On the Linear Complexity of Legendre-Sidelnikov Sequences Ming Su - PowerPoint PPT Presentation

M OTIVATION O UR C ONTRIBUTION On the Linear Complexity of Legendre-Sidelnikov Sequences Ming Su Nankai University, China Emerging Applications of Finite Fields, Linz, Dec. 12

M OTIVATION O UR C ONTRIBUTION Outline Motivation Legendre-Sidelnikov Sequence Definition of Linear Complexity The Linear Complexity of Character based Sequences Our Contribution Multiplicities of the Roots of Unity Linear Complexity of Legendre-Sidelnikov Sequence

M OTIVATION O UR C ONTRIBUTION Background • Legendre Sequence For a prime p > 2 let ( s n ) be the Legendre sequence defined as � n � � 1 , = − 1 , s n = p n ≥ 0 , otherwise , 0 , � � . where denotes the Legendre symbol. p • Sidelnikov Sequence Let q be an odd prime power, g a primitive element of F q , and let η denote the quadratic character of F q , i.e., η ( g i ) = ( − 1 ) i , i = 0 , 1 , . . . , q − 2 . Then the Sidel’nikov (Lempel-Cohn-Eastman) sequence is defined: � 1 , if η ( g n + 1 ) = − 1 , s n = n = 0 , 1 , . . . . 0 , otherwise ,

M OTIVATION O UR C ONTRIBUTION Background • Legendre Sequence For a prime p > 2 let ( s n ) be the Legendre sequence defined as � n � � 1 , = − 1 , s n = p n ≥ 0 , otherwise , 0 , � � . where denotes the Legendre symbol. p • Sidelnikov Sequence Let q be an odd prime power, g a primitive element of F q , and let η denote the quadratic character of F q , i.e., η ( g i ) = ( − 1 ) i , i = 0 , 1 , . . . , q − 2 . Then the Sidel’nikov (Lempel-Cohn-Eastman) sequence is defined: � 1 , if η ( g n + 1 ) = − 1 , s n = n = 0 , 1 , . . . . 0 , otherwise ,

M OTIVATION O UR C ONTRIBUTION Definition of Legendre-Sidelnikov Sequence • We consider the n -periodic binary sequence ( s i ) : if ( i mod n ) ∈ P ,  1 ,  if ( i mod n ) ∈ Q ∗ ,  0 , s i = i ≥ 0 , “ i ” η ( g i + 1 ) 1 − p if ( i mod n ) ∈ R ,   , 2 where p is an odd prime and q is the power of an odd prime such that gcd ( p , q − 1 ) = 1. n = p ( q − 1 ) , P = { 0 , p , 2 p , . . . , ( q − 2 ) p } . q − 1 � � Q = + j ( q − 1 ) : j = 0 , . . . , p − 1 , 2 Q ∗ = Q \ { n 2 } because P ∩ Q = { n 2 } , R = { 0 , 1 , 2 , . . . , n − 1 } \ ( P ∪ Q ∗ ) .

M OTIVATION O UR C ONTRIBUTION Properties of Legendre-Sidelnikov Sequence • This new sequence is balanced if p = q . • The autocorrelation of ( s i ) is given by q − 1 − ( p − 1 )(( − 1 ) l + 1 ) , l ∈ P \ { 0 } ,   ( − 1 ) ( q − 1 ) / 2 − 1      � 1 − ( − 1 ) ( q 2 − 1 ) / 8 � � l �  +  p    p − 1  � � l ∈ Q ∗ ,  1 + ( − 1 ) ,  2  AC ( s i , l )= 1 + ( − 1 ) ( p − 1 ) / 2 � � l � p − q − 2 + , l ∈ R , q − 1 | l , � p     l ( − 1 ) l − 1 + � � � 1 + ( − 1 ) ( p − 1 ) / 2   p    − η ( − g l + 1 )     ( 1 + ( − 1 ) ( p − 1 ) / 2 +( q − 1 ) / 2 + l ) l ∈ R , q − 1 � | l .  �  ,

M OTIVATION O UR C ONTRIBUTION Properties of Legendre-Sidelnikov Sequence • This new sequence is balanced if p = q . • The autocorrelation of ( s i ) is given by q − 1 − ( p − 1 )(( − 1 ) l + 1 ) , l ∈ P \ { 0 } ,   ( − 1 ) ( q − 1 ) / 2 − 1      � 1 − ( − 1 ) ( q 2 − 1 ) / 8 � � l �  +  p    p − 1  � � l ∈ Q ∗ ,  1 + ( − 1 ) ,  2  AC ( s i , l )= 1 + ( − 1 ) ( p − 1 ) / 2 � � l � p − q − 2 + , l ∈ R , q − 1 | l , � p     l ( − 1 ) l − 1 + � � � 1 + ( − 1 ) ( p − 1 ) / 2   p    − η ( − g l + 1 )     ( 1 + ( − 1 ) ( p − 1 ) / 2 +( q − 1 ) / 2 + l ) l ∈ R , q − 1 � | l .  �  ,

M OTIVATION O UR C ONTRIBUTION Definition of Linear Complexity The linear complexity L ( S ) over F 2 of a binary sequence ( s i ) is the shortest length L of a linear recurrence relation over F 2 s i + L = c L − 1 s i + L − 1 + . . . + c 0 s i , 0 ≤ i ≤ N − L − 1 .

M OTIVATION O UR C ONTRIBUTION On the Linear Complexity • The linear complexity should be large enough, i. e., larger than half of the period, resisting the Berlekamp-Massey attack • Algebraic expression of the linear complexity of S: L ( S ) = N − deg ( gcd ( X N − 1 , S ( X ))) , where the generating polynomial S ( X ) := s 0 + s 1 X + . . . + s N − 1 X N − 1 .

M OTIVATION O UR C ONTRIBUTION On the Linear Complexity • The linear complexity should be large enough, i. e., larger than half of the period, resisting the Berlekamp-Massey attack • Algebraic expression of the linear complexity of S: L ( S ) = N − deg ( gcd ( X N − 1 , S ( X ))) , where the generating polynomial S ( X ) := s 0 + s 1 X + . . . + s N − 1 X N − 1 .

M OTIVATION O UR C ONTRIBUTION Linear Complexity of Other Character Sequences • Legendre sequence ( Ding, Helleseth, Shan ) By using quadratic residues and nonresidues • Sidelnikov sequence ( Helleseth, Yang; Kyureghyan, Pott; Meidl, Winterhof ) In some cases by using results on certain cyclotomic numbers and the factorization of some cyclotomic polynomials • Generalized Cyclotomic binary sequence of order 2 (Ding) By using properties of cyclotomic cosets • Two prime generators( Brandstatter, Winterhof; Ding ); Two prime Sidelnikov sequence( Brandstatter, Pirsic, Winterhof )

M OTIVATION O UR C ONTRIBUTION Linear Complexity of Other Character Sequences • Legendre sequence ( Ding, Helleseth, Shan ) By using quadratic residues and nonresidues • Sidelnikov sequence ( Helleseth, Yang; Kyureghyan, Pott; Meidl, Winterhof ) In some cases by using results on certain cyclotomic numbers and the factorization of some cyclotomic polynomials • Generalized Cyclotomic binary sequence of order 2 (Ding) By using properties of cyclotomic cosets • Two prime generators( Brandstatter, Winterhof; Ding ); Two prime Sidelnikov sequence( Brandstatter, Pirsic, Winterhof )

M OTIVATION O UR C ONTRIBUTION Linear Complexity of Other Character Sequences • Legendre sequence ( Ding, Helleseth, Shan ) By using quadratic residues and nonresidues • Sidelnikov sequence ( Helleseth, Yang; Kyureghyan, Pott; Meidl, Winterhof ) In some cases by using results on certain cyclotomic numbers and the factorization of some cyclotomic polynomials • Generalized Cyclotomic binary sequence of order 2 (Ding) By using properties of cyclotomic cosets • Two prime generators( Brandstatter, Winterhof; Ding ); Two prime Sidelnikov sequence( Brandstatter, Pirsic, Winterhof )

M OTIVATION O UR C ONTRIBUTION Linear Complexity of Other Character Sequences • Legendre sequence ( Ding, Helleseth, Shan ) By using quadratic residues and nonresidues • Sidelnikov sequence ( Helleseth, Yang; Kyureghyan, Pott; Meidl, Winterhof ) In some cases by using results on certain cyclotomic numbers and the factorization of some cyclotomic polynomials • Generalized Cyclotomic binary sequence of order 2 (Ding) By using properties of cyclotomic cosets • Two prime generators( Brandstatter, Winterhof; Ding ); Two prime Sidelnikov sequence( Brandstatter, Pirsic, Winterhof )

M OTIVATION O UR C ONTRIBUTION Linear Complexity of this Sequence? • Intuitively p (related to the Legendre sequence) and q (Sidelnikov) should both contribute ‘equivalently’. • Can we determine the exact linear complexity?

M OTIVATION O UR C ONTRIBUTION Linear Complexity of this Sequence? • Intuitively p (related to the Legendre sequence) and q (Sidelnikov) should both contribute ‘equivalently’. • Can we determine the exact linear complexity?

M OTIVATION O UR C ONTRIBUTION Linear Complexity of this Sequence? • Intuitively p (related to the Legendre sequence) and q (Sidelnikov) should both contribute ‘equivalently’. • Can we determine the exact linear complexity?

M OTIVATION O UR C ONTRIBUTION Generating Polynomial of Legendre-Sidelnikov Sequence Note that X n − 1 = ( X rp − 1 ) 2 , where r = q − 1 2 . Next we discuss the multiplicities of 1, β ( r th root of unity), α ( p th root of unity), and other pr th roots of unity for S ( X ) .

M OTIVATION O UR C ONTRIBUTION Generating Polynomial of Legendre-Sidelnikov Sequence Note that X n − 1 = ( X rp − 1 ) 2 , where r = q − 1 2 . Next we discuss the multiplicities of 1, β ( r th root of unity), α ( p th root of unity), and other pr th roots of unity for S ( X ) .

M OTIVATION O UR C ONTRIBUTION On the multiplicity of 1 Lemma A If p ≡ 1 ( mod 4 ) , then for k ≥ 1 satisfying 2 t − 1 ≤ k < 2 t + 1 − 1 with some positive integer t , we have S ( j ) ( 1 ) = 0 for all j ≤ k if and only if q ≡ 1 ( mod 2 t + 1 ) . Equivalently, if p ≡ 3 ( mod 4 ) , 1 is not a root of S ( X ) ; if p ≡ 1 ( mod 4 ) , and q ≡ 1 ( mod 2 l ) for the maximal integer l , the multiplicity of the root 1 is 2 l − 1. Proof: Suppose the conclusion is true for 2 t − 1 ≤ k < 2 t + 1 − 1 on some t . Then for k = 2 t + 1 − 1, by Lucas property and Hasse derivative p ( q − 1 ) − 1 p ( q − 1 ) − 1 � i � S ( k ) ( 1 ) = � s i = � s i k i = 0 i = 0 i ≡ 2 t + 1 − 1 ( mod 2 t + 1 ) � i � η ( g i + 1 ) . s i + � � = p i ∈ P i ∈ Z n i ≡ 2 t + 1 − 1 ( mod 2 t + 1 ) i ≡ 2 t + 1 − 1 ( mod 2 t + 1 )