Affine Equivalent

14,000,000 Leading Edge Experts on the ideXlab platform

Scan Science and Technology

Contact Leading Edge Experts & Companies

Scan Science and Technology

Contact Leading Edge Experts & Companies

The Experts below are selected from a list of 7959 Experts worldwide ranked by ideXlab platform

Sumanta Sarkar - One of the best experts on this subject based on the ideXlab platform.

  • on the relationship between resilient boolean functions and linear branch number of s boxes
    International Conference on Cryptology in India, 2019
    Co-Authors: Sumanta Sarkar, Kalikinkar Mandal, Dhiman Saha
    Abstract:

    Differential branch number and linear branch number are critical for the security of symmetric ciphers. The recent trend in the designs like PRESENT block cipher, ASCON authenticated encryption shows that applying S-boxes that have nontrivial differential and linear branch number can significantly reduce the number of rounds. As we see in the literature that the class of \(4\times 4\) S-boxes have been well-analysed, however, a little is known about the \(n \times n\) S-boxes for \(n \ge 5\). For instance, the complete classification of \(5 \times 5\) Affine Equivalent S-boxes is still unknown. Therefore, it is challenging to obtain “the best” S-boxes with dimension \(\ge \)5 that can be used in symmetric cipher designs. In this article, we present a novel approach to construct S-boxes that identifies classes of \(n \times n\) S-boxes (\(n = 5, 6\)) with differential branch number 3 and linear branch number 3, and ensures other cryptographic properties. To the best of our knowledge, we are the first to report \(6\times 6\) S-boxes with linear branch number 3, differential branch number 3, and with other good cryptographic properties such as nonlinearity 24 and differential uniformity 4.

  • differential power analysis in hamming weight model how to choose among extended Affine Equivalent s boxes
    International Conference on Cryptology in India, 2014
    Co-Authors: Sumanta Sarkar, Subhamoy Maitra, Kaushik Chakraborty
    Abstract:

    From the first principle, we concentrate on the Differential Power Analysis (DPA) in the Hamming weight model. Based on the power related data of an \((n, n)\) permutation S-box, we propose a spectrum (we call it Relative Power Spectrum, RPS in short) at \(2^n\) points each providing a vector containing \(n\) coordinates. Each coordinate contains the data related to single-bit DPA, and taking them together we provide relevant results in the domain of multi-bit DPA. For two Affine Equivalent \((n,n)\) permutation S-boxes \(F\) and \(G\), such that \(G(x) = F(Ax \oplus b)\), where \(A\) is a linear permutation (nonsingular binary matrix) and \(b\) is an \(n\)-bit vector, the RPSs of \(F\) and \(G\) are permutations of each other. However, this is not true in general when \(F\) and \(G\) are Affine or extended Affine Equivalent, i.e., \(G(x) = B(F(Ax \oplus b)) \oplus L(x) \oplus c\), where \(B\) is a linear permutation, \(L\) is a linear mapping, and \(c\) is an \(n\)-bit vector. In such a case, the RPSs of \(F\) and \(G\) may not be related by permutation and may contain completely different vectors. We provide the effect of this in terms of DPA both in noise-free and noisy scenarios. Our results guide the designer to choose one S-box among all those in the same (extended) Affine equivalence class when DPA in the Hamming weight model is considered. This is an instance where cryptographic advantage is attained by applying (extended) Affine equivalence. For example, we provide a family of S-boxes that should replace the \((4, 4)\) S-boxes proposed in relation to the PRINCE block cipher.

  • INDOCRYPT - Differential Power Analysis in Hamming Weight Model: How to Choose among (Extended) Affine Equivalent S-boxes
    Progress in Cryptology -- INDOCRYPT 2014, 2014
    Co-Authors: Sumanta Sarkar, Subhamoy Maitra, Kaushik Chakraborty
    Abstract:

    From the first principle, we concentrate on the Differential Power Analysis (DPA) in the Hamming weight model. Based on the power related data of an \((n, n)\) permutation S-box, we propose a spectrum (we call it Relative Power Spectrum, RPS in short) at \(2^n\) points each providing a vector containing \(n\) coordinates. Each coordinate contains the data related to single-bit DPA, and taking them together we provide relevant results in the domain of multi-bit DPA. For two Affine Equivalent \((n,n)\) permutation S-boxes \(F\) and \(G\), such that \(G(x) = F(Ax \oplus b)\), where \(A\) is a linear permutation (nonsingular binary matrix) and \(b\) is an \(n\)-bit vector, the RPSs of \(F\) and \(G\) are permutations of each other. However, this is not true in general when \(F\) and \(G\) are Affine or extended Affine Equivalent, i.e., \(G(x) = B(F(Ax \oplus b)) \oplus L(x) \oplus c\), where \(B\) is a linear permutation, \(L\) is a linear mapping, and \(c\) is an \(n\)-bit vector. In such a case, the RPSs of \(F\) and \(G\) may not be related by permutation and may contain completely different vectors. We provide the effect of this in terms of DPA both in noise-free and noisy scenarios. Our results guide the designer to choose one S-box among all those in the same (extended) Affine equivalence class when DPA in the Hamming weight model is considered. This is an instance where cryptographic advantage is attained by applying (extended) Affine equivalence. For example, we provide a family of S-boxes that should replace the \((4, 4)\) S-boxes proposed in relation to the PRINCE block cipher.

  • On Affine (non)equivalence of Boolean functions
    Computing, 2009
    Co-Authors: Sugata Gangopadhyay, Sumanta Sarkar, Deepmala Sharma, Subhamoy Maitra
    Abstract:

    In this paper we construct a multiset S ( f ) of a Boolean function f consisting of the weights of the second derivatives of the function f with respect to all distinct two-dimensional subspaces of the domain. We refer to S ( f ) as the second derivative spectrum of f . The frequency distribution of the weights of these second derivatives is referred to as the weight distribution of the second derivative spectrum. It is demonstrated in this paper that this weight distribution can be used to distinguish Affine nonEquivalent Boolean functions. Given a Boolean function f on n variables we present an efficient algorithm having O ( n 2^2 n ) time complexity to compute S ( f ). Using this weight distribution we show that all the 6-variable Affine nonEquivalent bents can be distinguished. We study the subclass of partial-spreads type bent functions known as PS _ ap type bents. Six different weight distributions are obtained from the set of PS _ ap bents on 8-variables. Using the second derivative spectrum we show that there exist 6 and 8 variable bent functions which are not Affine Equivalent to rotation symmetric bent functions. Lastly we prove that no non-quadratic Kasami bent function is Affine Equivalent to Maiorana–MacFarland type bent functions.

Kaushik Chakraborty - One of the best experts on this subject based on the ideXlab platform.

  • differential power analysis in hamming weight model how to choose among extended Affine Equivalent s boxes
    International Conference on Cryptology in India, 2014
    Co-Authors: Sumanta Sarkar, Subhamoy Maitra, Kaushik Chakraborty
    Abstract:

    From the first principle, we concentrate on the Differential Power Analysis (DPA) in the Hamming weight model. Based on the power related data of an \((n, n)\) permutation S-box, we propose a spectrum (we call it Relative Power Spectrum, RPS in short) at \(2^n\) points each providing a vector containing \(n\) coordinates. Each coordinate contains the data related to single-bit DPA, and taking them together we provide relevant results in the domain of multi-bit DPA. For two Affine Equivalent \((n,n)\) permutation S-boxes \(F\) and \(G\), such that \(G(x) = F(Ax \oplus b)\), where \(A\) is a linear permutation (nonsingular binary matrix) and \(b\) is an \(n\)-bit vector, the RPSs of \(F\) and \(G\) are permutations of each other. However, this is not true in general when \(F\) and \(G\) are Affine or extended Affine Equivalent, i.e., \(G(x) = B(F(Ax \oplus b)) \oplus L(x) \oplus c\), where \(B\) is a linear permutation, \(L\) is a linear mapping, and \(c\) is an \(n\)-bit vector. In such a case, the RPSs of \(F\) and \(G\) may not be related by permutation and may contain completely different vectors. We provide the effect of this in terms of DPA both in noise-free and noisy scenarios. Our results guide the designer to choose one S-box among all those in the same (extended) Affine equivalence class when DPA in the Hamming weight model is considered. This is an instance where cryptographic advantage is attained by applying (extended) Affine equivalence. For example, we provide a family of S-boxes that should replace the \((4, 4)\) S-boxes proposed in relation to the PRINCE block cipher.

  • INDOCRYPT - Differential Power Analysis in Hamming Weight Model: How to Choose among (Extended) Affine Equivalent S-boxes
    Progress in Cryptology -- INDOCRYPT 2014, 2014
    Co-Authors: Sumanta Sarkar, Subhamoy Maitra, Kaushik Chakraborty
    Abstract:

    From the first principle, we concentrate on the Differential Power Analysis (DPA) in the Hamming weight model. Based on the power related data of an \((n, n)\) permutation S-box, we propose a spectrum (we call it Relative Power Spectrum, RPS in short) at \(2^n\) points each providing a vector containing \(n\) coordinates. Each coordinate contains the data related to single-bit DPA, and taking them together we provide relevant results in the domain of multi-bit DPA. For two Affine Equivalent \((n,n)\) permutation S-boxes \(F\) and \(G\), such that \(G(x) = F(Ax \oplus b)\), where \(A\) is a linear permutation (nonsingular binary matrix) and \(b\) is an \(n\)-bit vector, the RPSs of \(F\) and \(G\) are permutations of each other. However, this is not true in general when \(F\) and \(G\) are Affine or extended Affine Equivalent, i.e., \(G(x) = B(F(Ax \oplus b)) \oplus L(x) \oplus c\), where \(B\) is a linear permutation, \(L\) is a linear mapping, and \(c\) is an \(n\)-bit vector. In such a case, the RPSs of \(F\) and \(G\) may not be related by permutation and may contain completely different vectors. We provide the effect of this in terms of DPA both in noise-free and noisy scenarios. Our results guide the designer to choose one S-box among all those in the same (extended) Affine equivalence class when DPA in the Hamming weight model is considered. This is an instance where cryptographic advantage is attained by applying (extended) Affine equivalence. For example, we provide a family of S-boxes that should replace the \((4, 4)\) S-boxes proposed in relation to the PRINCE block cipher.

Subhamoy Maitra - One of the best experts on this subject based on the ideXlab platform.

  • differential power analysis in hamming weight model how to choose among extended Affine Equivalent s boxes
    International Conference on Cryptology in India, 2014
    Co-Authors: Sumanta Sarkar, Subhamoy Maitra, Kaushik Chakraborty
    Abstract:

    From the first principle, we concentrate on the Differential Power Analysis (DPA) in the Hamming weight model. Based on the power related data of an \((n, n)\) permutation S-box, we propose a spectrum (we call it Relative Power Spectrum, RPS in short) at \(2^n\) points each providing a vector containing \(n\) coordinates. Each coordinate contains the data related to single-bit DPA, and taking them together we provide relevant results in the domain of multi-bit DPA. For two Affine Equivalent \((n,n)\) permutation S-boxes \(F\) and \(G\), such that \(G(x) = F(Ax \oplus b)\), where \(A\) is a linear permutation (nonsingular binary matrix) and \(b\) is an \(n\)-bit vector, the RPSs of \(F\) and \(G\) are permutations of each other. However, this is not true in general when \(F\) and \(G\) are Affine or extended Affine Equivalent, i.e., \(G(x) = B(F(Ax \oplus b)) \oplus L(x) \oplus c\), where \(B\) is a linear permutation, \(L\) is a linear mapping, and \(c\) is an \(n\)-bit vector. In such a case, the RPSs of \(F\) and \(G\) may not be related by permutation and may contain completely different vectors. We provide the effect of this in terms of DPA both in noise-free and noisy scenarios. Our results guide the designer to choose one S-box among all those in the same (extended) Affine equivalence class when DPA in the Hamming weight model is considered. This is an instance where cryptographic advantage is attained by applying (extended) Affine equivalence. For example, we provide a family of S-boxes that should replace the \((4, 4)\) S-boxes proposed in relation to the PRINCE block cipher.

  • INDOCRYPT - Differential Power Analysis in Hamming Weight Model: How to Choose among (Extended) Affine Equivalent S-boxes
    Progress in Cryptology -- INDOCRYPT 2014, 2014
    Co-Authors: Sumanta Sarkar, Subhamoy Maitra, Kaushik Chakraborty
    Abstract:

    From the first principle, we concentrate on the Differential Power Analysis (DPA) in the Hamming weight model. Based on the power related data of an \((n, n)\) permutation S-box, we propose a spectrum (we call it Relative Power Spectrum, RPS in short) at \(2^n\) points each providing a vector containing \(n\) coordinates. Each coordinate contains the data related to single-bit DPA, and taking them together we provide relevant results in the domain of multi-bit DPA. For two Affine Equivalent \((n,n)\) permutation S-boxes \(F\) and \(G\), such that \(G(x) = F(Ax \oplus b)\), where \(A\) is a linear permutation (nonsingular binary matrix) and \(b\) is an \(n\)-bit vector, the RPSs of \(F\) and \(G\) are permutations of each other. However, this is not true in general when \(F\) and \(G\) are Affine or extended Affine Equivalent, i.e., \(G(x) = B(F(Ax \oplus b)) \oplus L(x) \oplus c\), where \(B\) is a linear permutation, \(L\) is a linear mapping, and \(c\) is an \(n\)-bit vector. In such a case, the RPSs of \(F\) and \(G\) may not be related by permutation and may contain completely different vectors. We provide the effect of this in terms of DPA both in noise-free and noisy scenarios. Our results guide the designer to choose one S-box among all those in the same (extended) Affine equivalence class when DPA in the Hamming weight model is considered. This is an instance where cryptographic advantage is attained by applying (extended) Affine equivalence. For example, we provide a family of S-boxes that should replace the \((4, 4)\) S-boxes proposed in relation to the PRINCE block cipher.

  • On Affine (non)equivalence of Boolean functions
    Computing, 2009
    Co-Authors: Sugata Gangopadhyay, Sumanta Sarkar, Deepmala Sharma, Subhamoy Maitra
    Abstract:

    In this paper we construct a multiset S ( f ) of a Boolean function f consisting of the weights of the second derivatives of the function f with respect to all distinct two-dimensional subspaces of the domain. We refer to S ( f ) as the second derivative spectrum of f . The frequency distribution of the weights of these second derivatives is referred to as the weight distribution of the second derivative spectrum. It is demonstrated in this paper that this weight distribution can be used to distinguish Affine nonEquivalent Boolean functions. Given a Boolean function f on n variables we present an efficient algorithm having O ( n 2^2 n ) time complexity to compute S ( f ). Using this weight distribution we show that all the 6-variable Affine nonEquivalent bents can be distinguished. We study the subclass of partial-spreads type bent functions known as PS _ ap type bents. Six different weight distributions are obtained from the set of PS _ ap bents on 8-variables. Using the second derivative spectrum we show that there exist 6 and 8 variable bent functions which are not Affine Equivalent to rotation symmetric bent functions. Lastly we prove that no non-quadratic Kasami bent function is Affine Equivalent to Maiorana–MacFarland type bent functions.

J. P. Ward - One of the best experts on this subject based on the ideXlab platform.

  • In search for a perfect shape of polyhedra: Buffon transformation
    L’Enseignement Mathématique, 2015
    Co-Authors: Veronika Schreiber, Alexander P. Veselov, J. P. Ward
    Abstract:

    For an arbitrary polygon generate a new one by joining the centres of consecutive edges. Iteration of this procedure leads to a shape which is Affine Equivalent to a regular polygon. This regularisation effect is usually ascribed to Count Buff on (1707–1788). We discuss a natural analogue of this procedure for 3-dimensional polyhedra, which leads to a new notion of Affine B -regular polyhedra. The main result is the proof of existence of star-shaped Affine $$-regular polyhedra with prescribed combinatorial structure, under partial symmetry and simpliciality assumptions. The proof is based on deep results from spectral graph theory due to Colin de Verdiere and Lovasz.

  • In search for a perfect shape of polyhedra: Buffon transformation
    arXiv: Spectral Theory, 2014
    Co-Authors: Veronika Schreiber, Alexander P. Veselov, J. P. Ward
    Abstract:

    For an arbitrary polygon consider a new one by joining the centres of consecutive edges. Iteration of this procedure leads to a shape which is Affine Equivalent to a regular polygon. This regularisation effect is usually ascribed to Count Buffon (1707-1788). We discuss a natural analogue of this procedure for 3-dimensional polyhedra, which leads to a new notion of Affine $B$-regular polyhedra. The main result is the proof of existence of star-shaped Affine $B$-regular polyhedra with prescribed combinatorial structure, under partial symmetry and simpliciality assumptions. The proof is based on deep results from spectral graph theory due to Colin de Verdiere and Lovasz.

Mustafa Unel - One of the best experts on this subject based on the ideXlab platform.

  • 3D object recognition using invariants of 2D projection curves
    Pattern Analysis and Applications, 2010
    Co-Authors: Mustafa Unel, Erol Ozgur, Octavian Soldea, Alp Bassa
    Abstract:

    This paper presents a new method for recognizing 3D objects based on the comparison of invariants of their 2D projection curves. We show that Euclidean Equivalent 3D surfaces imply Affine Equivalent 2D projection curves that are obtained from the projection of cross-section curves of the surfaces onto the coordinate planes. Planes used to extract cross-section curves are chosen to be orthogonal to the principal axes of the defining surfaces. Projection curves are represented using implicit polynomial equations. Affine algebraic and geometric invariants of projection curves are constructed and compared under a variety of distance measures. Results are verified by several experiments with objects from different classes and within the same class.

  • 3D object recognition using invariants of 2D projection curves
    Pattern Analysis and Applications, 2010
    Co-Authors: Mustafa Unel, Erol Ozgur, Octavian Soldea, Alp Bassa
    Abstract:

    This paper presents a new method for recognizing 3D objects based on the comparison of invariants of their 2D projection curves. We show that Euclidean Equivalent 3D surfaces imply Affine Equivalent 2D projection curves that are obtained from the projection of cross-section curves of the surfaces onto the coordinate planes. Planes used to extract cross-section curves are chosen to be orthogonal to the principal axes of the defining surfaces. Projection curves are represented using implicit polynomial equations. Affine algebraic and geometric invariants of projection curves are constructed and compared under a variety of distance measures. Results are verified by several experiments with objects from different classes and within the same class.

  • Identifying and comparing 3D surfaces using 2D projection curves
    2008
    Co-Authors: Mustafa Unel, Alp Bassa, Erol Ozgur
    Abstract:

    A new method is presented for identifying and comparing 3D objects represented by closed-bounded algebraic surfaces. It is shown that Euclidean Equivalent 3D surfaces imply Affine Equivalent 2D projection curves that are obtained from the projection of cross section curves of the surfaces onto the coordinate planes. Planes used to extract cross section curves are chosen to be orthogonal to the principal axes of the defining surfaces. Affine invariants of projection curves are constructed and compared under a similarity measure. Results are verified by several experiments.

  • The determination of implicit polynomial canonical curves
    IEEE Transactions on Pattern Analysis and Machine Intelligence, 1998
    Co-Authors: William A. Wolovich, Mustafa Unel
    Abstract:

    A new method is presented for identifying and comparing closed, bounded, free-form curves that are defined by even implicit polynomial (IP) equations in the X-Y Cartesian coordinates. The method provides a new expression for an IP involving a product of conic factors with unique conic factor centers. The critical points for an IP curve are also defined. The conic factor centers and the critical points are shown to be useful related points that directly map to one another under Affine transformations. In particular, the explicit determination of such points implies both a canonical form for the curves and the transformation matrix which relates Affine Equivalent curves.