Characterization of 2 n -Periodic Binary Sequences with Fixed 2-error or 3-error Linear Complexity

Size: px
Start display at page:

Download "Characterization of 2 n -Periodic Binary Sequences with Fixed 2-error or 3-error Linear Complexity"

Transcription

1 Characterization of n -Periodic Binary Sequences with Fixed -error or 3-error Linear Complexity Ramakanth Kavuluru Department of Computer Science, University of Kentucky, Lexington, KY 40506, USA. Abstract The linear complexity of sequences is an important measure of the cryptographic strength of key streams used in stream ciphers. The instability of linear complexity caused by changing a few symbols of sequences can be measured using k-error linear complexity. In their SETA 006 paper, Fu, Niederreiter, and Su [3] studied linear complexity and 1-error linear complexity of n -periodic binary sequences to characterize such sequences with fixed 1-error linear complexity. In this paper we study the linear complexity and the k-error linear complexity of n -periodic binary sequences in a more general setting using a combination of algebraic, combinatorial, and algorithmic methods. This approach allows us to characterize n -periodic binary sequences with fixed -error or 3-error linear complexity. Using this characterization we obtain the counting function for the number of n -periodic binary sequences with fixed k-error linear complexity for k = and 3. Using the characterization we also show that there many n -periodic binary sequences with high linear complexity and high -error or 3-error linear complexity. 1 Introduction The linear complexity of a sequence is the length of the shortest linear feedback shift register (LFSR that can generate the sequence. The LFSR that generates a given sequence can be determined using the Berlekamp-Massey [6] algorithm using only the first L elements of the sequence, where L is the linear complexity of the sequence. Hence for cryptographic purposes sequences with high linear complexity are essential as an adversary would then need large initial segments of the sequences to recover the LFSRs that generate them using the Berlekamp-Massey algorithm. A portion of this paper has appeared in the proceedings of the 5th international conference on Sequences and their Applications (SETA 008.This material is based upon work supported by the National Science Foundation under Grant No. CCF Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author and do not necessarily reflect the views of the National Science Foundation. 1

2 A system is insecure if all but a few symbols of the key stream can be extracted. Hence for a cryptographically strong sequence, the linear complexity should not decrease drastically if a few symbols are changed. If it did, an attacker could modify the known prefix of the key stream and try to decrypt the result using the Berlekamp-Massey algorithm. If the resulting sequence differed from the actual key stream by only a few symbols, the attacker could extract most of the message. This observation gives rise to k-error linear complexity of sequences introduced in [13] based on the earlier concepts of sphere complexity and weight complexity, see []. The k-error linear complexity of a periodic sequence is the smallest linear complexity achieved by making k or fewer changes per period. Besides having large linear complexity, cryptographically strong sequences should, thus, also have large k-error linear complexity at least for small k. Let S = (s 0,,s T 1 be a periodic binary sequence with period T. We associate the polynomial S(x = s 0 + s 1 x + + s T 1 x T 1 and the corresponding T-tuple S (T = (s 0,,s T 1 to S. The relationship between the linear complexity, denoted L(S, of S and the associated polynomial S(x is given by L(S = T deg(gcd(x T 1,S(x, (1 see e.g. [1], Lemma Let w H (S denote the Hamming weight of the T-tuple S (T. For 0 k T, the k-error linear complexity of S, denoted L k (S, is given by L k (S = min E L(S + E, where the minimum is taken over all T-periodic binary sequences E with w H (E k. Since we consider only n -periodic sequences, we use T = n and the observation x T 1 = x n 1 = (x 1 n ( for the rest of the paper. Let merr(s denote the minimum value k such that the k-error linear complexity of a n -periodic sequence S is strictly less than its linear complexity. That is merr(s = min{k : L k (S < L(S}. Kurosawa et al. [5] derived a formula for the exact value of merr(s. Lemma 1.1. For any nonzero n -periodic sequence S, we have merr(s = w H( n L(S, where w H (j, 0 j n 1, denotes the Hamming weight of the binary representation of j. The counting function of a sequence measure gives the number of sequences with a given measure value. Rueppel [1] determined the counting function of linear complexity for n - periodic binary sequences. Using equations (1 and ( it is straightforward to characterize the n -periodic sequences with fixed linear complexity.

3 Lemma 1. ([3]. Let N(L and A(L denote, respectively, the number of and the set of n -periodic binary sequences with given linear complexity L, 0 L n. Then N(0 = 1 and N(L = L 1 for 1 L n. (3 Also, A(0 = {(0, 0, } and A(L, where 1 L n, is equal to the set of n -periodic binary sequences S with the corresponding polynomials S(x = (1 x n L a(x, where a(x is a binary polynomial with deg(a(x L 1 and a(1 0. Counting functions and expected values for linear complexity and k-error linear complexity were extensively explored by Meidl and Niederreiter [8, 9, 10]. Using efficient algorithms to compute the linear complexity of p n -periodic sequences over F p, Meidl [7] obtained the counting function and the expected value for the 1-error linear complexity of n -periodic binary sequences. Meidl and Venkateswarlu [11] extended these results to p n -periodic sequences over F p. Recently, using algebraic and combinatorial methods Fu et al. [3] characterized n - periodic binary sequences with fixed 1-error linear complexity. They derived some properties of the set A(L that deal with changing two symbols per period at fixed positions in sequences in A(L and used them to obtain the characterization. For 0 L n and 1 k n, denote by A k (L the set of n -periodic binary sequences with given k-error linear complexity L and let N k (L = A k (L, the cardinality of A k (L. With this notation the characterization of A 1 (L by Fu et al. can be summarized as follows. Theorem 1.3 ([3]. Let E i, 0 i n 1, be the n -periodic binary sequence with a 1 at position i and 0 elsewhere in each period and 0 be the zero sequence. We have A(0 = {0,E 0,,E n 1} and N 1 (0 = n If n n r < L < n n r 1 for some 0 r n, then A 1 (L = A(L ( n r 1 (A(L + E i and N 1 (L = ( n r + 1 L 1.. If L = n n r, r = 1,,,n, then A 1 (L = A(L and N 1 (L = L 1. For a n -periodic sequence S and t integers i 1,,i t such that 0 i j n 1, j = 1,,t, denote by S i1,,i t the n -periodic binary sequence with the corresponding polynomial S i1,,i t (x = S(x + x i x it. The sequence S i1,,i t is said to be a formed by a t symbol change in S. In this paper we first study the effect of t symbol changes in n -periodic binary sequences for small t. Specifically, for various special cases of L we determine some t symbol changes of sequences in A(L that result in sequences in A(L for t =, 4, and 6. We also characterize 3 i=0

4 specific, 4, and 6 symbol changes of sequences in A(L that result in n -periodic binary sequences with linear complexity strictly less than L. We use these characterizations to construct disjoint decompositions of the sets A (L and A 3 (L of sequences with fixed - error or 3-error linear complexity L. Each set in the decompositions arises by changing all sequences in A(L in a fixed set of positions. Using the characterizations of A (L and A 3 (L we determine the expressions for N (L and N 3 (L. The rest of this section discusses some basics and is organized to present a summary of the main results of the paper. By Lemma 1.1 the linear complexity of any n -periodic sequence S with 0 < L(S < n and merr(s = m+1, m {1,,n 1}, can be uniquely expressed as L(S = n m+1 i=1 n r i, (4 where 1 r 1 < < r m+1 n. From equation (4, the linear complexity of any n -periodic binary sequence S with 0 < L(S < n and merr(s m+1, m {1,,n 1}, can be bounded as ( m 1 m n n r i + n rm+1 < L(S < n n r i, (5 i=1 for some r i {1,,n}, i = 1,,m, satisfying 1 r 1 < < r m. Note that for any sequence S satisfying the inequality (5, we have merr(s m+1. We also note that the bounds in (5 are unique in the sense that the linear complexity of any n -periodic sequence S with merr(s m+1 satisfies exactly one inequality of the particular form given in equation (5. Note that by equation (5 any L such that w H ( n L 3 can be bounded as n ( < L < n ( 1 for some 1 r 1 r < n. With this, i=1 L n (, 1 r 1 r < n (( +1 N (L 3 n+r r n r L 1 (( ( N 3 (L + 7 n+r r n r L 1 3 Table 1: N (L and N 3 (L when w H ( n L = we give the expressions for N (L and N 3 (L derived in this paper. When w H ( n L = 0 or 1 and k =, 3 we have k ( n N k (0 =, N k ( n = 0, and N k ( n t = 0, 0 t < n. i i=0 The results when w H ( n L = are shown in Table 1. The results when w H ( n L 3 are shown in Table. The characterizations of A (L and A 3 (L are complicated to describe without resorting to much additional notation. Hence these details are directly handled in Sections 4 and 5. 4

5 L n ( < L < n ( + n r 1, 1 r 1 r < n (( +1 N (L n r ( r r n r L 1 (( ( +1 N 3 (L N (L + 4 n r r r 1 L 1 3 Table : N (L and N 3 (L when w H ( n L 3 Effect of Small Changes On the Linear Complexity We recall that A(L is the set of n -periodic sequences with fixed linear complexity L, 0 L n. For any two n -periodic sequences S 1 and S, let d H (S 1,S denote the Hamming distance between the tuples S (n 1 and S (n. In this section we study the effect of small changes on the linear complexity of sequences in A(L and derive some properties of A(L which extend those in Fu et al. s paper [3]. First we state a well known result on n -periodic binary sequences. Lemma.1 ([3]. For any n -periodic sequence S, L(S = n if and only if w H (S is odd. We give a generalization of [3, Theorem 1] using a more straightforward approach. Theorem.. For a given r {1,,n 1}, let 1 L < n r. Then for any two distinct sequences S,S A(L we have which implies d H (S,S r+1. d H (S,S = t r+1 for some t {1,, 3,, n r 1 }, Proof. For any sequence S A(L, consider the corresponding polynomial S(x = (1 + x n L a(x, where a(x F [x] such that deg(a(x L 1 and a(1 0. Since 1 L < n r, we have n L > n n r. The generating function for S is given by S(x 1 x n = (1 + x(n n r+(n r L a(x (1 + x n = (1 + xn r L a(x 1 x n r, which implies n r is a period of S. Corresponding to any sequence M A(L, let M (r denote the n r -periodic sequence (m 0,m 1,,m n r 1. Since 1 L < n r, from Lemma.1 we know that w H (S (r and w H (S (r are even. Hence the Hamming distance between S (r and S (r is even. That is d H(S (r,s (r = t for some t {1,, 3,, n r 1 }. Since n r is a period of S and S, we have d H (S,S = r d H (S (r,s (r = t r+1. This completes the proof of the theorem. We use the following result by Fu et al. [3] for the main results of this section. For the rest of the paper we use for the operation of addition modulo n. 5

6 CG (S,n begin if n = 0 then return (S 0 fi if S (n 1 L = S (n 1 R then return CG (S L,n 1 else return n 1 + CG (S L + S R,n 1 fi end Figure 1: The Games-Chan Algorithm Lemma.3. For any sequence S A(L, where n n r < L < n n r 1 for some 1 r n, and for any integer 0 i n 1, the number of sequences S i,j A(L, where 0 j n 1 and j i, is exactly r 1 corresponding to all j {i t n r : 1 t r 1}. The first main result of this section deals with extending Lemma.3 to the case when four symbols per period are changed. The Games-Chan algorithm [4] is a fast algorithm to compute the linear complexity of a n -periodic binary sequence, which we use for the rest of this section. For any S A(L with period S (n = (s 0,,s n 1, denote the left and right halves of S (n by S (n 1 L = (s 0,,s n 1 1 and S (n 1 R = (s n 1,,s n 1. Let S L and S R denote the n 1 periodic sequences S L = (s 0,,s n 1 1 and S R = (s n 1,,s n 1. The Games-Chan algorithm can be recursively described as in Figure 1. We make some observations and establish notation we use for the rest of the section. Note that the recursive procedure of the Games-Chan algorithm in Figure 1 is called a total of n + 1 times to compute the linear complexity of any S A(L. In the ith step, i = 0,,n, the algorithm computes the linear complexity of a n i -periodic binary sequence. Let ψ i (S, i = 0,,n, denote the first period of the n i -periodic binary sequence considered in the ith step of the algorithm when run with input sequence S. For i = 0,,n 1, let ψ i L (S and ψi R (S denote, respectively, the left and right halves of ψ i (S. Let m i (S denote the total value contributed to L(S in the algorithm during the execution from the 0-th step to the i-th step of the algorithm. For any two finite binary sequences of the same length, S and S, let d H (S,S denote the Hamming distance between S and S. We slightly abuse the notation because we also use d H (S,S to denote the Hamming distance between the first periods of S, S A(L. The next lemma follows from the Games-Chan algorithm. 6

7 Lemma.4. Let S be a n -periodic binary sequence. For any t integers r 1,,r t such that 0 < r 1 < r < < r t n, we have if and only if ψ u 1 L L(S = n ( + + n rt (6 (S = ψu 1 R (S exactly when u {r 1,,r t }. (7 We describe four symbol changes for sequences in A(L such that the linear complexity of the modified sequences remains L. We assume that the four positions where the changes are made are distinct since the cases of four symbol changes when more than two positions are identical are covered by Lemma.3. Theorem.5. Let S A(L where n ( < L < n ( 1, (8 for some r 1 and r satisfying 1 r 1 r < n. 1. Consider any four integers i, j, k, and l such that 0 i < j < k < l Then L(S i,j,k,l = L(S if and only if i, j, k, and l are in the form i = u + g 1 n r, j = u + g n r, k = i +, and l = j +, (9 where 0 u n r 1 and 0 g 1 < g r r There do not exist integers i 1,,i 6 such that 0 i 1 < < i and L(S i1,,i 6 = L(S. Proof. We only prove the forward direction of part 1 of the theorem. The other direction is straightforward and can be proved by reversing the argument used for the forward case. Consider any sequence From equation (8 we have S i,j,k,l A(L, where 0 i < j < k < l (10 w H ( n L 3 and L = n ( 1 + c, (11 for some 0 < c < n r 1. From equations (6, (7, and (11, we have S A(L, ψ r 1 1 L (S = ψ r 1 1 R (S and ψ r L (S = ψr (S. (1 R By Lemma.4 and equation (11 the left and right halves are not equal during the first r 1 steps of the Games-Chan procedure for any S A(L. Thus, since 0 i,j,k,l +1 1, by the procedure of the Games-Chan algorithm we get d H (ψ r 1 1 (S,ψ r 1 1 (S i,j,k,l = 4. (13 7

8 By equations (1 and (13, the four positions where the vectors ψ r 1 1 (S, ψ r 1 1 (S i,j,k,l differ are of the form c 1, c, c 1 +, and c +, for some 0 c 1 < c 1. (14 From equations (1 and (13, we have d H (ψ r 1 1 L (S,ψ r 1 1 L (S i,j,k,l =. This implies d H (ψ r 1 (S,ψ r 1 (S i,j,k,l =. (15 Now we treat ψ r 1 (S and ψ r 1 (S i,j,k,l as the first periods of -periodic binary sequences S and S i,j,k,l, respectively, that differ at positions. With this notation, from equations (14 and (15 we have S = (ψ r 1 (S, S i,j,k,l = (ψr 1 (S i,j,k,l, and S i,j,k,l(x = S (x + x c 1 + x c. (16 As a consequence of the procedure of the Games-Chan algorithm, since the left and right halves are different in the first r 1 steps for both S and S i,j,k,l, we have m r 1 1 (S = m r 1 1 (S i,j,k,l = n = n +1. (17 Using Lemma.4 and by equations (10, (16, and (17 we have S,S i,j,k,l A(L where L = L ( n +1. (18 Equations (8 and (18 imply that L satisfies n r < L < n r 1. (19 By Lemma.3 and equation (19, the positions c 1 and c in equations (14 and (16 must be in the form c i = u + g i n r, i = 1,, where 0 u n r 1, 0 g 1 < g r r 1 1. (0 From equations (14 and (0, the four positions, denoted f 1, f, f 3, and f 4, where ψ r 1 1 (S and ψ r 1 1 (S i,j,k,l differ are of the form f 1 = c 1, f = c, f 3 = c 1 +, and f 4 = c +, (1 where c 1 and c are as in equation (0. From the procedure of Games-Chan algorithm observe that a symbol change at any position c in ψ r 1 1 (S, 0 c +1 1, can be effected by changing the symbol at one of the corresponding positions {(c + b +1 mod n : b = 0,, r 1 1 1} in each period of S. Thus from equations (0 and (1, i, j, k, and l must be in the form given in equation (9. To prove part assume that there exist integers i 1,,i 6 such that 0 i 1 < < i and L(S i1,,i 6 = L(S. ( 8

9 From the procedure of the Games-Chan algorithm, using an argument similar to that used to arrive at equation (15 we have d H (ψ r 1 (S,ψ r 1 (S i1,,i 6 = 3. (3 By equation (11 and Lemma.4 we know w H (ψ r 1 (S is even since otherwise L(S = n. Using this, equation (3 implies that w H (ψ r 1 (S i1,,i 6 is odd, which contradicts equation (. Thus part of the theorem is proved. Remark 1. Note that in Theorem.5(1 when r 1 = r = 1 there are no possible distinct values for g 1 and g in equation (9. Thus when 0 < L < n there do not exist distinct four symbol changes to any sequence in A(L that result in sequences with linear complexity L. This is an alternative proof of Theorem. when r =. Also, for some values of L in equation (8, in order to write L in the form as in equation (5, we must allow r 1 = r. Next we extend Lemma.3 to the case when the linear complexity is of the form L = n n r, 1 r n. Lemma.6. For any sequence S A(L, where L = n n r for some 1 r n, and for any integer 0 i n 1, the number of sequences S i,j A(L, where 0 j n 1 and j i, is exactly r 1 1 corresponding to all j {i t n r+1 : 1 t r 1 1}. Proof. First we prove the reverse direction of the lemma. Say j = i t n r+1 for some 1 t r 1 1. Let the polynomial corresponding to S be S(x = (1 + x n r a(x, (4 for some a(x F [x] such that deg(a(x n n r 1 and a(1 = 1. Consider the polynomial x i + x i+tn r+1 = x i (1 + x t n r+1 = x i (1 + x n r+1 (1 + + x t 1 n r+1. (5 By equations (4, (5 and the definition of linear complexity we have L(S i,j = n deg(gcd(1 + x n,s i,j (x = n deg(gcd(1 + x n,s(x + x i + x i tn r+1 = n deg(gcd(1 + x n,s(x + x i + x i+tn r+1 = n deg(gcd((1 + x n, (1 + x n r a(x + x i (1 + x n r+1 (1 + + x t 1 n r+1 = n n r = L. Now we prove the forward direction. We have S i,j A(L. From Lemma.4 we have ψ r 1 L (S = ψr 1 R (S and ψr 1 L (S i,j = ψ r 1 R (S i,j. (6 Assume j {i t n r+1 : 1 t r 1 1}. That is i and j are not congruent modulo n r+1. By the procedure of the Games-Chan algorithm, since the left and right halves are not equal during the first (r steps of the algorithm for both S and S i,j we have d H (ψ r 1 (S,ψ r 1 (S i,j =. (7 9

10 By equations (6 and (7 we have d H (ψ r (S,ψ r (S i,j = 1. This implies that w H (ψ r (S and w H (ψ r (S i,j can not both be odd, which contradicts the fact that L(S = L(S i,j = n n r. Thus it must be the case that j {i t n r+1 : 1 t r 1 1}. The following result can be proved using Lemma.6 and the approach used in Theorem.5. Theorem.7. Let S A(L where L = n ( for some r 1, r such that 1 r 1 < r n. 1. Consider any four integers i, j, k, and l such that 0 i < j < k < l Then L(S i,j,k,l = L(S if and only if i, j, k, and l are in the form i = u + g 1 n r +1, j = u + g n r +1, k = i +, and l = j +, (8 where 0 u n r +1 1 and 1 g 1 < g r r (9. There do not exist integers i 1,,i 6 such that 0 i 1 < < i and L(S i1,,i 6 = L(S. For any polynomial a(x F [x] given by a(x = 1 + x a x a q 1, define the weight W(a(x = q. We also need to handle two symbol changes that decrease the linear complexity of n - periodic binary sequences. Lemma.8. For any sequence S A(L, where L = n n r for some 1 r n, and for any integer 0 i n 1, the number of sequences S i,j such that L(S i,j < L, where 0 j n 1 and j i, is exactly r 1 corresponding to all j {i (t + 1 n r : 0 t r 1 1}. Proof. First we prove the forward direction of the result. Let S(x = (1 + x n r a(x for some a(x F [x] such that deg(a(x n n r 1 and a(1 = 1. The corresponding polynomial for S i,j is S i,j (x = (1 + x n r a(x + x i + x j. So L(S i,j = n deg(gcd((1 + x n, (1 + x n r a(x + x i + x j and hence we have L(S i,j < L if and only if gcd((1 + x n,x i + x j = (1 + x n r. (30 Without loss of generality we may assume i < j. It is a well known fact that gcd(1 + x a, 1 + x b = 1 + x gcd(a,b. Hence we get gcd((1 + x n,x i + x j = gcd(1 + x n, 1 + x j i = 1 + x gcd(n,j i = 1 + x n r if and only if n r divides j i and no higher power of divides j i. Thus equation (30 implies that L(S i,j < L if and only if j = i + d n r for some odd integer d which proves the forward direction. The reverse direction can be proved using an argument similar to that used in proving the reverse direction of Lemma.6. 10

11 Corollary.9. For any sequence S A(L, where L = n n r for some 1 r n, there are n+r distinct pairs i, j, 0 i < j n 1, such that L(S i,j < L. All such i, j are described as i and j = i + (t + 1 n r, (31 where 0 i n n r 1 and 0 t r 1 1 ( i/ n r /. (3 Also, the distinct pairs i, j, 0 i < j n 1, such that 1 + x j i = (1 + x n r b(x, (33 for some b(x F [x], b(1 = 1, deg(b(x n n r 1, are exactly those described in equations (31 and (3. Proof. By Lemma.8 for each i n n r there are no js such that i < j n 1 and L(S i,j < L. Also, for each 0 i n n r 1 there are exactly r 1 ( i/ n r / odd multiples of n r corresponding to 0 t r 1 1 ( i/ n r / such that L(S i,i+(t+1 n r < L. Thus all i, j, 0 i < j n 1, such that L(S i,j < L are as described in equations (31 and (3. The number of distinct pairs i, j obtained from equations (31 and (3 is n 1 i=0 ( r 1 ( i/ n r / n r 1 r 1 1 (l+1 n r 1 = r 1 + ( r 1 l i=0 l=1 i=(l 1 n r ( r 1 1 = n r r 1 + n r+1 ( r 1 l = n+r. By the definition of linear complexity it is straightforward to see that the integers i, j in equations (31 and (3 are exactly those that satisfy equation (33. Our next result deals with four symbol changes that decrease the linear complexity of n -periodic binary sequences. Theorem.10. Let S A(L where L = n ( for some r 1, r such that 1 r 1 < r n. 1. Consider any four integers i, j, k, and l such that 0 i < j < k < l Then L(S i,j,k,l < L if and only if i, j, k, and l are in the form where l=1 (34 i, j = i + (t + 1 n r, k = i +, and l = j +, (35 0 i n r 1 and 0 t r r ( i/ n r /. (36 Furthermore, if K(L is the set of four symbol changes to S described in equations (35 and (36 that decrease its linear complexity, then K(L = {{i,j,k,l} : 0 i < j < k < l +1 1 and L(S i,j,k,l < L} = n+r r 1. (37 11

12 . For any four integers i t, t = 1,, 4, such that 0 i 1 < i < i 3 < i 4 n 1, we have L(S i1,i,i 3,i 4 < L if and only if {i t mod +1 : t = 1,, 4} K(L. 3. There do not exist integers i 1,,i 6, 0 i 1 < < i 6 n 1, such that L(S i1,,i 6 < L. Proof. First we prove the forward direction of part 1. Let S(x = (1 + x + n r a(x for some a(x F [x] such that deg(a(x n n r 1 and a(1 = 1. The corresponding polynomial for S i,j,k,l is S i,j,k,l (x = (1 + x + n r a(x + x i + x j + x k + x l. So L(S i,j,k,l = n gcd((1 + x n, (1 + x + n r a(x + x i + x j + x k + x l and hence L(S i,j,k,l < L if and only if gcd((1 + x n,x i + x j + x k + x l = (1 + x + n r. This holds if and only if 1 + x j i + x k i + x l i = (1 + x + n r b(x = (1 + x n r b(x + x (1 + x n r b(x (38 for some b(x F [x] such that b(1 = b(0 = 1. Since 0 i < j < k < l +1 1 we have deg(b(x n r 1. (39 Since W((1 + x n r b(x, by equations (38 and (39 we see that 1 + x j i = (1 + x n r b(x. (40 By Corollary.9 and equations (38, (39, and (40 we see that i, j, k, and l should be as in equation (35. The proof of the reverse direction of part 1 is straightforward and is similar to the proof of the reverse direction of Lemma.6. Equation (37 follows from equations (35, (36, (39, (40, Lemma.8, and an argument similar to that used in Corollary.9 by substituting n by n r 1 and r by r r 1 in equation (34. To prove the forward direction of part, we first note that L(S i1,i,i 3,i 4 < L if and only if the polynomial e(x = x i 1 + x i + x i 3 + x i 4 = (1 + x + n r b (x (41 for some b (x F [x] such that deg(b (x n n r 1 and b (1 = 1. Let u be the largest power of (1 + x dividing so that e (x = x i 1 mod +1 + x i mod +1 + x i 3 mod +1 + x i 4 mod +1 (4 e (x = (1 + x u b (x (43 for some b (x F [x] such that deg(b(x +1 u and b (1 = 1. For t = 1,, 4 denoting q t = i t / +1 we have x it mod +1 + x it = x it mod +1 + x it mod +1 +q t +1 = x it mod +1 (1 + x +1 (1 + + x qt

13 By equations (41 and (43, this implies So (1 + x +1 e(x + e (x = (1 + x + n r b (x + (1 + x u b (x. u = (44 since n r1+1 >. Since L = n (, by equations (4-(44, and the definition of linear complexity we see that the four symbol changes at positions i t mod n r1+1, t = 1,, 4, lower the linear complexity of any S A(L. Thus {i t mod n r1+1 : t = 1,, 4} K(L, which concludes the proof of the forward direction of part. The reverse direction of part can be proved similarly. To prove part 3, let there be integers i 1,,i 6, 0 i 1 < < i 6 n r1+1 1, such that L(S i1,,i 6 < L. By the argument used to arrive at equation (38 we have x i x i 6 = (1 + x n r c(x + x (1 + x n r c(x, (45 for some c(x F [x] such that c(1 = 1 and deg(c(x n r 1. By equation (45 and the upper bound on deg(c(x it follows that (1 + x n r c(x = x i 1 + x i + x i 3, which is not possible since (1 + x n r c(x has an even number of terms. So the result follows when 0 i 1 < < i The result holds even when 0 i 1 < < i 6 n 1 due to an argument similar to that used to prove part. Remark. Theorem.5 can also be proved with the approach of Theorem.10 by using results on polynomial weights [5, Proposition 3.]. 3 Notation and Auxiliary Results In this section we establish the notation used for the rest of the paper and derive some auxiliary results on the k-error linear complexity of n -periodic binary sequences. Recall that A k (L is the set of n -periodic binary sequences with k-error linear complexity L and N k (L = A k (L. For any 1 t n, let E i1,,i t, 0 i 1 < < i t n 1, denote the n -periodic binary sequence of weight t with a 1 at positions with subscripts i 1,,i t in the first period and 0 elsewhere. Further let E t = {E i1,,i t : 0 i 1 < i < < i t n 1} for t 1 and E 0 = {0}. We denote by A(L +E i1,,i t the set {S +E i1,,i t : S A(L}. For the rest of the paper, for any set R of n -periodic binary sequences, by A(L[R] denote the set of sets {A(L + R : R R}. We have two simple results that will be used in the rest of the paper. Lemma 3.1 ([3]. For any n -periodic sequence S, if w H (S is even then L 1 (S = L(S. If w H (S is odd, then L (S = L 1 (S < L(S = n. Lemma 3. ([7]. For any n -periodic binary sequence S and for k, L k (S is different from n t for every integer t with 0 t < n. We derive two auxiliary results used for the rest of the paper. 13

14 Theorem 3.3. Let {i 1,,i t1 } and {j 1,,j t } denote two sets of subscripts where 0 i l,j m n 1 for l = 1,,t 1 and m = 1,,t. Then Proof. We assume (A(L + E i1,,i t1 (A(L + E j1,,j t = or A(L + E i1,,i t1 = A(L + E j1,,j t. 0 < L n (46 since the result holds trivially for L = 0. Suppose (A(L+E i1,,i t1 (A(L+E j1,,j t. So there exist sequences S, S A(L such that S + E i1,,i t1 = S + E j1,,j t. This implies that Consider the corresponding polynomials of S and S given by S + E i1,,i t1 + E j1,,j t = S. (47 S(x = (1 x n L a(x and S (x = (1 x n L a (x, (48 where a(1 = a (1 = 1. From equations (46 and (48 we have From equations (47 and (49 we have deg(gcd((1 x n,s(x + S (x > n L. (49 deg(gcd((1 x n,x i x it 1 + x j x jt > n L. (50 To prove the theorem we first show that every sequence in A(L + E i1,,i t1 is in A(L + E j1,,j t. Consider any R A(L with the corresponding polynomial R(x = (1 x n L b(x, where b(1 = 1. (51 Then let R = R+E i1,,i t1 +E j1,,j t with the corresponding polynomial R (x. By equations (50 and (51 we have deg(gcd((1 x n,r (x = deg(gcd((1 x n,r(x + x i x it 1 + x j x jt = n L. (5 From equation (5, using the definition of linear complexity we have R A(L, which implies A(L+E i1,,i t1 A(L+E j1,,j t. By symmetry A(L+E j1,,j t A(L+E i1,,i t1, which proves the theorem. We need the following generalization of [3, Theorem 4] in the latter sections. Lemma 3.4. Let S be a T-periodic binary sequence. Consider any two positive integers u, v such that 0 v u and u + v < merr(s. Then for any T-periodic binary sequence E such that w H (E = v we have L u (S + E = L(S. 14

15 Proof. First we note that L i (S = L(S for i = 0,,merr(S 1. Since u + v < merr(s, by definitions of L u (S and L u+v (S we get L u (S + E L u+v (S = L(S. (53 Also, from the observations that (S + E + E = S and w H (E = v u, we get The lemma follows from equations (53 and (54. L u (S + E L(S. (54 Next we prove a generalized result on the characterization and counting function of A k (L for certain specific values of k and L. Theorem 3.5. Consider L 0 such that w H ( n L r + 1 for some 0 r n The set A k (L = k (A(L + E i1,,i t for k = 1,, r 1. (55 E i1,,i t E t t=0. Furthermore, if 1 L < n r then the sets A(L + E i1,,i t, E i1,,i t E t for t = 0,, r 1 are disjoint and ( k ( n N k (L = L 1 for k = 1,, r 1. (56 i Proof. First we make these two observations to show part 1. i=0 1. Hypothesis w H ( n L r+1 implies that for any S A(L we have merr(s r+1.. For k = 1,, r 1, we have k r+1. From these two observations and using Lemma 3.4 we have k (A(L + E i1,,i t A k (L. t=0 E i1,,i t E t Using this, equation (55 follows from the definition of k-error linear complexity. To show part assume that 1 L < n r. To show that the sets A(L + E i1,,i t, E i1,,i t E t, t = 0,, r 1, are all disjoint, by Theorem 3.3, it is enough to show that no two of these sets are equal. We show this by contradiction. Any two sets A(L +E i1,,i u and A(L + E j1,,j v, 0 u,v r 1, are equal if and only if A(L + E i1,,i u,j 1,,j v = A(L with u + v r+1. (57 By Theorem. for any two sequences S, S A(L we have d H (S,S r+1. Thus the set equality in equation (57 does not hold and all the sets A(L + E i1,,i t, E i1,,i t E t, t = 0,, r 1, are disjoint. Using this, the counting function in equation (56 follows from equation (55. 15

16 4 Characterization When w H ( n L In this section we characterize the n -periodic binary sequences with fixed -error or 3-error linear complexity when the linear complexity is not of the form n ( i + j, 1 i < j n 1, by using the results from the previous section. First we obtain the results for -error linear complexity and then extend them to the 3-error case. It is straightforward to see that ( n A (0 = E 1 E {0} and N (0 = + n + 1. (58 From Lemmas.1 and 3.1 we have From Lemma 3. we get A ( n = and N ( n = 0. (59 A (L = and N (L = 0 for L = n t, 0 t < n. (60 A characterization of n -periodic binary sequences with fixed -error linear complexity L such that w H ( n L = 0 or 1 is given in equations (58-(60. Next we give the characterization when w H ( n L 3. For any 1 L < n 1, from Theorem. we know that for any two sequences S,S A(L, d H (S,S 4. Hence we have for all E t E 1 and E i,j E. Theorem 4.1. Let w H ( n L 3 where A(L (A(L + E t =, (61 A(L (A(L + E i,j =, and (6 (A(L + E t (A(L + E i,j =, (63 n ( < L < n ( 1, (64 for some r 1 and r satisfying 1 r 1 r n 1. Then A (L = A(L ( (A(L + E i (A(L + E i,j. (65 E i E 1 E i,j E Define the sets D 1 (L = {E i : 0 i +1 1} and D (L = {E i,j : 0 i < j +1 1}, (66 where the definitions implicitly depend on L. Define the sets D 1 (L and D (L by D 1 (L = {E i,i+ : i = u + t n r, 1 t r r 1 1, and 0 u n r 1} (67 16

17 and D (L ={E i,j,e i,j+ : i = u + t 1 n r,j = u + t n r, 0 t 1 < t r r 1 1, and 0 u n r 1}. (68 Consider the set D(L formed from the sets in equations (66, (67, and (68 by D(L = D (L (D 1 (L D (L. (69 Then the sets A(L, A(L + E i, E i D 1 (L, and A(L + E i,j, E i,j D(L, are disjoint and constitute all of A (L. Furthermore, (( +1 N (L = n r ( r r n r L 1. (70 Proof. Note that any L such that w H ( n L 3 can be expressed as in equation (64. The characterization in equation (65 follows by using r = in the hypothesis of Theorem 3.5 and k = in equation (55. The rest of the proof deals with determining the disjoint set decomposition of A (L in equation (65 there by obtaining the expression for N (L. Case 1: r 1 = r = 1 When r 1 = r = 1 we have 1 L < n and the characterization and counting function are already covered by part of Theorem 3.5 with r = and k = in equation (56. Also, note that the expression for the counting function in equation (56 with k = equals that in equation (70 with r 1 = r = 1. Case : 1 = r 1 < r or 1 < r 1 r First we determine the disjoint sets in A(L[E 1 ]. By equation (64 we have n +1 < L < n. (71 Using Theorem 3.3 and Lemma.3, from equation (71 we have and for u = 0,, +1 1, (A(L + E u (A(L + E v =, 0 u < v +1 1, (7 A(L + E u = A(L + E u+t +1, t = 0,, r (73 Thus, from equation (7 there are n r1+1 disjoint sets A(L+E i, E i D 1 (L, in A(L[E 1 ]. To obtain the disjoint sets in A(L[E ], we only have to characterize the disjoint sets in A(L[D (L] because from equation (73 we have A(L + E i,j,i+v +1,j+w +1 = A(L, for 0 i < j n r1+1 1 and 0 v,w r From Theorem 3.3, we know that A(L + E i,j = A(L + E k,l if and only if there exists a sequence S A(L such that S + E i,j,k,l A(L. Hence we observe that redundantly counted sets in A(L[D (L] arise if only if there exist integers i, j, k, and l, 0 i < j < k < l n r1+1 1, that are in the form given in equation (9. So the sets of integers i, j, 17

18 k, and l, 0 i < j < k < l +1 1, such that L(S i,j,k,l = L(S for any S A(L are thus the i, j, k, and l in the form where and i = u + g 1 n r, j = u + g n r, k = i +, l = j +, (74 0 u n r 1 and 0 g 1 < g r r 1 1. (75 So for all settings of i and j in equation (74 we have the set equalities A(L + E i,j = A(L + E i+,j+ (76 A(L + E i,j+ = A(L + E i+,j. (77 Also, for each u = 0,, n r 1, we have r r 1 1 set equalities A(L + E u,u+ = A(L + E i,i+, where i = u + t n r (78 for 1 t r r 1 1. Note that each error vector appearing on the left hand side or right hand side of equations (76 or (77 corresponding to all settings of i and j in equation (74 appears only in one of those equations and does not appear in the set equalities in equation (78. Also note that each error vector appearing on the left hand side or right hand side of set equalities in equation (78 does not appear in left hand side or right hand side of equations (76 and (77. Thus by equation (74, each of the set equalities in equations (76 and (77 results in a redundantly counted set in A(L[D (L]. These redundantly counted sets for all settings of i and j in equation (74 are listed as A(L + E i,j, E i,j D (L. Similarly, for each u = 0,, n r 1, the set equalities in equation (78 result in r r 1 1 redundantly counted sets in A(L[D (L]. These redundantly counted sets are listed as A(L + E i,j, E i,j D 1 (L. Note that any L such that n 1 L < n and w H ( n L 3, satisfies equations (61 and (63. From Lemma.3 and equation (71 we have A(L (A(L + E i,j =, E i,j D (L. (79 Thus, from equations (65, (61-(63, (69, (74-(78, and (79, the sets A(L, A(L + E i, E i D 1 (L, and A(L + E i,j, E i,j D(L, are disjoint and constitute all of A (L. From equations (67 and (68 we get D 1 (L = n r ( r r 1 1 and D (L = n r ( ( r r 1. (80 The number of disjoint sets in A(L[E ] is equal to D(L. From equations (69 and (80 we have D(L = D (L ( D 1 (L + D (L ( ( ( +1 = n r r r 1 r r From Lemma 1. we have A(L = L 1, 1 L n. Hence the counting function in equation (70 follows from equations (65, (61-(63, (7, (79, and (81. This completes the proof of the theorem. 18 (81

19 Next we give the characterization of n -periodic binary sequences with fixed 3-error linear complexity L when w H ( n L. Using the characterization we also obtain the corresponding counting function. For convenience we use the notation established in the statement of Theorem 4.1. It is straightforward to see that ( ( n n A 3 (0 = E 1 E E 3 {0} and N 3 (0 = + + n We also have A 3 ( n = and N 3 ( n = 0. From Lemma 3. we also get A 3 (L = and N 3 (L = 0 for L = n t, 0 t < n. Theorem 4.. Let 1 L < n be a positive integer such that w H ( n L 3. Then A 3 (L = A (L (A(L + E i,j,k. (8 E i,j,k E 3 Furthermore, let L be uniquely bounded as n ( < L < n ( 1, for some r 1 and r satisfying 1 r 1 r n 1. Let D(L be as in equation (69. Define the sets D 3 (L, D 3 (L, and E(L by and D 3 (L = {E i,j,k : 0 i < j < k +1 1}, D 3 (L = {E i,j,k,e i,j,l,e j,k,l,e i,k,l : i = u + g 1 n r, j = u + g n r, k = i +, l = j +, 0 g 1 < g < r r 1, and 0 u n r 1}, (83 E(L = D 3 (L D 3 (L. (84 Then the sets A(L, A(L + E i, E i D 1 (L, A(L + E i,j, E i,j D(L, and A(L + E i,j,k, E i,j,k E(L are disjoint and constitute all of A 3 (L. Furthermore, (( ( +1 N 3 (L = N (L + 4 n r r r 1 L 1. (85 3 Proof. The characterization in equation (8 follows by using r = in the hypothesis of Theorem 3.5 and k = 3 in equation (55. The rest of the proof deals with determining the disjoint set decomposition of A 3 (L in equation (8 there by obtaining the expression for N 3 (L. The case when r 1 = r = 1, that is, when 1 L < n, is covered by part of Theorem 3.5 with r = and k = 3 in equation (56. It is straightforward to verify that the results using Theorem 3.5 when r 1 = r = 1 agree with those stated in this theorem statement. 19

20 The rest of the proof handles the case when r 1 = 1 < r or 1 < r 1 r. We characterize the disjoint sets in the union given in equation (8. From Theorem 4.1 the disjoint sets in A (L in equation (65 are A(L, A(L + E i, E i D 1 (L, and A(L + E i,j, E i,j D(L. Next we characterize the disjoint sets in A(L[E 3 ]. For this, from equations (7 and (73 we only have to describe the disjoint sets in A(L[D 3 (L]. From part of Theorem.5 we can see that all sets in A(L[D 3 (L] are disjoint. Finally, we show that the sets in A(L[D 3 (L] are disjoint from the sets A(L, A(L+E i, E i D 1 (L, and A(L + E i,j, E i,j D(L. Since Hamming weights of all sequences in the sets in A(L[D 3 (L] are odd, these sets are disjoint from sets A(L and A(L + E i,j, E i,j D(L. From Theorem 3.3 a set A(L + E i, 0 i n r1+1 1, is equal to some set A(L + E j,k,l, 0 j,k,l n r1+1 1, if and only if there exists a sequence S A(L such that S i,j,k,l A(L. Exactly all such i, j, k, and l are described in equations (74 and (75. From equations (74 and (75, for each u = 0,, n r 1 there are exactly ( r r 1 distinct pairs i, j and hence distinct sets {i,j,k,l} such that 0 i < j < k < l n r1+1 1 and A(L + E i,j,k,l = A(L. For each such distinct set {i,j,k,l} we have four set equalities A(L + E i,j,k = A(L + E l, A(L + E i,j,l = A(L + E k, A(L + E j,k,l = A(L + E i, and A(L + E i,k,l = A(L + E j. (86 Based on the settings of possible i, j, k, and l in equations we note that each error vector with Hamming weight 3 that appears in the set equalities in equation (86 appears in exactly one of them. This leads to four redundantly counted sets for each distinct setting of i, j, k, and l as described above. Thus all the redundantly counted sets in the intersection of A(L[D 3 (L] and A(L[D 1 (L] are A(L + E i,j,k, E i,j,k D 3 (L. Hence the sets in E(L in equation (84 are disjoint from the sets A(L, A(L + E i, E i D 1 (L, and A(L + E i,j, E i,j D(L. Using the definition of k-error linear complexity the sets A(L, A(L + E i, E i D 1 (L, A(L + E i,j, E i,j D(L, and A(L + E i,j,k, E i,j,k E(L, are disjoint and thus constitute all of A 3 (L. Using this, the counting function in equation (85 follows from the definition of E(L in equation (84. 5 Characterization When w H ( n L = We use results in Section and the notation established in Section 4 to obtain the characterization of sequences in A(L with fixed -error or 3-error linear complexity when L = n (, 1 r 1 < r n. Theorem 5.1. Let L = n ( for some 1 r 1 < r n. Define the sets G 1 (L = {E i : 0 i +1 1} and G (L = {E i,j : 0 i < j +1 1}. (87 Consider the sets H 1 (L = {E i,i+ : 0 i 1}, (88 H (L = {E i,j,e i+,j+,e i,j+,e j,i+ : 0 i n r 1, j = i + (t + 1 n r, and 0 t r r ( i/ n r (89 / }, 0

21 and H 3 (L = {E i,j,e i,j+ : i = u + g 1 n r +1, j = u + g n r +1, 0 g 1 < g r r 1 1 1, and 0 u n r +1 1}. (90 Finally, define the set H(L = G (L (H 1 (L H (L H 3 (L. (91 Then the sets A(L, A(L + E i, E i G 1 (L, A(L + E i,j, E i,j H(L, are disjoint and constitute all of A (L. That is A (L = A(L (A(L + E i (A(L + E i,j. (9 E i G 1 (L E i,j H(L Furthermore, (( +1 N (L = 3 n+r r n r L 1. (93 Proof. By the definition of k-error linear complexity we have A (L A(L ( (A(L + E i (A(L + E i,j. (94 E i E 1 E i,j E For the rest of the proof let S be any sequence in A(L. By Lemma 1.1 we have L (S = L and by Lemma 3.4 we get L (S + E i = L for any E i E 1. Thus A(L ( (A(L + E i A (L. (95 E i E 1 Since n n r1+1 < L < n, equations (7 and (73 also hold in the current setting. Thus there are n r1+1 disjoint sets A(L + E i, E i G 1 (L, in A(L[E 1 ]. So we have (A(L + E i = (A(L + E i. (96 E i E 1 E i G 1 (L Equations (7 and (73 also imply that A(L[E ] = A(L[G (L]. Next we determine which of the sets in A(L[G (L] have sequences that belong to A (L. Equations (35 and (36 describe all distinct four symbol changes i, j, k, and l, 0 i < j < k < l +1 1, such that L(S i,j,k,l < L. By equations (35 and (36 it is evident that for each integer u, 0 u 1, there exist integers v 1 and v, 0 v 1,v +1 1, such that L(S + E u,u+ + E v1,v < L. Thus S A(L i,j : L (S + E i,j < L, E i,j H 1 (L. (97 1

22 For each set of four symbol changes in equation (35 there are four distinct sequences E i,j, E i,j+, E j,i+, and E i+,j+ in G (L that when added to S result in sequences with -error linear complexity less than L. That is S A(L i,j : L (S + E i,j < L, E i,j H (L. (98 By equations (97, (98, and part of Theorem.10 we have S A(L and i,j : L (S + E i,j = L, E i,j G (L (H 1 (L H (L and thus (A(L + E i,j A (L and E i,j G (L (H 1 (L H (L E i,j H 1 (L H (L (A(L + E i,j A (L =. (99 Next we describe the disjoint sets in {A(L + E i,j : E i,j G (L (H 1 (L H (L}. From Theorem 3.3, we know that A(L + E i,j = A(L + E k,l if and only if there exists a sequence R A(L such that the new sequence R + E i,j,k,l A(L. Exactly all such i, j, k, and l are in the form given in equations (8 and (9. From the definitions in equations (88-(90 we see the following. 1. If E i,j H 1 (L then j i is.. If E i,j H (L then j i is an odd multiple of n r. 3. If E i,j H 3 (L then j i is an even multiple of n r and j i <. From these observations we conclude H 3 (L H 1 (L H (L =. (100 For each of the ( n r +1 r r 1 1 distinct settings of i and j in equations (8 and (9 the set equalities in equations (76 and (77 hold. By equation (100 and using an argument similar to that used in Theorem 4.1, this implies that there are ( n r +1 r r 1 1 redundantly counted sets in {A(L + E i,j : E i,j G (L (H 1 (L H (L} enumerated as A(L + E i,j, E i,j H 3 (L. So we have E i,j G (L (H 1 (L H (L (A(L + E i,j = E i,j G (L (H 1 (L H (L H 3 (L (A(L + E i,j. (101 Since n +1 < L < n, by Lemma.3 and Theorem 3.3 we can see that A(L (A(L + E u =, A(L (A(L + E i,j =, (A(L + E u (A(L + E i,j =, and (10

23 for all E u G 1 (L and E i,j G (L. Thus by equations (94-(96 and (99-(10 the sets A(L, A(L + E i, E i G 1 (L, A(L + E i,j, E i,j H(L, are disjoint and constitute all of A (L and the characterization in equation (9 follows. By equations (88 and (90 we have ( H 1 (L = and H 3 (L = n r +1 r r 1 1 = n+r r 1 1. (103 Each set of four symbol changes in equation (8 contributes four elements to the cardinality of H (L as specified in equation (89. So by equations (37 and (89 we have H (L = 4 n+r r 1 = n+r r 1. (104 Thus by equations (87, (91, (100, (103, and (104 we obtain H(L = G (L ( H 1 (L + H (L + H 3 (L ( +1 = ( + n+r r 1 + n+r r 1 1 ( +1 = 3 n+r r 1 1. (105 The counting function in equation (93 follows from equations (3, (87, (9, and (105. For convenience, we use the notation established in the statement of Theorem 5.1 in the next result. Theorem 5.. Let L = n ( for some 1 r 1 < r n. Define the sets G 3 (L, M 1 (L, and M (L by G 3 (L = {E i,j,k : 0 i < j < k +1 }, and M 1 (L = n r 1 i=0 {E i,j,k,e i,j,l,e i,k,l,e j,k,l : j = i + (t + 1 n r, k = i +, l = j +, and 0 t r r ( i/ n r / }, (106 n r +1 1 M (L = {E i,j,k,e i,j,l,e i,k,l,e j,k,l : i = u + g 1 n r+1, j = u + g n r+1, u=0 k = i +, l = j +, and 0 g 1 < g r r 1 1 1}. (107 Finally, define the set M(L = G 3 (L (M 1 (L M (L. (108 3

24 Let H(L be as in equation (91 in Theorem 5.1. Then the sets A(L, A(L + E i,j, E i,j H(L, A(L + E i,j,k, E i,j,k M(L, are disjoint and constitute all of A 3 (L. That is A 3 (L = A(L (A(L + E i,j (A(L + E i,j,k. (109 E i,j H(L Furthermore, (( ( N 3 (L = + 3 E i,j,k M(L 7 n+r r n r L 1. (110 Proof. By the definition of k-error linear complexity we have 3 A 3 (L A(L (A(L + E i1,,i t. (111 t=1 E i1,,i t E t For the rest of the proof let S be any sequence in A(L. By Lemma 1.1 we have L 3 (S = L and so A(L A 3 (L. (11 Since n +1 < L < n, equations (7 and (73 also hold in the current setting. Thus there are +1 disjoint sets A(L + E i, E i G 1 (L, in A(L[E 1 ] and thus equation (96 holds. By the format of four symbol changes that decrease the linear complexity of S given in equations (35 and (36, for each i 1 = 0,, +1 1, there exist three integers i, i 3, and i 4 such that L(S i1,i,i 3,i 4 < L, which implies E i G 1 (L (A(L + E i A 3 (L =. (113 By the proof of Theorem 5.1 we know that sequences in sets A(L +E i,j, E i,j E, with 3-error linear complexity L are given by the disjoint union (A(L + E i,j A 3 (L. (114 E i,j H(L Equations (7 and (73 imply A(L[E 3 ] = A(L[G 3 (L]. So it is sufficient to determine the sequences in sets A(L + E i,j,k, E i,j,k G 3 (L, that belong to A 3 (L. For each set of four symbol changes in equation (35 there are four distinct sequences E i,j,k, E i,j,l, E i,k,l, and E j,k,l in G 3 (L that when added to S result in sequences with 3-error linear complexity less than L. That is (A(L + E i,j,k A 3 (L =. (115 E i,j,k M 1 (L Equations (8 and (9 describe all i, j, k, and l, 0 i < j < k < l +1 1, such that L(S i,j,k,l = L. For each set of these four symbol changes we have four set equalities 4

25 A(L + E i = A(L + E j,k,l, A(L + E j = A(L + E i,k,l, A(L + E k = A(L + E i,j,l, and A(L + E l = A(L + E i,j,k. By equation (113 this implies that (A(L + E i,j,k A 3 (L =. (116 E i,j,k M (L By equation (106 for each E i,j,k M 1 (L we have either i j, j k, or k i is an odd multiple of n r. By equation (107 for each E i,j,k M (L we have i j, j k, and k i are all even multiples of n r. From this we see that M 1 (L M (L =. (117 By equations (115, (116, and (117, part of Theorem.5 and part 3 of Theorem.10, and using the fact that an odd number of changes to S results in an sequence with linear complexity n, sequences in sets A(L +E i,j,k, E i,j,k G 3 (L, with 3-error linear complexity L are given by the disjoint union (A(L + E i,j,k A 3 (L. (118 E i,j,k G 3 (L (M 1 (L M (L By equations (111-(114, (118, and using the fact that odd number of changes to S result in sequences with linear complexity n, the sets A(L, A(L + E i,j, E i,j H(L, A(L + E i,j,k, E i,j,k M(L, are disjoint and constitute all of A 3 (L and the characterization in equation (109 follows. From equations (8, (35, (37, and (106-(108 we have M(L = G 3 (L ( M 1 (L + M (L ( ( ( +1 = 4 n+r r n r +1 r r ( +1 = + n r1+1 4 n+r r (119 The counting function in equation (110 follows from equations (3, (105, (109, and ( Concluding Remarks In this paper, we characterized n -periodic binary sequences with fixed -error or 3-error linear complexity. First we derived some properties of n -periodic binary sequences with fixed linear complexity. We used the Games-Chan algorithm to find the exact form of specific four symbol changes that can be made in a n -periodic sequence so that the resulting sequence has the same linear complexity as the original sequence. Using straightforward algebraic methods we also described four symbol changes to a n -periodic binary sequence so that the resulting sequence has smaller linear complexity than the original sequence. We used these properties to obtain the characterizations and the corresponding counting functions. Here we make some observations based on the counting functions derived in the paper. 5

26 Let N (L, 0 L n, be the number of n -periodic binary sequences with linear complexity at least L. From Lemma 1. we have ( n L+1 1 N (L = n. (10 Define f k (L, 1 k n, by n L+1 f k (L = N k(l N (L. (11 So f k (L describes the proportion of sequences with k-error linear complexity L among sequences with linear complexity at least L. For cryptographic purposes we would like to have f k (L as high as possible for large L and at least for small k. By equations (70, (93, (10 and (11 after simplification we obtain f (L = n+r r 1 n L+1 1 (1 when n ( < L < n ( 1 with 1 r 1 r n 1 and f (L = n+r r 1 1 n L+1 1 (13 when L = n (, 1 r 1 < r n. Using these formulae we find f (L for L = n 3, n 5, n 6, and n 7. When L = n 7, we have w H ( n L = 3 and we can uniquely bound L as n ( < L < n ( 1 with r 1 = r = n. Using L = n 7 and r 1 = r = n in equation (1 we have f ( n 7 = 37/55 1/7. When L = n 3, we have w H ( n L = and L = n ( with r 1 = n 1 and r = n. So we have f ( n 3 = 5/15 = 1/3 by equation (13. Similarly we obtain f ( n 5 = 13/63 1/5 and f ( n 6 = 5/17 1/5. Using equations (85, (110, (10, and (11 we also obtain corresponding values for f 3 (L. Using Theorem 1.3 we determine the corresponding values for f 1 (L. All these values are summarized in Table 3. Since the L f 1 (L f (L f 3 (L n 3 1/3 1/3 1/15 n 5 1/7 13/63 1/5 37/63 1/ n 6 9/17 1/14 5/17 1/5 65/17 1/ n 7 9/55 1/8 37/55 1/7 93/55 1/3 Table 3: f 1 (L, f (L, and f 3 (L for large L number of sequences with high linear complexity is large for n -periodic binary sequences, we see that considerable number of sequences have high linear complexity and high -error or 3-error linear complexity. 6

Counting Functions for the k-error Linear Complexity of 2 n -Periodic Binary Sequences

Counting Functions for the k-error Linear Complexity of 2 n -Periodic Binary Sequences Counting Functions for the k-error inear Complexity of 2 n -Periodic Binary Sequences amakanth Kavuluru and Andrew Klapper Department of Computer Science, University of Kentucky, exington, KY 40506. Abstract

More information

2 n -Periodic Binary Sequences with Fixed k-error Linear Complexity for k = 2 or 3

2 n -Periodic Binary Sequences with Fixed k-error Linear Complexity for k = 2 or 3 2 n -Periodic Binary Sequences with Fixed k-error Linear Complexity for k = 2 or 3 Ramakanth Kavuluru Department of Computer Science University of Kentucky SEequences and Their Applications 2008 Ramakanth

More information

Counting Functions for the k-error Linear Complexity of 2 n -Periodic Binary Sequences

Counting Functions for the k-error Linear Complexity of 2 n -Periodic Binary Sequences Counting Functions for the k-error inear Complexity of 2 n -Periodic Binary Sequences Ramakanth Kavuluru and Andrew Klapper Department of Computer Science, University of Kentucky, exington, KY 40506, USA

More information

On the k-error linear complexity for p n -periodic binary sequences via hypercube theory

On the k-error linear complexity for p n -periodic binary sequences via hypercube theory 1 On the k-error linear complexity for p n -periodic binary sequences via hypercube theory Jianqin Zhou Department of Computing, Curtin University, Perth, WA 6102 Australia Computer Science School, Anhui

More information

4.3 General attacks on LFSR based stream ciphers

4.3 General attacks on LFSR based stream ciphers 67 4.3 General attacks on LFSR based stream ciphers Recalling our initial discussion on possible attack scenarios, we now assume that z = z 1,z 2,...,z N is a known keystream sequence from a generator

More information

Design of Pseudo-Random Spreading Sequences for CDMA Systems

Design of Pseudo-Random Spreading Sequences for CDMA Systems Design of Pseudo-Random Spreading Sequences for CDMA Systems Jian Ren and Tongtong Li Department of Electrical and Computer Engineering Michigan State University, 2120 Engineering Building East Lansing,

More information

Lecture 10-11: General attacks on LFSR based stream ciphers

Lecture 10-11: General attacks on LFSR based stream ciphers Lecture 10-11: General attacks on LFSR based stream ciphers Thomas Johansson T. Johansson (Lund University) 1 / 23 Introduction z = z 1, z 2,..., z N is a known keystream sequence find a distinguishing

More information

An algorithm for computing minimal bidirectional linear recurrence relations

An algorithm for computing minimal bidirectional linear recurrence relations Loughborough University Institutional Repository An algorithm for computing minimal bidirectional linear recurrence relations This item was submitted to Loughborough University's Institutional Repository

More information

Mathematics Course 111: Algebra I Part I: Algebraic Structures, Sets and Permutations

Mathematics Course 111: Algebra I Part I: Algebraic Structures, Sets and Permutations Mathematics Course 111: Algebra I Part I: Algebraic Structures, Sets and Permutations D. R. Wilkins Academic Year 1996-7 1 Number Systems and Matrix Algebra Integers The whole numbers 0, ±1, ±2, ±3, ±4,...

More information

Berlekamp-Massey decoding of RS code

Berlekamp-Massey decoding of RS code IERG60 Coding for Distributed Storage Systems Lecture - 05//06 Berlekamp-Massey decoding of RS code Lecturer: Kenneth Shum Scribe: Bowen Zhang Berlekamp-Massey algorithm We recall some notations from lecture

More information

Algebra Review 2. 1 Fields. A field is an extension of the concept of a group.

Algebra Review 2. 1 Fields. A field is an extension of the concept of a group. Algebra Review 2 1 Fields A field is an extension of the concept of a group. Definition 1. A field (F, +,, 0 F, 1 F ) is a set F together with two binary operations (+, ) on F such that the following conditions

More information

Part V. Chapter 19. Congruence of integers

Part V. Chapter 19. Congruence of integers Part V. Chapter 19. Congruence of integers Congruence modulo m Let m be a positive integer. Definition. Integers a and b are congruent modulo m if and only if a b is divisible by m. For example, 1. 277

More information

Moreover this binary operation satisfies the following properties

Moreover this binary operation satisfies the following properties Contents 1 Algebraic structures 1 1.1 Group........................................... 1 1.1.1 Definitions and examples............................. 1 1.1.2 Subgroup.....................................

More information

Pseudorandom Sequences I: Linear Complexity and Related Measures

Pseudorandom Sequences I: Linear Complexity and Related Measures Pseudorandom Sequences I: Linear Complexity and Related Measures Arne Winterhof Austrian Academy of Sciences Johann Radon Institute for Computational and Applied Mathematics Linz Carleton University 2010

More information

Chapter 6 Reed-Solomon Codes. 6.1 Finite Field Algebra 6.2 Reed-Solomon Codes 6.3 Syndrome Based Decoding 6.4 Curve-Fitting Based Decoding

Chapter 6 Reed-Solomon Codes. 6.1 Finite Field Algebra 6.2 Reed-Solomon Codes 6.3 Syndrome Based Decoding 6.4 Curve-Fitting Based Decoding Chapter 6 Reed-Solomon Codes 6. Finite Field Algebra 6. Reed-Solomon Codes 6.3 Syndrome Based Decoding 6.4 Curve-Fitting Based Decoding 6. Finite Field Algebra Nonbinary codes: message and codeword symbols

More information

ANALYSIS OF SECURITY MEASURES FOR SEQUENCES

ANALYSIS OF SECURITY MEASURES FOR SEQUENCES University of Kentucky UKnowledge University of Kentucky Doctoral Dissertations Graduate School 2009 ANALYSIS OF SECURITY MEASURES FOR SEQUENCES Ramakanth Kavuluru University of Kentucky, kvnramakanth@yahoo.com

More information

Course 311: Michaelmas Term 2005 Part III: Topics in Commutative Algebra

Course 311: Michaelmas Term 2005 Part III: Topics in Commutative Algebra Course 311: Michaelmas Term 2005 Part III: Topics in Commutative Algebra D. R. Wilkins Contents 3 Topics in Commutative Algebra 2 3.1 Rings and Fields......................... 2 3.2 Ideals...............................

More information

Analysis of Modern Stream Ciphers

Analysis of Modern Stream Ciphers Analysis of Modern Stream Ciphers Josef Pieprzyk Centre for Advanced Computing Algorithms and Cryptography, Macquarie University, Australia CANS - Singapore - December 2007 estream Outline 1. estream Project

More information

ALGEBRA. 1. Some elementary number theory 1.1. Primes and divisibility. We denote the collection of integers

ALGEBRA. 1. Some elementary number theory 1.1. Primes and divisibility. We denote the collection of integers ALGEBRA CHRISTIAN REMLING 1. Some elementary number theory 1.1. Primes and divisibility. We denote the collection of integers by Z = {..., 2, 1, 0, 1,...}. Given a, b Z, we write a b if b = ac for some

More information

ECEN 604: Channel Coding for Communications

ECEN 604: Channel Coding for Communications ECEN 604: Channel Coding for Communications Lecture: Introduction to Cyclic Codes Henry D. Pfister Department of Electrical and Computer Engineering Texas A&M University ECEN 604: Channel Coding for Communications

More information

Combinatorics of p-ary Bent Functions

Combinatorics of p-ary Bent Functions Combinatorics of p-ary Bent Functions MIDN 1/C Steven Walsh United States Naval Academy 25 April 2014 Objectives Introduction/Motivation Definitions Important Theorems Main Results: Connecting Bent Functions

More information

Week 15-16: Combinatorial Design

Week 15-16: Combinatorial Design Week 15-16: Combinatorial Design May 8, 2017 A combinatorial design, or simply a design, is an arrangement of the objects of a set into subsets satisfying certain prescribed properties. The area of combinatorial

More information

Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography

Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography David R. Wilkins Copyright c David R. Wilkins 2000 2013 Contents 9 Introduction to Number Theory 63 9.1 Subgroups

More information

On the Linear Complexity of Feedback Registers

On the Linear Complexity of Feedback Registers On the Linear Complexity of Feedback Registers (extended abstract) A. H. Chan M. Goresky A. Klapper ru ortheastern University College of Computer Science 360 Huntington Ave. Boston, MA, 02113 ABSTRACT

More information

Graphs with few total dominating sets

Graphs with few total dominating sets Graphs with few total dominating sets Marcin Krzywkowski marcin.krzywkowski@gmail.com Stephan Wagner swagner@sun.ac.za Abstract We give a lower bound for the number of total dominating sets of a graph

More information

Math 5707: Graph Theory, Spring 2017 Midterm 3

Math 5707: Graph Theory, Spring 2017 Midterm 3 University of Minnesota Math 5707: Graph Theory, Spring 2017 Midterm 3 Nicholas Rancourt (edited by Darij Grinberg) December 25, 2017 1 Exercise 1 1.1 Problem Let G be a connected multigraph. Let x, y,

More information

Stream Ciphers: Cryptanalytic Techniques

Stream Ciphers: Cryptanalytic Techniques Stream Ciphers: Cryptanalytic Techniques Thomas Johansson Department of Electrical and Information Technology. Lund University, Sweden ECRYPT Summer school 2007 (Lund University) Stream Ciphers: Cryptanalytic

More information

EE 229B ERROR CONTROL CODING Spring 2005

EE 229B ERROR CONTROL CODING Spring 2005 EE 9B ERROR CONTROL CODING Spring 005 Solutions for Homework 1. (Weights of codewords in a cyclic code) Let g(x) be the generator polynomial of a binary cyclic code of length n. (a) Show that if g(x) has

More information

Reverse Berlekamp-Massey Decoding

Reverse Berlekamp-Massey Decoding Reverse Berlekamp-Massey Decoding Jiun-Hung Yu and Hans-Andrea Loeliger Department of Information Technology and Electrical Engineering ETH Zurich, Switzerland Email: {yu, loeliger}@isi.ee.ethz.ch arxiv:1301.736v

More information

Correcting Codes in Cryptography

Correcting Codes in Cryptography EWSCS 06 Palmse, Estonia 5-10 March 2006 Lecture 2: Orthogonal Arrays and Error- Correcting Codes in Cryptography James L. Massey Prof.-em. ETH Zürich, Adjunct Prof., Lund Univ., Sweden, and Tech. Univ.

More information

Cryptographic D-morphic Analysis and Fast Implementations of Composited De Bruijn Sequences

Cryptographic D-morphic Analysis and Fast Implementations of Composited De Bruijn Sequences Cryptographic D-morphic Analysis and Fast Implementations of Composited De Bruijn Sequences Kalikinkar Mandal, and Guang Gong Department of Electrical and Computer Engineering University of Waterloo Waterloo,

More information

Algebraic Feedback Shift Registers Based on Function Fields

Algebraic Feedback Shift Registers Based on Function Fields Algebraic Feedback Shift Registers Based on Function Fields Andrew Klapper 1 University of Kentucky Department of Computer Science, 779 A Anderson Hall Lexington, KY 40506-0046, USA klapper@cs.uky.edu

More information

0 Sets and Induction. Sets

0 Sets and Induction. Sets 0 Sets and Induction Sets A set is an unordered collection of objects, called elements or members of the set. A set is said to contain its elements. We write a A to denote that a is an element of the set

More information

COUNTING NUMERICAL SEMIGROUPS BY GENUS AND SOME CASES OF A QUESTION OF WILF

COUNTING NUMERICAL SEMIGROUPS BY GENUS AND SOME CASES OF A QUESTION OF WILF COUNTING NUMERICAL SEMIGROUPS BY GENUS AND SOME CASES OF A QUESTION OF WILF NATHAN KAPLAN Abstract. The genus of a numerical semigroup is the size of its complement. In this paper we will prove some results

More information

The cocycle lattice of binary matroids

The cocycle lattice of binary matroids Published in: Europ. J. Comb. 14 (1993), 241 250. The cocycle lattice of binary matroids László Lovász Eötvös University, Budapest, Hungary, H-1088 Princeton University, Princeton, NJ 08544 Ákos Seress*

More information

Cyclic codes: overview

Cyclic codes: overview Cyclic codes: overview EE 387, Notes 14, Handout #22 A linear block code is cyclic if the cyclic shift of a codeword is a codeword. Cyclic codes have many advantages. Elegant algebraic descriptions: c(x)

More information

A Questionable Distance-Regular Graph

A Questionable Distance-Regular Graph A Questionable Distance-Regular Graph Rebecca Ross Abstract In this paper, we introduce distance-regular graphs and develop the intersection algebra for these graphs which is based upon its intersection

More information

3. Coding theory 3.1. Basic concepts

3. Coding theory 3.1. Basic concepts 3. CODING THEORY 1 3. Coding theory 3.1. Basic concepts In this chapter we will discuss briefly some aspects of error correcting codes. The main problem is that if information is sent via a noisy channel,

More information

Some Results Concerning Uniqueness of Triangle Sequences

Some Results Concerning Uniqueness of Triangle Sequences Some Results Concerning Uniqueness of Triangle Sequences T. Cheslack-Postava A. Diesl M. Lepinski A. Schuyler August 12 1999 Abstract In this paper we will begin by reviewing the triangle iteration. We

More information

2-7 Solving Quadratic Inequalities. ax 2 + bx + c > 0 (a 0)

2-7 Solving Quadratic Inequalities. ax 2 + bx + c > 0 (a 0) Quadratic Inequalities In One Variable LOOKS LIKE a quadratic equation but Doesn t have an equal sign (=) Has an inequality sign (>,

More information

Course 212: Academic Year Section 1: Metric Spaces

Course 212: Academic Year Section 1: Metric Spaces Course 212: Academic Year 1991-2 Section 1: Metric Spaces D. R. Wilkins Contents 1 Metric Spaces 3 1.1 Distance Functions and Metric Spaces............. 3 1.2 Convergence and Continuity in Metric Spaces.........

More information

Introduction to finite fields

Introduction to finite fields Chapter 7 Introduction to finite fields This chapter provides an introduction to several kinds of abstract algebraic structures, particularly groups, fields, and polynomials. Our primary interest is in

More information

Irredundant Families of Subcubes

Irredundant Families of Subcubes Irredundant Families of Subcubes David Ellis January 2010 Abstract We consider the problem of finding the maximum possible size of a family of -dimensional subcubes of the n-cube {0, 1} n, none of which

More information

On the number of cycles in a graph with restricted cycle lengths

On the number of cycles in a graph with restricted cycle lengths On the number of cycles in a graph with restricted cycle lengths Dániel Gerbner, Balázs Keszegh, Cory Palmer, Balázs Patkós arxiv:1610.03476v1 [math.co] 11 Oct 2016 October 12, 2016 Abstract Let L be a

More information

Largest Values of the Stern Sequence, Alternating Binary Expansions and Continuants

Largest Values of the Stern Sequence, Alternating Binary Expansions and Continuants 1 3 47 6 3 11 Journal of Integer Sequences, Vol. 0 (017), Article 17..8 Largest Values of the Stern Sequence, Alternating Binary Expansions Continuants Rol Paulin Max-Planck-Institut für Mathematik Vivatsgasse

More information

The primitive root theorem

The primitive root theorem The primitive root theorem Mar Steinberger First recall that if R is a ring, then a R is a unit if there exists b R with ab = ba = 1. The collection of all units in R is denoted R and forms a group under

More information

Definitions. Notations. Injective, Surjective and Bijective. Divides. Cartesian Product. Relations. Equivalence Relations

Definitions. Notations. Injective, Surjective and Bijective. Divides. Cartesian Product. Relations. Equivalence Relations Page 1 Definitions Tuesday, May 8, 2018 12:23 AM Notations " " means "equals, by definition" the set of all real numbers the set of integers Denote a function from a set to a set by Denote the image of

More information

A Linear Round Lower Bound for Lovasz-Schrijver SDP Relaxations of Vertex Cover

A Linear Round Lower Bound for Lovasz-Schrijver SDP Relaxations of Vertex Cover A Linear Round Lower Bound for Lovasz-Schrijver SDP Relaxations of Vertex Cover Grant Schoenebeck Luca Trevisan Madhur Tulsiani Abstract We study semidefinite programming relaxations of Vertex Cover arising

More information

First-Return Integrals

First-Return Integrals First-Return ntegrals Marianna Csörnyei, Udayan B. Darji, Michael J. Evans, Paul D. Humke Abstract Properties of first-return integrals of real functions defined on the unit interval are explored. n particular,

More information

The Adjacency Graphs of Linear Feedback Shift Registers with Primitive-like Characteristic Polynomials

The Adjacency Graphs of Linear Feedback Shift Registers with Primitive-like Characteristic Polynomials The Adjacency Graphs of Linear Feedback Shift Registers with Primitive-like Characteristic Polynomials Ming Li and Dongdai Lin State Key Laboratory of Information Security, Institute of Information Engineering,

More information

Lecture 2 Linear Codes

Lecture 2 Linear Codes Lecture 2 Linear Codes 2.1. Linear Codes From now on we want to identify the alphabet Σ with a finite field F q. For general codes, introduced in the last section, the description is hard. For a code of

More information

DEPTH OF FACTORS OF SQUARE FREE MONOMIAL IDEALS

DEPTH OF FACTORS OF SQUARE FREE MONOMIAL IDEALS DEPTH OF FACTORS OF SQUARE FREE MONOMIAL IDEALS DORIN POPESCU Abstract. Let I be an ideal of a polynomial algebra over a field, generated by r-square free monomials of degree d. If r is bigger (or equal)

More information

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography David R. Wilkins Copyright c David R. Wilkins 2006 Contents 9 Introduction to Number Theory and Cryptography 1 9.1 Subgroups

More information

Statistical Properties of the Arithmetic Correlation of Sequences. Mark Goresky School of Mathematics Institute for Advanced Study

Statistical Properties of the Arithmetic Correlation of Sequences. Mark Goresky School of Mathematics Institute for Advanced Study International Journal of Foundations of Computer Science c World Scientific Publishing Company Statistical Properties of the Arithmetic Correlation of Sequences Mark Goresky School of Mathematics Institute

More information

ADVANCED CALCULUS - MTH433 LECTURE 4 - FINITE AND INFINITE SETS

ADVANCED CALCULUS - MTH433 LECTURE 4 - FINITE AND INFINITE SETS ADVANCED CALCULUS - MTH433 LECTURE 4 - FINITE AND INFINITE SETS 1. Cardinal number of a set The cardinal number (or simply cardinal) of a set is a generalization of the concept of the number of elements

More information

Improvements to Correlation Attacks Against Stream. Ciphers with Nonlinear Combiners. Brian Stottler Elizabethtown College

Improvements to Correlation Attacks Against Stream. Ciphers with Nonlinear Combiners. Brian Stottler Elizabethtown College Improvements to Correlation Attacks Against Stream Ciphers with Nonlinear Combiners Brian Stottler Elizabethtown College Spring 2018 1 Background 1.1 Stream Ciphers Throughout the multi-thousand year history

More information

Antipodal Gray Codes

Antipodal Gray Codes Antipodal Gray Codes Charles E Killian, Carla D Savage,1 Department of Computer Science N C State University, Box 8206 Raleigh, NC 27695, USA Abstract An n-bit Gray code is a circular listing of the 2

More information

Scalar multiplication in compressed coordinates in the trace-zero subgroup

Scalar multiplication in compressed coordinates in the trace-zero subgroup Scalar multiplication in compressed coordinates in the trace-zero subgroup Giulia Bianco and Elisa Gorla Institut de Mathématiques, Université de Neuchâtel Rue Emile-Argand 11, CH-2000 Neuchâtel, Switzerland

More information

Rings If R is a commutative ring, a zero divisor is a nonzero element x such that xy = 0 for some nonzero element y R.

Rings If R is a commutative ring, a zero divisor is a nonzero element x such that xy = 0 for some nonzero element y R. Rings 10-26-2008 A ring is an abelian group R with binary operation + ( addition ), together with a second binary operation ( multiplication ). Multiplication must be associative, and must distribute over

More information

Boolean Inner-Product Spaces and Boolean Matrices

Boolean Inner-Product Spaces and Boolean Matrices Boolean Inner-Product Spaces and Boolean Matrices Stan Gudder Department of Mathematics, University of Denver, Denver CO 80208 Frédéric Latrémolière Department of Mathematics, University of Denver, Denver

More information

5 Set Operations, Functions, and Counting

5 Set Operations, Functions, and Counting 5 Set Operations, Functions, and Counting Let N denote the positive integers, N 0 := N {0} be the non-negative integers and Z = N 0 ( N) the positive and negative integers including 0, Q the rational numbers,

More information

Perfect Two-Fault Tolerant Search with Minimum Adaptiveness 1

Perfect Two-Fault Tolerant Search with Minimum Adaptiveness 1 Advances in Applied Mathematics 25, 65 101 (2000) doi:10.1006/aama.2000.0688, available online at http://www.idealibrary.com on Perfect Two-Fault Tolerant Search with Minimum Adaptiveness 1 Ferdinando

More information

Factorization in Integral Domains II

Factorization in Integral Domains II Factorization in Integral Domains II 1 Statement of the main theorem Throughout these notes, unless otherwise specified, R is a UFD with field of quotients F. The main examples will be R = Z, F = Q, and

More information

DISTINGUISHING PARTITIONS AND ASYMMETRIC UNIFORM HYPERGRAPHS

DISTINGUISHING PARTITIONS AND ASYMMETRIC UNIFORM HYPERGRAPHS DISTINGUISHING PARTITIONS AND ASYMMETRIC UNIFORM HYPERGRAPHS M. N. ELLINGHAM AND JUSTIN Z. SCHROEDER In memory of Mike Albertson. Abstract. A distinguishing partition for an action of a group Γ on a set

More information

POSITIVE DEFINITE n-regular QUADRATIC FORMS

POSITIVE DEFINITE n-regular QUADRATIC FORMS POSITIVE DEFINITE n-regular QUADRATIC FORMS BYEONG-KWEON OH Abstract. A positive definite integral quadratic form f is called n- regular if f represents every quadratic form of rank n that is represented

More information

UNPREDICTABLE BINARY STRINGS

UNPREDICTABLE BINARY STRINGS UNPREDICTABLE BINARY STRINGS R.M. LOW, M. STAMP, R. CRAIGEN, AND G. FAUCHER Abstract. We examine a class of binary strings arising from considerations about stream cipher encryption: to what degree can

More information

Solutions to the 74th William Lowell Putnam Mathematical Competition Saturday, December 7, 2013

Solutions to the 74th William Lowell Putnam Mathematical Competition Saturday, December 7, 2013 Solutions to the 74th William Lowell Putnam Mathematical Competition Saturday, December 7, 213 Kiran Kedlaya and Lenny Ng A1 Suppose otherwise. Then each vertex v is a vertex for five faces, all of which

More information

On The Nonlinearity of Maximum-length NFSR Feedbacks

On The Nonlinearity of Maximum-length NFSR Feedbacks On The Nonlinearity of Maximum-length NFSR Feedbacks Meltem Sönmez Turan National Institute of Standards and Technology meltem.turan@nist.gov Abstract. Linear Feedback Shift Registers (LFSRs) are the main

More information

Partial cubes: structures, characterizations, and constructions

Partial cubes: structures, characterizations, and constructions Partial cubes: structures, characterizations, and constructions Sergei Ovchinnikov San Francisco State University, Mathematics Department, 1600 Holloway Ave., San Francisco, CA 94132 Abstract Partial cubes

More information

REPRESENTATIONS FOR A SPECIAL SEQUENCE

REPRESENTATIONS FOR A SPECIAL SEQUENCE REPRESENTATIONS FOR A SPECIAL SEQUENCE L. CARLITZ* RICHARD SCOVILLE Dyke University, Durham,!\!orth Carolina VERNERE.HOGGATTJR. San Jose State University, San Jose, California Consider the sequence defined

More information

Shortest paths with negative lengths

Shortest paths with negative lengths Chapter 8 Shortest paths with negative lengths In this chapter we give a linear-space, nearly linear-time algorithm that, given a directed planar graph G with real positive and negative lengths, but no

More information

NONABELIAN GROUPS WITH PERFECT ORDER SUBSETS

NONABELIAN GROUPS WITH PERFECT ORDER SUBSETS NONABELIAN GROUPS WITH PERFECT ORDER SUBSETS CARRIE E. FINCH AND LENNY JONES Abstract. Let G be a finite group and let x G. Define the order subset of G determined by x to be the set of all elements in

More information

4 Linear Recurrence Relations & the Fibonacci Sequence

4 Linear Recurrence Relations & the Fibonacci Sequence 4 Linear Recurrence Relations & the Fibonacci Sequence Recall the classic example of the Fibonacci sequence (F n ) n=1 the relations: F n+ = F n+1 + F n F 1 = F = 1 = (1, 1,, 3, 5, 8, 13, 1,...), defined

More information

Chapter 1 Vector Spaces

Chapter 1 Vector Spaces Chapter 1 Vector Spaces Per-Olof Persson persson@berkeley.edu Department of Mathematics University of California, Berkeley Math 110 Linear Algebra Vector Spaces Definition A vector space V over a field

More information

On the Average Complexity of Brzozowski s Algorithm for Deterministic Automata with a Small Number of Final States

On the Average Complexity of Brzozowski s Algorithm for Deterministic Automata with a Small Number of Final States On the Average Complexity of Brzozowski s Algorithm for Deterministic Automata with a Small Number of Final States Sven De Felice 1 and Cyril Nicaud 2 1 LIAFA, Université Paris Diderot - Paris 7 & CNRS

More information

A Z q -Fan theorem. 1 Introduction. Frédéric Meunier December 11, 2006

A Z q -Fan theorem. 1 Introduction. Frédéric Meunier December 11, 2006 A Z q -Fan theorem Frédéric Meunier December 11, 2006 Abstract In 1952, Ky Fan proved a combinatorial theorem generalizing the Borsuk-Ulam theorem stating that there is no Z 2-equivariant map from the

More information

Equivalence constants for certain matrix norms II

Equivalence constants for certain matrix norms II Linear Algebra and its Applications 420 (2007) 388 399 www.elsevier.com/locate/laa Equivalence constants for certain matrix norms II Bao Qi Feng a,, Andrew Tonge b a Department of Mathematical Sciences,

More information

ELEMENTARY LINEAR ALGEBRA

ELEMENTARY LINEAR ALGEBRA ELEMENTARY LINEAR ALGEBRA K R MATTHEWS DEPARTMENT OF MATHEMATICS UNIVERSITY OF QUEENSLAND First Printing, 99 Chapter LINEAR EQUATIONS Introduction to linear equations A linear equation in n unknowns x,

More information

EE512: Error Control Coding

EE512: Error Control Coding EE51: Error Control Coding Solution for Assignment on BCH and RS Codes March, 007 1. To determine the dimension and generator polynomial of all narrow sense binary BCH codes of length n = 31, we have to

More information

Finite Fields: An introduction through exercises Jonathan Buss Spring 2014

Finite Fields: An introduction through exercises Jonathan Buss Spring 2014 Finite Fields: An introduction through exercises Jonathan Buss Spring 2014 A typical course in abstract algebra starts with groups, and then moves on to rings, vector spaces, fields, etc. This sequence

More information

Sequences, DFT and Resistance against Fast Algebraic Attacks

Sequences, DFT and Resistance against Fast Algebraic Attacks Sequences, DFT and Resistance against Fast Algebraic Attacks Guang Gong Department of Electrical and Computer Engineering University of Waterloo Waterloo, Ontario N2L 3G1, CANADA Email. ggong@calliope.uwaterloo.ca

More information

A PASCAL-LIKE BOUND FOR THE NUMBER OF NECKLACES WITH FIXED DENSITY

A PASCAL-LIKE BOUND FOR THE NUMBER OF NECKLACES WITH FIXED DENSITY A PASCAL-LIKE BOUND FOR THE NUMBER OF NECKLACES WITH FIXED DENSITY I. HECKENBERGER AND J. SAWADA Abstract. A bound resembling Pascal s identity is presented for binary necklaces with fixed density using

More information

4. What is the probability that the two values differ by 4 or more in absolute value? There are only six

4. What is the probability that the two values differ by 4 or more in absolute value? There are only six 1. Short Questions: 2/2/2/2/2 Provide a clear and concise justification of your answer. In this problem, you roll two balanced six-sided dice. Hint: Draw a picture. 1. What is the probability that the

More information

Periodicity and Distribution Properties of Combined FCSR Sequences

Periodicity and Distribution Properties of Combined FCSR Sequences Periodicity and Distribution Properties of Combined FCSR Sequences Mark Goresky 1, and Andrew Klapper, 1 Institute for Advanced Study, Princeton NJ www.math.ias.edu/~goresky Dept. of Computer Science,

More information

Notes 10: List Decoding Reed-Solomon Codes and Concatenated codes

Notes 10: List Decoding Reed-Solomon Codes and Concatenated codes Introduction to Coding Theory CMU: Spring 010 Notes 10: List Decoding Reed-Solomon Codes and Concatenated codes April 010 Lecturer: Venkatesan Guruswami Scribe: Venkat Guruswami & Ali Kemal Sinop DRAFT

More information

An Algebraic Interpretation of the Multiplicity Sequence of an Algebraic Branch

An Algebraic Interpretation of the Multiplicity Sequence of an Algebraic Branch An Algebraic Interpretation of the Multiplicity Sequence of an Algebraic Branch Une Interprétation Algébrique de la Suite des Ordres de Multiplicité d une Branche Algébrique Proc. London Math. Soc. (2),

More information

1 Topology Definition of a topology Basis (Base) of a topology The subspace topology & the product topology on X Y 3

1 Topology Definition of a topology Basis (Base) of a topology The subspace topology & the product topology on X Y 3 Index Page 1 Topology 2 1.1 Definition of a topology 2 1.2 Basis (Base) of a topology 2 1.3 The subspace topology & the product topology on X Y 3 1.4 Basic topology concepts: limit points, closed sets,

More information

On a Balanced Property of Compositions

On a Balanced Property of Compositions On a Balanced Property of Compositions Miklós Bóna Department of Mathematics University of Florida Gainesville FL 32611-8105 USA Submitted: October 2, 2006; Accepted: January 24, 2007; Published: March

More information

x 9 or x > 10 Name: Class: Date: 1 How many natural numbers are between 1.5 and 4.5 on the number line?

x 9 or x > 10 Name: Class: Date: 1 How many natural numbers are between 1.5 and 4.5 on the number line? 1 How many natural numbers are between 1.5 and 4.5 on the number line? 2 How many composite numbers are between 7 and 13 on the number line? 3 How many prime numbers are between 7 and 20 on the number

More information

2. Polynomials. 19 points. 3/3/3/3/3/4 Clearly indicate your correctly formatted answer: this is what is to be graded. No need to justify!

2. Polynomials. 19 points. 3/3/3/3/3/4 Clearly indicate your correctly formatted answer: this is what is to be graded. No need to justify! 1. Short Modular Arithmetic/RSA. 16 points: 3/3/3/3/4 For each question, please answer in the correct format. When an expression is asked for, it may simply be a number, or an expression involving variables

More information

g(x) = 1 1 x = 1 + x + x2 + x 3 + is not a polynomial, since it doesn t have finite degree. g(x) is an example of a power series.

g(x) = 1 1 x = 1 + x + x2 + x 3 + is not a polynomial, since it doesn t have finite degree. g(x) is an example of a power series. 6 Polynomial Rings We introduce a class of rings called the polynomial rings, describing computation, factorization and divisibility in such rings For the case where the coefficients come from an integral

More information

Modified Berlekamp-Massey algorithm for approximating the k-error linear complexity of binary sequences

Modified Berlekamp-Massey algorithm for approximating the k-error linear complexity of binary sequences Loughborough University Institutional Repository Modified Berlekamp-Massey algorithm for approximating the k-error linear complexity of binary sequences This item was submitted to Loughborough University's

More information

The natural numbers. Definition. Let X be any inductive set. We define the set of natural numbers as N = C(X).

The natural numbers. Definition. Let X be any inductive set. We define the set of natural numbers as N = C(X). The natural numbers As mentioned earlier in the course, the natural numbers can be constructed using the axioms of set theory. In this note we want to discuss the necessary details of this construction.

More information

Discrete Applied Mathematics

Discrete Applied Mathematics Discrete Applied Mathematics 194 (015) 37 59 Contents lists available at ScienceDirect Discrete Applied Mathematics journal homepage: wwwelseviercom/locate/dam Loopy, Hankel, and combinatorially skew-hankel

More information

Elementary 2-Group Character Codes. Abstract. In this correspondence we describe a class of codes over GF (q),

Elementary 2-Group Character Codes. Abstract. In this correspondence we describe a class of codes over GF (q), Elementary 2-Group Character Codes Cunsheng Ding 1, David Kohel 2, and San Ling Abstract In this correspondence we describe a class of codes over GF (q), where q is a power of an odd prime. These codes

More information

PolynomialExponential Equations in Two Variables

PolynomialExponential Equations in Two Variables journal of number theory 62, 428438 (1997) article no. NT972058 PolynomialExponential Equations in Two Variables Scott D. Ahlgren* Department of Mathematics, University of Colorado, Boulder, Campus Box

More information

A Solution to the Checkerboard Problem

A Solution to the Checkerboard Problem A Solution to the Checkerboard Problem Futaba Okamoto Mathematics Department, University of Wisconsin La Crosse, La Crosse, WI 5460 Ebrahim Salehi Department of Mathematical Sciences, University of Nevada

More information

Measures and Measure Spaces

Measures and Measure Spaces Chapter 2 Measures and Measure Spaces In summarizing the flaws of the Riemann integral we can focus on two main points: 1) Many nice functions are not Riemann integrable. 2) The Riemann integral does not

More information

arxiv: v1 [math.co] 3 Nov 2014

arxiv: v1 [math.co] 3 Nov 2014 SPARSE MATRICES DESCRIBING ITERATIONS OF INTEGER-VALUED FUNCTIONS BERND C. KELLNER arxiv:1411.0590v1 [math.co] 3 Nov 014 Abstract. We consider iterations of integer-valued functions φ, which have no fixed

More information

FIBONACCI NUMBERS AND DECIMATION OF BINARY SEQUENCES

FIBONACCI NUMBERS AND DECIMATION OF BINARY SEQUENCES FIBONACCI NUMBERS AND DECIMATION OF BINARY SEQUENCES Jovan Dj. Golić Security Innovation, Telecom Italia Via Reiss Romoli 274, 10148 Turin, Italy (Submitted August 2004-Final Revision April 200) ABSTRACT

More information