: Security
More informationSoft Computing Techniques Help Assign Weights to Different Factors in Vulnerability Analysis
Soft Coputing Techniques Help Assign Weights to Different Factors in Vulnerability Analysis Beverly Rivera 1,2, Irbis Gallegos 1, and Vladik Kreinovich 2 1 Regional Cyber and Energy Security Center RCES
More informationQuadratic Equations from APN Power Functions
IEICE TRANS. FUNDAMENTALS, VOL.E89 A, NO.1 JANUARY 2006 1 PAPER Special Section on Cryptography and Information Security Quadratic Equations from APN Power Functions Jung Hee CHEON, Member and Dong Hoon
More informationPage 1 Lab 1 Elementary Matrix and Linear Algebra Spring 2011
Page Lab Eleentary Matri and Linear Algebra Spring 0 Nae Due /03/0 Score /5 Probles through 4 are each worth 4 points.. Go to the Linear Algebra oolkit site ransforing a atri to reduced row echelon for
More informationThe Simplex Method is Strongly Polynomial for the Markov Decision Problem with a Fixed Discount Rate
The Siplex Method is Strongly Polynoial for the Markov Decision Proble with a Fixed Discount Rate Yinyu Ye April 20, 2010 Abstract In this note we prove that the classic siplex ethod with the ost-negativereduced-cost
More informationA Self-Organizing Model for Logical Regression Jerry Farlow 1 University of Maine. (1900 words)
1 A Self-Organizing Model for Logical Regression Jerry Farlow 1 University of Maine (1900 words) Contact: Jerry Farlow Dept of Matheatics Univeristy of Maine Orono, ME 04469 Tel (07) 866-3540 Eail: farlow@ath.uaine.edu
More informationIntroduction to Robotics (CS223A) (Winter 2006/2007) Homework #5 solutions
Introduction to Robotics (CS3A) Handout (Winter 6/7) Hoework #5 solutions. (a) Derive a forula that transfors an inertia tensor given in soe frae {C} into a new frae {A}. The frae {A} can differ fro frae
More informationRevisiting the security model for aggregate signature schemes
Revisiting the security odel for aggregate signature schees by Marie-Sarah Lacharité A thesis presented to the University of Waterloo in fulfillent of the thesis requireent for the degree of Master of
More informationON REGULARITY, TRANSITIVITY, AND ERGODIC PRINCIPLE FOR QUADRATIC STOCHASTIC VOLTERRA OPERATORS MANSOOR SABUROV
ON REGULARITY TRANSITIVITY AND ERGODIC PRINCIPLE FOR QUADRATIC STOCHASTIC VOLTERRA OPERATORS MANSOOR SABUROV Departent of Coputational & Theoretical Sciences Faculty of Science International Islaic University
More informationPEA: Polymorphic Encryption Algorithm based on quantum computation. Nikos Komninos* and Georgios Mantas
Int. J. Systes, Control and Counications, Vol. 3, No., PEA: Polyorphic Encryption Algorith based on quantu coputation Nikos Koninos* and Georgios Mantas Algoriths and Security Group, Athens Inforation
More informationA Five-Round Algebraic Property of the Advanced Encryption Standard
A Five-Round Algebraic Property of the Advanced Encryption Standard Jianyong Huang, Jennifer Seberry and Willy Susilo Centre for Computer and Information Security Research (CCI) School of Computer Science
More informationElliptic Curve Scalar Point Multiplication Algorithm Using Radix-4 Booth s Algorithm
Elliptic Curve Scalar Multiplication Algorith Using Radix-4 Booth s Algorith Elliptic Curve Scalar Multiplication Algorith Using Radix-4 Booth s Algorith Sangook Moon, Non-eber ABSTRACT The ain back-bone
More informationClosed-form evaluations of Fibonacci Lucas reciprocal sums with three factors
Notes on Nuber Theory Discrete Matheatics Print ISSN 30-32 Online ISSN 2367-827 Vol. 23 207 No. 2 04 6 Closed-for evaluations of Fibonacci Lucas reciprocal sus with three factors Robert Frontczak Lesbank
More informationCHARACTER SUMS AND RAMSEY PROPERTIES OF GENERALIZED PALEY GRAPHS. Nicholas Wage Appleton East High School, Appleton, WI 54915, USA.
INTEGERS: ELECTRONIC JOURNAL OF COMBINATORIAL NUMBER THEORY 6 006, #A18 CHARACTER SUMS AND RAMSEY PROPERTIES OF GENERALIZED PALEY GRAPHS Nicholas Wage Appleton East High School, Appleton, WI 54915, USA
More informationDivisibility of Polynomials over Finite Fields and Combinatorial Applications
Designs, Codes and Cryptography anuscript No. (will be inserted by the editor) Divisibility of Polynoials over Finite Fields and Cobinatorial Applications Daniel Panario Olga Sosnovski Brett Stevens Qiang
More informationarxiv: v1 [math.na] 10 Oct 2016
GREEDY GAUSS-NEWTON ALGORITHM FOR FINDING SPARSE SOLUTIONS TO NONLINEAR UNDERDETERMINED SYSTEMS OF EQUATIONS MÅRTEN GULLIKSSON AND ANNA OLEYNIK arxiv:6.395v [ath.na] Oct 26 Abstract. We consider the proble
More informationVulnerability of MRD-Code-Based Universal Secure Error-Correcting Network Codes under Time-Varying Jamming Links
Vulnerability of MRD-Code-Based Universal Secure Error-Correcting Network Codes under Tie-Varying Jaing Links Jun Kurihara KDDI R&D Laboratories, Inc 2 5 Ohara, Fujiino, Saitaa, 356 8502 Japan Eail: kurihara@kddilabsjp
More informationParallel stream cipher for secure high-speed communications
Signal Processing 82 (2002 259 265 www.elsevier.co/locate/sigpro Parallel strea cipher for secure high-speed counications Hoonjae Lee a;, Sangjae Moon b a Departent of Coputer Engineering, Kyungwoon University,
More information13.2 Fully Polynomial Randomized Approximation Scheme for Permanent of Random 0-1 Matrices
CS71 Randoness & Coputation Spring 018 Instructor: Alistair Sinclair Lecture 13: February 7 Disclaier: These notes have not been subjected to the usual scrutiny accorded to foral publications. They ay
More informationCombinatorial Primality Test
Cobinatorial Priality Test Maheswara Rao Valluri School of Matheatical and Coputing Sciences Fiji National University, Derrick Capus, Suva, Fiji E-ail: aheswara.valluri@fnu.ac.fj Abstract This paper provides
More informationASSUME a source over an alphabet size m, from which a sequence of n independent samples are drawn. The classical
IEEE TRANSACTIONS ON INFORMATION THEORY Large Alphabet Source Coding using Independent Coponent Analysis Aichai Painsky, Meber, IEEE, Saharon Rosset and Meir Feder, Fellow, IEEE arxiv:67.7v [cs.it] Jul
More informationCHAPTER 8 CONSTRAINED OPTIMIZATION 2: SEQUENTIAL QUADRATIC PROGRAMMING, INTERIOR POINT AND GENERALIZED REDUCED GRADIENT METHODS
CHAPER 8 CONSRAINED OPIMIZAION : SEQUENIAL QUADRAIC PROGRAMMING, INERIOR POIN AND GENERALIZED REDUCED GRADIEN MEHODS 8. Introduction In the previous chapter we eained the necessary and sufficient conditions
More informationQuantum public-key cryptosystems based on induced trapdoor one-way transformations
Quantu public-key cryptosystes based on induced trapdoor one-way transforations Li Yang a, Min Liang a, Bao Li a, Lei Hu a, Deng-Guo Feng b arxiv:1012.5249v2 [quant-ph] 12 Jul 2011 a State Key Laboratory
More informationTopic 5a Introduction to Curve Fitting & Linear Regression
/7/08 Course Instructor Dr. Rayond C. Rup Oice: A 337 Phone: (95) 747 6958 E ail: rcrup@utep.edu opic 5a Introduction to Curve Fitting & Linear Regression EE 4386/530 Coputational ethods in EE Outline
More informationThe Frequent Paucity of Trivial Strings
The Frequent Paucity of Trivial Strings Jack H. Lutz Departent of Coputer Science Iowa State University Aes, IA 50011, USA lutz@cs.iastate.edu Abstract A 1976 theore of Chaitin can be used to show that
More informationPolygonal Designs: Existence and Construction
Polygonal Designs: Existence and Construction John Hegean Departent of Matheatics, Stanford University, Stanford, CA 9405 Jeff Langford Departent of Matheatics, Drake University, Des Moines, IA 5011 G
More informationThe Distribution of the Covariance Matrix for a Subset of Elliptical Distributions with Extension to Two Kurtosis Parameters
journal of ultivariate analysis 58, 96106 (1996) article no. 0041 The Distribution of the Covariance Matrix for a Subset of Elliptical Distributions with Extension to Two Kurtosis Paraeters H. S. Steyn
More informationOrder Recursion Introduction Order versus Time Updates Matrix Inversion by Partitioning Lemma Levinson Algorithm Interpretations Examples
Order Recursion Introduction Order versus Tie Updates Matrix Inversion by Partitioning Lea Levinson Algorith Interpretations Exaples Introduction Rc d There are any ways to solve the noral equations Solutions
More informationON THE TWO-LEVEL PRECONDITIONING IN LEAST SQUARES METHOD
PROCEEDINGS OF THE YEREVAN STATE UNIVERSITY Physical and Matheatical Sciences 04,, p. 7 5 ON THE TWO-LEVEL PRECONDITIONING IN LEAST SQUARES METHOD M a t h e a t i c s Yu. A. HAKOPIAN, R. Z. HOVHANNISYAN
More informationALGEBRA REVIEW. MULTINOMIAL An algebraic expression consisting of more than one term.
Page 1 of 6 ALGEBRAIC EXPRESSION A cobination of ordinary nubers, letter sybols, variables, grouping sybols and operation sybols. Nubers reain fixed in value and are referred to as constants. Letter sybols
More informationA Markov Framework for the Simple Genetic Algorithm
A arkov Fraework for the Siple Genetic Algorith Thoas E. Davis*, Jose C. Principe Electrical Engineering Departent University of Florida, Gainesville, FL 326 *WL/NGS Eglin AFB, FL32542 Abstract This paper
More informationAnalysis of Some Quasigroup Transformations as Boolean Functions
M a t h e m a t i c a B a l k a n i c a New Series Vol. 26, 202, Fasc. 3 4 Analysis of Some Quasigroup Transformations as Boolean Functions Aleksandra Mileva Presented at MASSEE International Conference
More information3.3 Variational Characterization of Singular Values
3.3. Variational Characterization of Singular Values 61 3.3 Variational Characterization of Singular Values Since the singular values are square roots of the eigenvalues of the Heritian atrices A A and
More informationDistributed Subgradient Methods for Multi-agent Optimization
1 Distributed Subgradient Methods for Multi-agent Optiization Angelia Nedić and Asuan Ozdaglar October 29, 2007 Abstract We study a distributed coputation odel for optiizing a su of convex objective functions
More informationOn Conditions for Linearity of Optimal Estimation
On Conditions for Linearity of Optial Estiation Erah Akyol, Kuar Viswanatha and Kenneth Rose {eakyol, kuar, rose}@ece.ucsb.edu Departent of Electrical and Coputer Engineering University of California at
More informationESTIMATING AND FORMING CONFIDENCE INTERVALS FOR EXTREMA OF RANDOM POLYNOMIALS. A Thesis. Presented to. The Faculty of the Department of Mathematics
ESTIMATING AND FORMING CONFIDENCE INTERVALS FOR EXTREMA OF RANDOM POLYNOMIALS A Thesis Presented to The Faculty of the Departent of Matheatics San Jose State University In Partial Fulfillent of the Requireents
More informatione-companion ONLY AVAILABLE IN ELECTRONIC FORM
OPERATIONS RESEARCH doi 10.1287/opre.1070.0427ec pp. ec1 ec5 e-copanion ONLY AVAILABLE IN ELECTRONIC FORM infors 07 INFORMS Electronic Copanion A Learning Approach for Interactive Marketing to a Custoer
More informationTHE KALMAN FILTER: A LOOK BEHIND THE SCENE
HE KALMA FILER: A LOOK BEHID HE SCEE R.E. Deain School of Matheatical and Geospatial Sciences, RMI University eail: rod.deain@rit.edu.au Presented at the Victorian Regional Survey Conference, Mildura,
More informationChapter 6 1-D Continuous Groups
Chapter 6 1-D Continuous Groups Continuous groups consist of group eleents labelled by one or ore continuous variables, say a 1, a 2,, a r, where each variable has a well- defined range. This chapter explores:
More informationRandomized Recovery for Boolean Compressed Sensing
Randoized Recovery for Boolean Copressed Sensing Mitra Fatei and Martin Vetterli Laboratory of Audiovisual Counication École Polytechnique Fédéral de Lausanne (EPFL) Eail: {itra.fatei, artin.vetterli}@epfl.ch
More informationLecture 21 Principle of Inclusion and Exclusion
Lecture 21 Principle of Inclusion and Exclusion Holden Lee and Yoni Miller 5/6/11 1 Introduction and first exaples We start off with an exaple Exaple 11: At Sunnydale High School there are 28 students
More informationFinal Exam Practice: Part II Math MULTIPLE CHOICE Choose the one alternative that best completes the statement or answers the question.
MULTIPLE CHOICE Choose the one alternative that best copletes the stateent or answers the question. 1) Solve for y: y y 0 D) 4 9 ) Solve for : 0, 0 D) ) To Quig traveled 80 iles east of St. Louis. For
More informationBernoulli Wavelet Based Numerical Method for Solving Fredholm Integral Equations of the Second Kind
ISSN 746-7659, England, UK Journal of Inforation and Coputing Science Vol., No., 6, pp.-9 Bernoulli Wavelet Based Nuerical Method for Solving Fredhol Integral Equations of the Second Kind S. C. Shiralashetti*,
More informationIdentity-Based Key Aggregate Cryptosystem from Multilinear Maps
Identity-Based Key Aggregate Cryptosyste fro Multilinear Maps Sikhar Patranabis and Debdeep Mukhopadhyay Departent of Coputer Science and Engineering Indian Institute of Technology Kharagpur {sikhar.patranabis,
More informationJordan Journal of Physics
Volue 5, Nuber 3, 212. pp. 113-118 ARTILE Jordan Journal of Physics Networks of Identical apacitors with a Substitutional apacitor Departent of Physics, Al-Hussein Bin Talal University, Ma an, 2, 71111,
More informationProbability Distributions
Probability Distributions In Chapter, we ephasized the central role played by probability theory in the solution of pattern recognition probles. We turn now to an exploration of soe particular exaples
More informationOn Concurrent Detection of Errors in Polynomial Basis Multiplication
1 On Concurrent Detection of Errors in Polynoial Basis Multiplication Siavash Bayat-Saradi and M. Anwar Hasan Abstract The detection of errors in arithetic operations is an iportant issue. This paper discusses
More informationCSE525: Randomized Algorithms and Probabilistic Analysis May 16, Lecture 13
CSE55: Randoied Algoriths and obabilistic Analysis May 6, Lecture Lecturer: Anna Karlin Scribe: Noah Siegel, Jonathan Shi Rando walks and Markov chains This lecture discusses Markov chains, which capture
More informationPHY307F/407F - Computational Physics Background Material for Expt. 3 - Heat Equation David Harrison
INTRODUCTION PHY37F/47F - Coputational Physics Background Material for Expt 3 - Heat Equation David Harrison In the Pendulu Experient, we studied the Runge-Kutta algorith for solving ordinary differential
More informationA Link Between Integrals and Higher-Order Integrals of SPN Ciphers
Link Between Integrals and Higher-Order Integrals of SPN Ciphers Ruilin Li, Bing Sun, and Chao Li Integral cryptanalysis, which is based on the existence of (higher-order) integral distinguishers, is a
More informationMoment of Inertia. Terminology. Definitions Moment of inertia of a body with mass, m, about the x axis: Transfer Theorem - 1. ( )dm. = y 2 + z 2.
Terinology Moent of Inertia ME 202 Moent of inertia (MOI) = second ass oent Instead of ultiplying ass by distance to the first power (which gives the first ass oent), we ultiply it by distance to the second
More informationConstruction of Some New Classes of Boolean Bent Functions and Their Duals
International Journal of Algebra, Vol. 11, 2017, no. 2, 53-64 HIKARI Ltd, www.-hikari.co https://doi.org/10.12988/ija.2017.61168 Construction of Soe New Classes of Boolean Bent Functions and Their Duals
More informationTight Bounds for Maximal Identifiability of Failure Nodes in Boolean Network Tomography
Tight Bounds for axial Identifiability of Failure Nodes in Boolean Network Toography Nicola Galesi Sapienza Università di Roa nicola.galesi@uniroa1.it Fariba Ranjbar Sapienza Università di Roa fariba.ranjbar@uniroa1.it
More informationG G G G G. Spec k G. G Spec k G G. G G m G. G Spec k. Spec k
12 VICTORIA HOSKINS 3. Algebraic group actions and quotients In this section we consider group actions on algebraic varieties and also describe what type of quotients we would like to have for such group
More informationList Scheduling and LPT Oliver Braun (09/05/2017)
List Scheduling and LPT Oliver Braun (09/05/207) We investigate the classical scheduling proble P ax where a set of n independent jobs has to be processed on 2 parallel and identical processors (achines)
More informationDifferential properties of power functions
Differential properties of power functions Céline Blondeau, Anne Canteaut and Pascale Charpin SECRET Project-Team - INRIA Paris-Rocquencourt Domaine de Voluceau - B.P. 105-8153 Le Chesnay Cedex - France
More informationTHE POLYNOMIAL REPRESENTATION OF THE TYPE A n 1 RATIONAL CHEREDNIK ALGEBRA IN CHARACTERISTIC p n
THE POLYNOMIAL REPRESENTATION OF THE TYPE A n RATIONAL CHEREDNIK ALGEBRA IN CHARACTERISTIC p n SHEELA DEVADAS AND YI SUN Abstract. We study the polynoial representation of the rational Cherednik algebra
More informationCOS 424: Interacting with Data. Written Exercises
COS 424: Interacting with Data Hoework #4 Spring 2007 Regression Due: Wednesday, April 18 Written Exercises See the course website for iportant inforation about collaboration and late policies, as well
More informationDistinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network
Distinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network Ruilin Li, Bing Sun, and Chao Li Department of Mathematics and System Science, Science College, National University of Defense
More informationRESTARTED FULL ORTHOGONALIZATION METHOD FOR SHIFTED LINEAR SYSTEMS
BIT Nuerical Matheatics 43: 459 466, 2003. 2003 Kluwer Acadeic Publishers. Printed in The Netherlands 459 RESTARTED FULL ORTHOGONALIZATION METHOD FOR SHIFTED LINEAR SYSTEMS V. SIMONCINI Dipartiento di
More informationAbout the definition of parameters and regimes of active two-port networks with variable loads on the basis of projective geometry
About the definition of paraeters and regies of active two-port networks with variable loads on the basis of projective geoetry PENN ALEXANDR nstitute of Electronic Engineering and Nanotechnologies "D
More informationarxiv: v1 [math.nt] 14 Sep 2014
ROTATION REMAINDERS P. JAMESON GRABER, WASHINGTON AND LEE UNIVERSITY 08 arxiv:1409.411v1 [ath.nt] 14 Sep 014 Abstract. We study properties of an array of nubers, called the triangle, in which each row
More informationMultiplicative Complexity Reductions in Cryptography and Cryptanalysis
Multiplicative Complexity Reductions in Cryptography and Cryptanalysis THEODOSIS MOUROUZIS SECURITY OF SYMMETRIC CIPHERS IN NETWORK PROTOCOLS - ICMS - EDINBURGH 25-29 MAY/2015 1 Presentation Overview Linearity
More informationInteractive Markov Models of Evolutionary Algorithms
Cleveland State University EngagedScholarship@CSU Electrical Engineering & Coputer Science Faculty Publications Electrical Engineering & Coputer Science Departent 2015 Interactive Markov Models of Evolutionary
More informationREDUCTION OF FINITE ELEMENT MODELS BY PARAMETER IDENTIFICATION
ISSN 139 14X INFORMATION TECHNOLOGY AND CONTROL, 008, Vol.37, No.3 REDUCTION OF FINITE ELEMENT MODELS BY PARAMETER IDENTIFICATION Riantas Barauskas, Vidantas Riavičius Departent of Syste Analysis, Kaunas
More informationC na (1) a=l. c = CO + Clm + CZ TWO-STAGE SAMPLE DESIGN WITH SMALL CLUSTERS. 1. Introduction
TWO-STGE SMPLE DESIGN WITH SMLL CLUSTERS Robert G. Clark and David G. Steel School of Matheatics and pplied Statistics, University of Wollongong, NSW 5 ustralia. (robert.clark@abs.gov.au) Key Words: saple
More informationCMES. Computer Modeling in Engineering & Sciences. Tech Science Press. Reprinted from. Founder and Editor-in-Chief: Satya N.
Reprinted fro CMES Coputer Modeling in Engineering & Sciences Founder and Editor-in-Chief: Satya N. Atluri ISSN: 156-149 print ISSN: 156-1506 on-line Tech Science Press Copyright 009 Tech Science Press
More informationThe Weierstrass Approximation Theorem
36 The Weierstrass Approxiation Theore Recall that the fundaental idea underlying the construction of the real nubers is approxiation by the sipler rational nubers. Firstly, nubers are often deterined
More informationOptimal Jamming Over Additive Noise: Vector Source-Channel Case
Fifty-first Annual Allerton Conference Allerton House, UIUC, Illinois, USA October 2-3, 2013 Optial Jaing Over Additive Noise: Vector Source-Channel Case Erah Akyol and Kenneth Rose Abstract This paper
More informationTesting equality of variances for multiple univariate normal populations
University of Wollongong Research Online Centre for Statistical & Survey Methodology Working Paper Series Faculty of Engineering and Inforation Sciences 0 esting equality of variances for ultiple univariate
More informationPrediction by random-walk perturbation
Prediction by rando-walk perturbation Luc Devroye School of Coputer Science McGill University Gábor Lugosi ICREA and Departent of Econoics Universitat Popeu Fabra lucdevroye@gail.co gabor.lugosi@gail.co
More informationAccuracy of the Scaling Law for Experimental Natural Frequencies of Rectangular Thin Plates
The 9th Conference of Mechanical Engineering Network of Thailand 9- October 005, Phuket, Thailand Accuracy of the caling Law for Experiental Natural Frequencies of Rectangular Thin Plates Anawat Na songkhla
More informationFeedforward Networks
Feedforward Networks Gradient Descent Learning and Backpropagation Christian Jacob CPSC 433 Christian Jacob Dept.of Coputer Science,University of Calgary CPSC 433 - Feedforward Networks 2 Adaptive "Prograing"
More informationVirtual isomorphisms of ciphers: is AES secure against differential / linear attack?
Alexander Rostovtsev alexander. rostovtsev@ibks.ftk.spbstu.ru St. Petersburg State Polytechnic University Virtual isomorphisms of ciphers: is AES secure against differential / linear attack? In [eprint.iacr.org/2009/117]
More informationA Note on Online Scheduling for Jobs with Arbitrary Release Times
A Note on Online Scheduling for Jobs with Arbitrary Release Ties Jihuan Ding, and Guochuan Zhang College of Operations Research and Manageent Science, Qufu Noral University, Rizhao 7686, China dingjihuan@hotail.co
More informationAlgorithms for parallel processor scheduling with distinct due windows and unit-time jobs
BULLETIN OF THE POLISH ACADEMY OF SCIENCES TECHNICAL SCIENCES Vol. 57, No. 3, 2009 Algoriths for parallel processor scheduling with distinct due windows and unit-tie obs A. JANIAK 1, W.A. JANIAK 2, and
More informationEstimating Parameters for a Gaussian pdf
Pattern Recognition and achine Learning Jaes L. Crowley ENSIAG 3 IS First Seester 00/0 Lesson 5 7 Noveber 00 Contents Estiating Paraeters for a Gaussian pdf Notation... The Pattern Recognition Proble...3
More informationAES side channel attacks protection using random isomorphisms
Rostovtsev A.G., Shemyakina O.V., St. Petersburg State Polytechnic University AES side channel attacks protection using random isomorphisms General method of side-channel attacks protection, based on random
More information