American Institute of Mathematical Sciences

We propose the first lattice-based dynamic group signature scheme achieving forward security. Our scheme is proven to be secure against framing attack, misidentification attack and preserves anonymity under the learning with errors (${\mathsf{LWE}}$) and short integer solution (${\mathsf{SIS}}$) assumptions in the random oracle model. More interestingly, our setting allows the group manager to generate distinct certificates to distinct users which can be updated by the users themselves without any interaction with the group manager. Furthermore, our scheme is dynamic where signing key of a user is not fixed during the setup and is issued only at the joining time of the user.

\begin{document}$ \mathbb{Z}_p\mathbb{Z}_p[v] $\end{document}-Additive cyclic codes of length \begin{document}$ (\alpha,\beta) $\end{document} can be viewed as \begin{document}$ R[x] $\end{document}-submodules of \begin{document}$ \mathbb{Z}_p[x]/(x^\alpha-1)\times R[x]/(x^\beta-1) $\end{document}, where \begin{document}$ R = \mathbb{Z}_p+v\mathbb{Z}_p $\end{document} with \begin{document}$ v^2 = v $\end{document}. In this paper, we determine the generator polynomials and the minimal generating sets of this family of codes as \begin{document}$ R[x] $\end{document}-submodules of \begin{document}$ \mathbb{Z}_p[x]/(x^\alpha-1)\times R[x]/(x^\beta-1) $\end{document}. We also determine the generator polynomials of the dual codes of \begin{document}$ \mathbb{Z}_p\mathbb{Z}_p[v] $\end{document}-additive cyclic codes. Some optimal \begin{document}$ \mathbb{Z}_p\mathbb{Z}_p[v] $\end{document}-linear codes and MDSS codes are obtained from \begin{document}$ \mathbb{Z}_p\mathbb{Z}_p[v] $\end{document}-additive cyclic codes. Moreover, we also get some quantum codes from \begin{document}$ \mathbb{Z}_p\mathbb{Z}_p[v] $\end{document}-additive cyclic codes.

In this paper, we attack the recent NIST submission Giophantus, a public key encryption scheme. We find that the complicated structure of Giophantus's ciphertexts leaks information via a correspondence from a low dimensional lattice. This allows us to distinguish encrypted data from random data by the LLL algorithm. This is a more efficient attack than previous proposed attacks.

Low hit zone frequency hopping sequences (LHZ FHSs) with favorable partial Hamming correlation properties are desirable in quasi-synchronous frequency hopping multiple-access systems. An LHZ FHS set is considered to be strictly optimal when it has optimal partial Hamming correlation for all correlation windows. In this study, an interleaved construction of new sets of strictly optimal LHZ FHSs is proposed. Strictly optimal LHZ FHS sets with new and flexible parameters are obtained by selecting suitable known optimal FHSs and appropriate shift sequences.

In this paper we introduce the notion of orbit matrices of integer matrices such as Seidel and Laplacian matrices of some strongly regular graphs with respect to their permutation automorphism groups. We further show that under certain conditions these orbit matrices yield self-orthogonal codes over finite fields \begin{document}$ \mathbb{F}_q $\end{document}, where \begin{document}$ q $\end{document} is a prime power and over finite rings \begin{document}$ \mathbb{Z}_m $\end{document}. As a case study, we construct codes from orbit matrices of Seidel, Laplacian and signless Laplacian matrices of strongly regular graphs. In particular, we construct self-orthogonal codes from orbit matrices of Seidel and Laplacian matrices of the Higman-Sims and McLaughlin graphs.

In this paper, using a method of construction of \begin{document}$ 1 $\end{document}-designs which are not necessarily symmetric, introduced by Key and Moori in [5], we determine a number of \begin{document}$ 1 $\end{document}-designs with interesting parameters from the maximal subgroups and the conjugacy classes of the small Ree groups \begin{document}$ ^2G_2(q) $\end{document}. The designs we obtain are invariant under the action of the groups \begin{document}$ ^2G_2(q) $\end{document}.

We show that \begin{document}$A_2(7, 4) \leq 388$\end{document} and, more generally, \begin{document}$A_q(7, 4) \leq (q^2-q+1) [7] + q^4 - 2q^3 + 3q^2 - 4q + 4$\end{document} by semidefinite programming for \begin{document}$q \leq 101$\end{document}. Furthermore, we extend results by Bachoc et al. on SDP bounds for \begin{document}$A_2(n, d)$\end{document}, where \begin{document}$d$\end{document} is odd and \begin{document}$n$\end{document} is small, to \begin{document}$A_q(n, d)$\end{document} for small \begin{document}$q$\end{document} and small \begin{document}$n$\end{document}.

In this paper we characterize the orbit codes as geometrically uniform codes. This characterization is based on the description of all isometries over a projective geometry. In addition, Abelian orbit codes are defined and a construction of Abelian non-cyclic orbit codes is presented. In order to analyze their structures, the concept of geometrically uniform partitions have to be reinterpreted. As a consequence, a substantial reduction in the number of computations needed to obtain the minimum subspace distance of these codes is achieved and established.

An application of orbit codes to multishot subspace codes obtained according to a multi-level construction is provided.

The \begin{document}$ k $\end{document}-normality of Boolean functions is an important notion initially introduced by Dobbertin and studied in several papers. The parameter related to this notion is the maximal dimension of those affine spaces contained in the support \begin{document}$ supp(f) $\end{document} of the function or in its co-support \begin{document}$ cosupp(f) $\end{document}. We denote it by \begin{document}$ norm\,(f) $\end{document} and call it the norm of \begin{document}$ f $\end{document}.

The norm concerns only the affine spaces contained in either the support or the co-support; the information it provides on \begin{document}$ f $\end{document} is then somewhat incomplete (for instance, two functions constant on a hyperplane will have the same very large parameter value, while they can have very different complexities). A second parameter which completes the information given by the first one is the minimum between the maximal dimension of those affine spaces contained in \begin{document}$ supp(f) $\end{document} and the maximal dimension of those contained in \begin{document}$ cosupp(f) $\end{document} (while \begin{document}$ norm\,(f) $\end{document} equals the maximum between these two maximal dimensions). We denote it by \begin{document}$ cons\,(f) $\end{document} and call it the (affine) constancy of \begin{document}$ f $\end{document}.

The value of \begin{document}$ cons\,(f) $\end{document} gives global information on \begin{document}$ f $\end{document}, but no information on what happens around each point of \begin{document}$ supp(f) $\end{document} or \begin{document}$ cosupp(f) $\end{document}. We define then its local version, equal to the minimum, when \begin{document}$ a $\end{document} ranges over \begin{document}$ \Bbb{F}_2^n $\end{document}, of the maximal dimension of those affine spaces which contain \begin{document}$ a $\end{document} and on which \begin{document}$ f $\end{document} is constant. We denote it by \begin{document}$ stab\,(f) $\end{document} and call it the stability of \begin{document}$ f $\end{document}.

We study the properties of these three parameters. We have \begin{document}$ norm\,(f)\geq cons\,(f)\geq stab\,(f) $\end{document}, then for determining to which extent these three parameters are distinct, we exhibit four infinite classes of Boolean functions, which show that all cases can occur, where each of these two inequalities can be strict or large.

We consider the minimal value of \begin{document}$ stab\, (f) $\end{document} (resp. \begin{document}$ cons\,(f) $\end{document}, \begin{document}$ norm\,(f) $\end{document}), when \begin{document}$ f $\end{document} ranges over the Reed-Muller code \begin{document}$ RM(r,n) $\end{document} of length \begin{document}$ 2^n $\end{document} and order \begin{document}$ r $\end{document}, and we denote it by \begin{document}$ stab\, _{RM(r,n)} $\end{document} (resp. \begin{document}$ cons\, _{RM(r,n)} $\end{document}, \begin{document}$ norm\, _{RM(r,n)} $\end{document}). We give upper bounds for each of these three integer sequences, and determine the exact values of \begin{document}$ stab\, _{RM(r,n)} $\end{document} and \begin{document}$ cons\, _{RM(r,n)} $\end{document} for \begin{document}$ r\in\{1,2,n-2,n-1,n\} $\end{document}, and of \begin{document}$ norm\, _{RM(r,n)} $\end{document} for \begin{document}$ r = 1,2 $\end{document}.

We describe eight composite constructions from group rings where the orders of the groups are 4 and 8, which are then applied to find self-dual codes of length 16 over \begin{document}$ \mathbb{F}_4 $\end{document}. These codes have binary images with parameters \begin{document}$ [32,16,8] $\end{document} or \begin{document}$ [32,16,6] $\end{document}. These are lifted to codes over \begin{document}$ \mathbb{F}_4+u\mathbb{F}_4 $\end{document}, to obtain codes with Gray images of extremal self-dual binary codes of length 64. Finally, we use a building-up method over \begin{document}$ \mathbb{F}_2+u\mathbb{F}_2 $\end{document} to obtain new extremal binary self-dual codes of length 68. We construct 11 new codes via the building-up method and 2 new codes by considering possible neighbors.

This paper presents a series of Montgomery scalar multiplication algorithms on general short Weierstrass curves over fields with characteristic greater than 3, which need only 12 field multiplications per scalar bit using 8 \begin{document}$ \sim $\end{document} 9 field registers, thus outperform the binary NAF method on average. Over binary fields, the Montgomery scalar multiplication algorithm which was presented at the first CHES workshop by López and Dahab has been a favorite of ECC implementors, due to its nice properties such as high efficiency (outperforming the binary NAF), natural SPA-resistance, generality (coping with all ordinary curves) and implementation easiness. Over odd characteristic fields, the new scalar multiplication algorithms are the first ones featuring all these properties. Building-blocks of our contribution are new efficient differential addition-and-doubling formulae and a novel conception of on-the-fly adaptive coordinates which varies in accordance with not only the base point but also the bits of the given scalar.

The study of the trapdoors that can be hidden in a block cipher is and has always been a high-interest topic in symmetric cryptography. In this paper we focus on Feistel-network-like ciphers in a classical long-key scenario and we investigate some conditions which make such a construction immune to the partition-based attack introduced recently by Bannier et al.