unicyclic strong permutations
play

Unicyclic strong permutations Claude Gravel (Universit e de Montr - PowerPoint PPT Presentation

Mar 13, 2024 •199 likes •820 views

Unicyclic strong permutations Claude Gravel (Universit e de Montr eal) Daniel Panario (Carleton University) David Thomson (Carleton University) Tuesday, June 19 th , and Wednesday, 20 th , 2018 The 3 rd International Workshop on B oolean

  1. Unicyclic strong permutations Claude Gravel (Universit´ e de Montr´ eal) Daniel Panario (Carleton University) David Thomson (Carleton University) Tuesday, June 19 th , and Wednesday, 20 th , 2018 The 3 rd International Workshop on B oolean F unctions and their A pplications BFA 2018 Loen (Norway) 1 / 41

  2. Some properties of permutations By unicyclic strong permutations, we mean permutations that satisfy: ( 1 ) Unicyclic (contains only one cycle of maximal length), ( 2 ) Number of terms per output bits is about 2 d − 1 , where d is the degree of the irreducible polynomial, ( 3 ) Maximal algebraic degree, ( 4 ) Easy to describe, ( 5 ) Small values of the first-order differences (differential cryptanalysis), ( 6 ) Small values of Walsh sums (Walsh spectrum cryptanalysis), ( 7 ) On-the-fly generation. We shall refer to above properties later when necessary. 2 / 41

  3. Finding unicyclic permutation For large n > 0, listing all of the n ! permutations, and retaining only the unicyclic ones is infeasible. The are exactly ( n − 1)! unicyclic permutations over a finite set of n distinct elements. 3 / 41

  4. Finding unicyclic permutation For large n > 0, listing all of the n ! permutations, and retaining only the unicyclic ones is infeasible. The are exactly ( n − 1)! unicyclic permutations over a finite set of n distinct elements. QUESTION : Is it possible to construct efficiently a subset of the set of all permutations which are easy to describe, permutations there have only one cycle (and eventually other strong properties)? 3 / 41

  5. Polynomial & permutation–example We construct a permutation over the set { 0 , 1 } d of binary words, hence n = 2 d . To fit here, d = 3. The construction uses operations over polynomials. 4 / 41

  6. Polynomial & permutation–example We construct a permutation over the set { 0 , 1 } d of binary words, hence n = 2 d . To fit here, d = 3. The construction uses operations over polynomials. NOTATION : P a ( X ) = a 0 + a 1 X + . . . + a d − 1 X d − 1 where a = ( a 0 , . . . , a d − 1 ) ∈ { 0 , 1 } d . FACT : For all nonzero a ∈ { 0 , 1 } 3 , functions over { 0 , 1 } 3 defined through P a ( X ) �→ P ℓ a ( X ) for ℓ = 1 , 2 , 3 , 4 , 5 , 6 are permutations. a ( X ) = P 2 d − 2 For example, we compute P 6 ( X ). a 4 / 41

  7. Polynomial & permutation–example cont’d For example, choosing the irreducible polynomial Q ( X ) = 1 + X 2 + X 3 , compute X j mod Q ( X ) for j = 0 , . . . , 6. 5 / 41

  8. Polynomial & permutation–example cont’d For example, choosing the irreducible polynomial Q ( X ) = 1 + X 2 + X 3 , compute X j mod Q ( X ) for j = 0 , . . . , 6. For a = a 0 a 1 a 2 ∈ { 0 , 1 } 3 , focus on P 2 k a ( X ). P 2 0 a ( X ) = P a ( X ) , P 2 1 X 2 , � � � � a ( X ) = a 0 + a 2 + a 2 X + a 1 + a 2 P 2 2 � 2 P 2 � a ( X ) = a ( X ) X + a 1 X 2 . � � � = a 0 + a 1 ) + a 1 + a 2 5 / 41

  9. Polynomial & permutation–example cont’d Finally, a ( X ) = P 2 1 a ( X ) P 2 2 P 6 a ( X ) � � = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 + � � a 1 + a 2 + a 0 a 1 + a 1 a 2 X + X 2 � � a 1 + a 0 a 2 + a 1 a 2 def = P b ( X ) , and 6 / 41

  10. Polynomial & permutation–example cont’d Finally, a 0 a 1 a 2 b 0 b 1 b 2 a ( X ) = P 2 1 a ( X ) P 2 2 P 6 0 0 0 0 0 0 a ( X ) 0 0 1 1 1 0 � � = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 + 0 1 0 0 1 1 � � a 1 + a 2 + a 0 a 1 + a 1 a 2 X + 0 1 1 0 1 0 X 2 � � a 1 + a 0 a 2 + a 1 a 2 1 0 0 1 0 0 def 1 0 1 1 1 1 = P b ( X ) , 1 1 0 0 0 1 1 1 1 1 0 1 and 6 / 41

  11. Polynomial & permutation–example cont’d Finally, a 0 a 1 a 2 b 0 b 1 b 2 a ( X ) = P 2 1 a ( X ) P 2 2 P 6 0 0 0 0 0 0 a ( X ) 0 0 1 1 1 0 � � = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 + 0 1 0 0 1 1 � � a 1 + a 2 + a 0 a 1 + a 1 a 2 X + 0 1 1 0 1 0 X 2 � � a 1 + a 0 a 2 + a 1 a 2 1 0 0 1 0 0 def 1 0 1 1 1 1 = P b ( X ) , 1 1 0 0 0 1 1 1 1 1 0 1 and FACT : For all d and irreducible polynomial Q ( X ) of degree d , the permutation obtained by considering P 2 d − 2 ( X ) mod Q has fixed a points and cycles of length two. NOTE : Another example with fixed points and cycle of length two is the non-linear part of AES for which d = 8. 6 / 41

  12. Polynomial & permutation–example cont’d Three binary coordinate functions, one for each power of X . Bits b 0 , b 1 , b 2 are themselves polynomials of the bits a 0 , a 1 , a 2 modulo 2. b 0 ( a 0 , a 1 , a 2 ) = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 , b 1 ( a 0 , a 1 , a 2 ) = a 1 + a 2 + a 0 a 1 + a 1 a 2 , b 2 ( a 0 , a 1 , a 2 ) = a 1 + a 0 a 2 + a 1 a 2 . 7 / 41

  13. Polynomial & permutation–example cont’d Three binary coordinate functions, one for each power of X . Bits b 0 , b 1 , b 2 are themselves polynomials of the bits a 0 , a 1 , a 2 modulo 2. b 0 ( a 0 , a 1 , a 2 ) = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 , b 1 ( a 0 , a 1 , a 2 ) = a 1 + a 2 + a 0 a 1 + a 1 a 2 , b 2 ( a 0 , a 1 , a 2 ) = a 1 + a 0 a 2 + a 1 a 2 . Like for polynomials with real coefficients, differential calculus can be used to approximate, and get information on the polynomials b 0 , b 1 , and b 2 ; this is differential cryptanalysis. Another cryptanalytic method is based the Walsh spectrum, and can translate easily into a quantum cryptanalytic method by using the quantum Fourier transform. 7 / 41

  14. Polynomial & permutation–example cont’d Three binary coordinate functions, one for each power of X . Bits b 0 , b 1 , b 2 are themselves polynomials of the bits a 0 , a 1 , a 2 modulo 2. b 0 ( a 0 , a 1 , a 2 ) = a 0 + a 2 + a 0 a 1 + a 0 a 2 + a 1 a 2 , b 1 ( a 0 , a 1 , a 2 ) = a 1 + a 2 + a 0 a 1 + a 1 a 2 , b 2 ( a 0 , a 1 , a 2 ) = a 1 + a 0 a 2 + a 1 a 2 . Like for polynomials with real coefficients, differential calculus can be used to approximate, and get information on the polynomials b 0 , b 1 , and b 2 ; this is differential cryptanalysis. Another cryptanalytic method is based the Walsh spectrum, and can translate easily into a quantum cryptanalytic method by using the quantum Fourier transform. FACT : The degree of the functions b j ( a )’s is d − 1 = 2. However, all the functions involved in P 2 k a ( X ) are linear in the a j ’s. . . 7 / 41

  15. Unicyclic strong permutations–Definition I Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is a permutation over { 0 , 1 } d constructed by composing d permutations σ k for k = 0 , . . . , d − 1 such that σ k is defined by the map: 8 / 41

  16. Unicyclic strong permutations–Definition I Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is a permutation over { 0 , 1 } d constructed by composing d permutations σ k for k = 0 , . . . , d − 1 such that σ k is defined by the map: � 2 d − 2 k − 1 � P σ k ( a ) ( X ) = P a ( X ) + P ( X ) (mod Q ) for k = 0 , . . . , d − 1 8 / 41

  17. Unicyclic strong permutations–Definition I Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is a permutation over { 0 , 1 } d constructed by composing d permutations σ k for k = 0 , . . . , d − 1 such that σ k is defined by the map: � 2 d − 2 k − 1 � P σ k ( a ) ( X ) = P a ( X ) + P ( X ) (mod Q ) for k = 0 , . . . , d − 1 a �→ σ k ( a ) 8 / 41

  18. Unicyclic strong permutations–Definition I Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is a permutation over { 0 , 1 } d constructed by composing d permutations σ k for k = 0 , . . . , d − 1 such that σ k is defined by the map: � 2 d − 2 k − 1 � P σ k ( a ) ( X ) = P a ( X ) + P ( X ) (mod Q ) for k = 0 , . . . , d − 1 a �→ σ k ( a ) And then σ = σ d − 1 ◦ σ d − 2 ◦ · · · ◦ σ 0 8 / 41

  19. Unicyclic strong permutations–Definition II Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is permutation over { 0 , 1 } d constructed by recurrence. A word a ∈ { 0 , 1 } d is mapped to b ∈ { 0 , 1 } d through a sequence of steps a = a (0) → . . . → a ( i ) → . . . → a ( d ) = σ ( a ) = b defined by 9 / 41

  20. Unicyclic strong permutations–Definition II Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is permutation over { 0 , 1 } d constructed by recurrence. A word a ∈ { 0 , 1 } d is mapped to b ∈ { 0 , 1 } d through a sequence of steps a = a (0) → . . . → a ( i ) → . . . → a ( d ) = σ ( a ) = b defined by P a (0) ( X ) = P a ( X ) � 2 d − 2 j − 1 − 1 � P a ( j ) ( X ) = P a ( j − 1) ( X ) + P ( X ) (mod Q ) for j = 1 , . . . , d 9 / 41

  21. Unicyclic strong permutations–Definition II Let P ( X ) be a fixed non-constant perturbation polynomial. Here σ is permutation over { 0 , 1 } d constructed by recurrence. A word a ∈ { 0 , 1 } d is mapped to b ∈ { 0 , 1 } d through a sequence of steps a = a (0) → . . . → a ( i ) → . . . → a ( d ) = σ ( a ) = b defined by P a (0) ( X ) = P a ( X ) � 2 d − 2 j − 1 − 1 � P a ( j ) ( X ) = P a ( j − 1) ( X ) + P ( X ) (mod Q ) for j = 1 , . . . , d a �→ b = ( b 0 ( a ) , . . . , b d − 1 ( a )) . 9 / 41

  22. An example without a giant cycle a = a ( 0 ) a = a ( 0 ) 0 32 1 33 2 34 3 35 4 36 5 37 6 38 7 39 8 40 9 41 10 42 11 43 12 44 13 45 14 46 15 47 16 48 17 49 18 50 19 51 20 52 21 53 22 54 23 55 24 56 25 57 26 58 27 59 28 60 29 61 30 62 31 63 P ( X ) = X 5 + 1, Q ( X ) = 1 + X + X 4 + X 5 + X 6 10 / 41

Recommend

Local convergence for random permutations The case of uniform pattern-avoiding permutations

Local convergence for random permutations The case of uniform pattern-avoiding permutations

Local convergence for random permutations The case of uniform pattern-avoiding permutations Jacopo Borga, Institut fr Mathematik, Universitt Zrich July 9, 2018 Dartmouth College, Hanover, New Hampshire Our goal 1. Scaling limits: Our

2.18k views • 175 slides
JUST THE MATHS SLIDES NUMBER 19.2 PROBABILITY 2 (Permutations and combinations) by

JUST THE MATHS SLIDES NUMBER 19.2 PROBABILITY 2 (Permutations and combinations) by

JUST THE MATHS SLIDES NUMBER 19.2 PROBABILITY 2 (Permutations and combinations) by A.J.Hobson 19.2.1 Introduction 19.2.2 Rules of permutations and combinations 19.2.3 Permutations of sets with some objects alike UNIT 19.2 -

400 views • 11 slides
Representing permutations without permutations The expressive power of sequential intersection

Representing permutations without permutations The expressive power of sequential intersection

Representing permutations without permutations The expressive power of sequential intersection Pierre VIAL Equipe Gallinette Inria (LS2N CNRS) June 10, 2018 Non-idempotent typing P. Vial 0 1 /33 Outline Non-idempotent Rigid vs.

1.4k views • 123 slides
Posets and Permutations in the Duplication-Loss Model: Minimal Permutations with d Descents.

Posets and Permutations in the Duplication-Loss Model: Minimal Permutations with d Descents.

Posets and Permutations in the Duplication-Loss Model: Minimal Permutations with d Descents. Mathilde Bouvel Elisa Pergola GASCom 2008 liafa Definitions Duplication-Loss Characterization Posets Enumeration Conclusion Outline of the talk 1

620 views • 31 slides
A Note on 5-bit Quadratic Permutations Classification Duan Boilov Begl Bilgin Hac

A Note on 5-bit Quadratic Permutations Classification Duan Boilov Begl Bilgin Hac

A Note on 5-bit Quadratic Permutations Classification Duan Boilov Begl Bilgin Hac Ali ahin March 6, 2017 Motivation 2/14 Permutations are main nonlinear part of symmetric primitives Quadratic permutations can be used to

381 views • 22 slides
Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1 Definitions A sequence a 1 , a 2 , . . . , a k of distinct integers is alternating if a 1 > a 2 < a 3 > a 4 < , and reverse alternating if

1.14k views • 98 slides
Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1 Basic

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1 Basic

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. 1 Basic definitions A sequence a 1 , a 2 , . . . , a k of distinct integers is alternating if a 1 > a 2 < a 3 > a 4 < , and reverse

1.59k views • 119 slides
Random permutations with logarithmic cycle Random permutations weights Classical measures The

Random permutations with logarithmic cycle Random permutations weights Classical measures The

Random permutations with logarithmic cycle weights Setting the scene Random permutations with logarithmic cycle Random permutations weights Classical measures The weighted measure The cycle counts C m Dirk Zeindler The cycle containing

1.6k views • 149 slides
Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. Basic

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. Basic

Alternating Permutations Richard P. Stanley M.I.T. Alternating Permutations p. Basic definitions A sequence a 1 , a 2 , . . . , a k of distinct integers is alternating if a 1 > a 2 < a 3 > a 4 < , and reverse alternating

1.4k views • 119 slides
Algorithms and Pattern Avoiding Permutations Mikl os B ona Department of Mathematics

Algorithms and Pattern Avoiding Permutations Mikl os B ona Department of Mathematics

Algorithms and Pattern Avoiding Permutations Mikl os B ona Department of Mathematics University of Florida Gainesville FL 32611-8105 bona@ufl.edu May 27, 2013 Permutations A permutation is an arrangement of the integers { 1 , 2 ,

573 views • 40 slides
MATH 105: Finite Mathematics 6-4: Permutations Prof. Jonathan Duncan Walla Walla College Winter

MATH 105: Finite Mathematics 6-4: Permutations Prof. Jonathan Duncan Walla Walla College Winter

Types of Permutations Factorials Applications of Permutations Conclusion MATH 105: Finite Mathematics 6-4: Permutations Prof. Jonathan Duncan Walla Walla College Winter Quarter, 2006 Types of Permutations Factorials Applications of

959 views • 62 slides
s II, Acta Math. Acad. Sci. Hungar. 18 (1967), s S 151164; III, ibid. 18 (1967),

s II, Acta Math. Acad. Sci. Hungar. 18 (1967), s S 151164; III, ibid. 18 (1967),

Extremal problems Permutations How many permutations in a set (or group) with prescribed distances? Peter J. Cameron

524 views • 3 slides
Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Special

Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Special

Introduction Packing with Classical Restrictions Packing in Alternating Permutations Wrapping up Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Special Session on Patterns in Permutations AMS Fall

828 views • 50 slides
Enumeration of Pin-Permutations Fr ed erique Bassino Mathilde Bouvel Dominique Rossin ees

Enumeration of Pin-Permutations Fr ed erique Bassino Mathilde Bouvel Dominique Rossin ees

Enumeration of Pin-Permutations Fr ed erique Bassino Mathilde Bouvel Dominique Rossin ees AL Journ EA 2009 liafa Introduction Pin-permutations Decomposition tree Characterization Generating function Conclusion Main result of

665 views • 40 slides
Embeddings of Metrics on Strings and Permutations Graham Cormode joint work with S.

Embeddings of Metrics on Strings and Permutations Graham Cormode joint work with S.

Embeddings of Metrics on Strings and Permutations Graham Cormode joint work with S. Muthukrishnan, Cenk Sahinalp Miss Hepburn runs the gamut of emotions from A to B Dorothy Parker, 1933 Permutations and Strings Strings Web pages,

922 views • 42 slides
Discrete Mathematics in Computer Science Permutations Malte Helmert, Gabriele R oger

Discrete Mathematics in Computer Science Permutations Malte Helmert, Gabriele R oger

Discrete Mathematics in Computer Science Permutations Malte Helmert, Gabriele R oger University of Basel Permutations as Functions A permutation rearranges objects. Consider for example sequence o 2 , o 1 , o 3 , o 4 Lets rearrange the

634 views • 48 slides
Permutations and Combinations Rosen, Chapter 5.3 Motivating question In a family of 3, how

Permutations and Combinations Rosen, Chapter 5.3 Motivating question In a family of 3, how

10/17/2016 Permutations and Combinations Rosen, Chapter 5.3 Motivating question In a family of 3, how many ways can we arrange the members of the family in a line for a photograph? 1 10/17/2016 Permutations A permutation of a set of

591 views • 34 slides
On the average number of reversals needed to sort signed permutations 1 Thaynara Arielly de Lima

On the average number of reversals needed to sort signed permutations 1 Thaynara Arielly de Lima

Introduction Sorting signed permutations Conclusion On the average number of reversals needed to sort signed permutations 1 Thaynara Arielly de Lima & 1 , 2 Mauricio Ayala-Rinc on atica 1 & Ci ao 2 Departamentos de Matem encia

795 views • 46 slides
Survey of Computer Science Computability & The Halting Problem Kevin Walsh

Survey of Computer Science Computability & The Halting Problem Kevin Walsh

Survey of Computer Science Computability & The Halting Problem Kevin Walsh kwalsh@holycross.edu Example List all possible orderings (permutations) of n letters Example: n = 3: A, B, C ABC, ACB, etc. 6 permutations n n! permutations

551 views • 29 slides
Decomposition of Permutations in a Finite Field SVETLA NIKOVA 1 , VENTZISLAV NIKOV 2 , AND VINCENT

Decomposition of Permutations in a Finite Field SVETLA NIKOVA 1 , VENTZISLAV NIKOV 2 , AND VINCENT

Decomposition of Permutations in a Finite Field SVETLA NIKOVA 1 , VENTZISLAV NIKOV 2 , AND VINCENT RIJMEN 1 1 IMEC COSIC, KU LEUVEN, BELGIUM 2 NXP SEMICONDUCTORS, BELGIUM Decomposition of Permutations in relation to Side Channel

415 views • 15 slides
Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Rutgers

Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Rutgers

Introduction Packing with Classical Restrictions Packing in Alternating Permutations Wrapping up Packing patterns in restricted permutations Lara Pudwell faculty.valpo.edu/lpudwell Rutgers Experimental Math Seminar March 5, 2020 Packing

986 views • 79 slides
MA/CSSE 473 Day 16 Combinatorial Object Generation Permutations MA/CSSE 473 Day 16 No new

MA/CSSE 473 Day 16 Combinatorial Object Generation Permutations MA/CSSE 473 Day 16 No new

MA/CSSE 473 Day 16 Combinatorial Object Generation Permutations MA/CSSE 473 Day 16 No new announcements Student Questions Combinatorial Object Generation Intro Permutation generation Q1 Permutations Subsets

450 views • 15 slides
Permutations, Card Shuffling, and Representation Theory Franco Saliola, Universit du Qubec

Permutations, Card Shuffling, and Representation Theory Franco Saliola, Universit du Qubec

Permutations Card Shuffling Representation theory Permutations, Card Shuffling, and Representation Theory Franco Saliola, Universit du Qubec Montral Based on joint work with: Victor Reiner, University of Minnesota Volkmar Welker,

1.71k views • 146 slides
Realizing Site Permutations Stephane Durocher, Saeed Mehrabi, Debajyoti Mondal, Matthew Skala

Realizing Site Permutations Stephane Durocher, Saeed Mehrabi, Debajyoti Mondal, Matthew Skala

Realizing Site Permutations Stephane Durocher, Saeed Mehrabi, Debajyoti Mondal, Matthew Skala Site permutations We are sitting somewhere on the Euclidean plane. We want to describe our location in relation to some fixed, known sites. One

301 views • 17 slides

More recommend