CONSTRUCTING 1-RESILIENT ROTATION SYMMETRIC FUNCTIONS OVER Fp with Q VARIABLES THROUGH SPECIAL ORTHOGONAL ARRAYS

Advances in Mathematics of Communications doi:10.3934/amc.2020018 Volume 14, No. 2, 2020, 247–263

CONSTRUCTING 1-RESILIENT ROTATION SYMMETRIC FUNCTIONS OVER Fp WITH q VARIABLES THROUGH SPECIAL ORTHOGONAL ARRAYS

Jiao Du∗ Henan Engineering Laboratory for Big Data Statistical Analysis and Optimal Control Henan Normal University, Xinxiang 453007, China Longjiang Qu and Chao Li College of Liberal Arts and Sciences, National University of Defense Technology Changsha 410073, China Xin Liao College of Computer Science and Electronic Engineering Hunan University, Changsha 410082, China

(Communicated by Sihem Mesnager)

Abstract. Based on the relation between resilient functions and large sets of orthogonal arrays, two classes of q-variable 1-resilient rotation symmetric functions(RSFs) over Fp are constructed. The ﬁrst class of 1-resilient functions is obtained with the help of a Latin square with maximum cycle, and the second class of 1-resilient functions is constructed via switching the rotation symmetric orbits of the former class. Firstly, an eﬃcient method to construct OA(pq, q, p, 1) is presented via solving a linear equation system. Secondly, we propose some schemes to construct more q-variable 1-resilient RSFs by modifying the l-value support tables of the known q-variable 1-resilient RSFs. In addition, two examples are given to demonstrate our constructions. It seems that the q-variable 1-resilient RSFs constructed by our methods can not be constructed by earlier constructions.

1. Introduction Filiol and Fontaine introduced that idempotents are polynomials over finite field of characteristic 2 such that f(z) = f(z2) for each element z in this finite field [14, 15, 35], and rotation symmetric Boolean functions(RSBFs) were proposed by Pieprzyk and Qu in [35]. In fact, as pointed out in [35], RSBFs can be obtained from idempotents through proper choices of the normal basis in the corresponding finite field. Hereafter, RSBFs are extensively applied as they are very fast to implement [35]. For examples, firstly, Pieprzyk and Qu studied RSBFs as components in the round of a hashing algorithm and in the implementation of MD4, MD5 or HAVAL[35]. Secondly, RSBFs are used to design Substitution Boxes in block ciphers as well[38, 24, 36, 32, 20]. Rotation symmetric bent and semibent Boolean functions are studied by a series of papers[21,2,3, 31]. For the detailed descriptions of the

2010 Mathematics Subject Classiﬁcation: Primary: 05B15, 06E30; Secondary: 05E05, 94C10. Key words and phrases: Cryptography, rotation symmetric, support table, correlation immune, resilient function. ∗ Corresponding author: Jiao Du([email protected]).

247 c 2020 AIMS 248 Jiao Du, Longjiang Qu, Chao Li and Xin Liao applications of RSBFs in coding theory and cryptography, please refer to[15, 21,2, 3, 31,6]. Recently, the RSBFs have received a lot of attention in terms of their cryptographic properties[35, 38, 21,2,3, 31,6, 25,4, 26]. It has been experimentally demonstrated that there are a lot of RSBFs with many good cryptographic properties, such as balancedness, high nonlinearity, correlation immunity, high algebraic degree and maximum algebraic immunity[14, 38,3, 31,6, 25,4]. Especially, 8- variable, algebraic degree 6, nonlinearity 116, 1-resilient rotation symmetric Boolean functions with maximum absolute value in the autocorrelation spectra 32 was given for the first time in[4]. Based on the computer program, many 1-resilient RSBFs with other good cryptographic properties had been found[4, 26, 39], and RSBFs had become the main objects on searching for Boolean functions with good cryptographic properties[3, 31,6, 25,4, 26, 39, 43]. These results inspire us to find good cryptographic Boolean functions from the class of 1-resilient RSBFs. Constructions and enumerations of correlation immune and resilient rotation symmetric Boolean functions were proposed by a series of papers[16, 42, 44, 17, 37, 34,8,9, 10, 40]. It is natural and interesting to extend different cryptographic notions and ideas n from the binary finite field F2 to Fp or Fp [1,7]. The results in finite fields with odd characteristic may also facilitate the research in even characteristic. Bent functions, perfect nonlinear functions and almost perfect nonlinear functions are good examples. In recent years, rotation symmetric functions over Fp(RSFs for simplicity) have received more attention[7, 28, 29, 27, 18, 19, 11, 12]. Symmetric functions are a special class of RSFs. Li and Cusick studied the linear structures of symmetric functions over Fp[29]. Additionally, several constructions and enumerations of balanced symmetric functions over Fp were proposed in[7, 27, 18]. The authors also presented a lower bound on the number of balanced symmetric functions over Fp and an equivalent characterization was proposed[27]. The enumeration of RSFs over Fp was also investigated in [28, 19, 11, 12]. New results on the resilient functions were also given in [45, 13] recently. Throughout this paper, we assume that p and q are different odd prime numbers. Motivated by [7, 28, 11, 12], we devote to constructing a class of q-variable 1-resilient RSFs over Fp in this study. The rest of this paper is organized as follows. In Section 2, some preliminaries required for our presentation and analysis are presented. The main results about construction and count of q-variable 1-resilient RSFs are proposed in Section 3. Two illustrative examples are also demonstrated, and two classes of 7-variable 1-resilient RSFs over F5 were presented in Section 3. Section 4 concludes this paper.

2. Preliminaries n Let |O| represent the cardinality of the set O, and Fp be the n dimensional n vector space over the ﬁnite ﬁeld Fp = {0, 1, ··· , p − 1}. The mapping f : Fp → Fp represents a generalized n-variable Boolean function, the set of generalized Boolean n functions with n variables over Fp is denoted by Bn,p. Let f(x) ∈ Bn,p, and −1 n f (l) = {x ∈ Fp | f(x) = l, l ∈ Fp}. Then we say that f(x) is balanced if −1 n−1 |f (l)| = p holds for any l ∈ Fp. A set S of vectors can be seen as a matrix whose row vectors are the elements of S, without consideration of the order of these elements. f −1(l) is also called the l-value support table of f(x)[11].

Deﬁnition 1[11, 12, 41] An w × n matrix C whose entries are from Fp is called an orthogonal arrays of strength d, denoted by OA(w, n, p, d) for simplicity, if each

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 Constructing 1-resilient rotation symmetric functions over Fp 249

d vector in Fp occurs the same number of times in the sub-matrix of C composed of arbitrary d columns of C. {V0,V1, ··· ,Vp−1} is called a large set of orthogonal n n−1 arrays of strength d over Fp if Vl is an OA(p , n, p, d) for each l ∈ {0, 1, ··· , p−1} n and the union of elements in {V0,V1, ··· ,Vp−1} forms the vector space Fp .

Definition 2[41, 22, 30] If f(x) ∈ Bn,p, then f(x) is called a t-correlation immune −1 −1 function over Fp if and only if all the vectors in f (l) make up an OA(|f (l)|, n, p, −1 n−1 t) for each l ∈ Fp. Additionally, f(x) is t-resilient if |f (l)| = p for each l ∈ Fp. The relations between correlation-immune functions and orthogonal arrays, and the relations between resilient functions and large sets of orthogonal arrays were studied by many authors[13, 41, 22, 30, 33, 23]. Orthogonal arrays can be used in cryptography[22, 30, 33, 23,5]. According to Definitions 1 and 2, we know that −1 −1 f(x) ∈ Bn,p is 1-correlation immune if and only if f (l) is an OA(|f (l)|, n, p, 1) −1 for any l ∈ Fp. And f(x) ∈ Bn,p is a t-resilient function if and only if f (l) is n−1 an OA(p , n, p, t) for each l ∈ Fp. Hence to construct an 1-resilient n-variable function over Fp is equivalent to constructing a large set of orthogonal arrays of n strength 1 over Fp . l Let us consider the action of the cyclic group Cn = {ρn|0 ≤ l ≤ n − 1} on the n l vector space Fp , where ρn(x1, x2, ··· , xn) = (xl+1, xl+2, ··· , xn, x1, ··· , xl), and 0 ≤ l ≤ n − 1. The rotation symmetric orbit of x under the action of Cn is denoted l n by ROn(x) = {ρn(x)|0 ≤ l ≤ n − 1}, where x = (x1, x2, ··· , xn) ∈ Fp . If n is given, ROn(x) can be simplified as ROx. For convenience, ROn(x) is also called an orbit matrix whose row vectors are in a rotation symmetric orbit ROn(x).

Deﬁnition 3[28] f(x) ∈ Bn,p is called a rotation symmetric function(RSF for l n simplicity) if f(ρn(x1, x2, ··· , xn)) = f(x1, x2, ··· , xn) for any x ∈ Fp and any l. Similarly, the set of n-variable rotation symmetric functions over Fp is denoted as RSFn,p for simplicity. We call ROn(x) a long rotation symmetric orbit if |ROn(x)| = n, otherwise a short rotation symmetric orbit. Let gn be the number of such rotation symmetric orbits. Then it follows from Burnside’s lemma that n gn 1 P k there are p n-variable RSFs, where gn = n φ(k) · p , and φ(·) is the Euler k|n phi-function(see[6, 39, 28]).

Deﬁnition 4[7] Let Sn be the symmetric group on the set {1, 2, ··· , n}. And f(x1, x2, ··· , xn) is called a symmetric function if for any π ∈ Sn, we have

f(xπ(1), xπ(2), ··· , xπ(n)) = f(x1, x2, ··· , xn). n By Deﬁnition 4, if the symmetric group Sn acts on x for each x ∈ Fp , then it generates an orbit such as

Ox = {(y1, y2, ··· , yn)|(y1, y2, ··· , yn) = (xπ(1), xπ(2), ··· , xπ(n))}.

Let n = q, and x = (x1, x2, ··· , xq) be the representative of Ox, where x1 ≤ x2 ≤ · · · ≤ xq. Assume that x = (0, 0, ··· , 0, 1, 1, ··· , 1, ··· , p − 1, p − 1, ··· , p − 1), | {z } | {z } | {z } i0 i1 ip−1 where i0 + i1 + ··· + ip−1 = q, and 0 ≤ il ≤ q for each l ∈ Fp. It is obvious that |Ox| q! equals to the multinomial coeﬃcient C(q, i0, i1, ··· , ip−2, ip−1) = [30]. i0!i1!···!ip−1! q Deﬁnition 5[19, 11] Let x = (x1, x2, ··· , xq) ∈ Fp, x is called an (i0, i1, ··· , ip−1)- form vector if and only if the number of times l appears in the vector x is il, where l ∈ Fp, and denote it as form(x) = (i0, i1, ··· , ip−1). Ox is said to be (i0, i1, ··· , ip−1)- form if all the vectors in Ox are (i0, i1, ··· , ip−1)-form, and denote it as form(Ox) =

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 250 Jiao Du, Longjiang Qu, Chao Li and Xin Liao

(i0, i1, ··· , ip−1). ROx is said to be (i0, i1, ··· , ip−1)-form if all the vectors in ROx are (i0, i1, ··· , ip−1)-form, and denote it as form(ROx) = (i0, i1, ··· , ip−1). Definition 6 Let X be a finite set with n elements. A Latin square L of order n with entries from X(or defined on X) is an n × n array such that every row of L is a permutation of X and every column of L is also a permutation of X.

Lemma 1[7] The number of n-variable symmetric polynomials over Fp is C(n+p−1,n) n! p , where C(n, k) = k!(n−k)! . By Lemma 1, if n = q, then there are C(p+q−1, q) diﬀerent classes of symmetric q orbits in the space Fp. So the total number of the forms is C(p + q − 1, q). n Lemma 2[7, 27] Let hn,p be the number of long rotation symmetric orbits over Fp . s s−1 pq −pq Then h1,p = p, hqs,p = qs , where p and q are both prime numbers.

Lemma 3[11, 12] Let f(x) ∈ RSFn,p. Then f(x) is 1-correlation immune(1-CI −1 for simplicity) if and only if ck is an OA(|f (l)|, 1, p, 1) for each l ∈ Fp, where n−1 1 ≤ k ≤ n. Particularly, f(x) is 1-resilient if and only if c1 is an OA(p , 1, p, 1) for each f −1(l). For the properties on the support tables of rotation symmetric Boolean functions was given in[8, 11, 12].

3. Constructions of 1-resilient rotation symmetric functions with q variables over Fp From now on, we study the constructions of q-variable 1-resilient rotation symmetric functions over Fp. By Lemma 2, the total number of rotation symmetric orbits is q−1 1 X q p − 1 g = φ(t)p t = p · + p, q q q t|q pq−1−1 and the total number of long rotation symmetric orbits is hq,p = p · q . > Let en,i = (i, i, ··· , i) be the row vector of n consecutive i, and en,i be the | {z } n transpose of en,i. In order to construct q-variable 1-resilient RSFs over Fp, we only q need to divide p vectors into the following p sets, i.e., V0,V1,V2, ··· ,Vp−1, satisfying a rotation symmetric orbit must be in the same set and {V0,V1,V2, ··· ,Vp−1} is a large set of orthogonal arrays of strength 1. This is an interesting problem in combinatorial designs, and we will investigate this problem in this paper. Since pq−1 −1 is not a multiple of p, the function f(x) should take diﬀerent value at the vectors in the set {eq,l|0 ≤ l ≤ p − 1} to keep f(x) to be balanced. In other pq−1−1 words, each Vl(0 ≤ l ≤ p − 1) contains a short rotation symmetric orbit, and q long rotation symmetric orbits. Based on the analysis above, all the long rotation symmetric orbits are divided into N = C(p + q − 1, q) − p diﬀerent classes according to the forms of the rotation symmetric orbits. We arrange those sets by a certain order, say Ω1, Ω2, ··· , ΩN . If the form of the rotation symmetric orbits in Ωj is (ij,0, ij,1, ··· , ij,p−1), then the (q−1)! number of rotation symmetric orbits in Ωj(1 ≤ j ≤ N) is . Let all ij,0!ij,1!···!ij,p−1! the forms of long rotation symmetric orbits be the rows of the following matrix in a certain order, i.e.,

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 Constructing 1-resilient rotation symmetric functions over Fp 251   i1,0 i1,1 ··· i1,p−1  i2,0 i2,1 ··· i2,p−1  I =  ,  . . . .   . . . .  iN,0 iN,1 ··· iN,p−1 where (ij,0, ij,1, ··· , ij,p−1) is the j-th row of I, which is the form of the long rotation symmetric orbits in Ωj. Now, we present an eﬃcient method to construct diﬀerent OA(pq, q, p, 1) as follows: Theorem 1 Suppose that   j1,0 j1,1 ··· j1,p−1  j2,0 j2,1 ··· j2,p−1  J =    . . . .   . . . .  jp,0 jp,1 ··· jp,p−1 is a solution of the following equation system ep,1J = ep,q, (1) > > Jep,1 = ep,q, and the row vectors (jr,0, jr,1, ··· , jr,p−1) are distinct for 1 ≤ r ≤ p, where jr,s are non-negative integers such that 0 ≤ jr,s ≤ p − 1, then an OA(pq, q, p, 1) can be constructed. Proof. We present a method to construct an OA(pq, q, p, 1). Firstly, by the equation system (1), we know that > (jr,0, jr,1, ··· , jr,p−1)ep,1 = jr,0 + jr,1 + ··· + jr,p−1 = q, 1 ≤ r ≤ p and jr,s are non-negative integers such that 0 ≤ jr,s ≤ p − 1, where 1 ≤ r ≤ p and 0 ≤ s ≤ p − 1, then (jr,0, jr,1, ··· , jr,p−1) can be regarded as the form of a long rotation symmetric orbit, where 1 ≤ r ≤ p. Now, we select p long rotation symmetric orbits according to the form of a rotation symmetric orbit, i.e, the row vectors of J. We choose a (jr,0, jr,1, ··· , jr,p−1)-form rotation symmetric orbit for each r, and denote them as ROxr respectively, where 1 ≤ r ≤ p, then we have   ROx1

 ROx2  P =   = (a , a , ··· , a ),  .  1 2 q  . 

ROxp where as is the s-th column vector of P . In the sequel, we prove that P is an OA(pq, q, p, 1). By Lemma 3, we only need to prove that a1 is an OA(pq, 1, p, 1). Notice that

ROxr is an (jr,0, jr,1, ··· , jr,p−1)-form rotation symmetric orbit, which means that

ROxr contribute jr,0 number of 0s for a1, where r varies from 1 to p, then we know that the total number of 0s in a1 is j1,0 + j2,0 + ··· + jp,0, according to the ﬁrst identity of equation system (1), it is easy to know that 0 occur the number of times in a1 is j1,0 + j2,0 + ··· + jp,0 = q. By the similar way, we know that each i occurs q number of times in a1, where 1 ≤ i ≤ p − 1, which means that a1 is an OA(pq, 1, p, 1), from Lemma 3, P is an OA(pq, q, p, 1). This ﬁnishes the proof of Theorem 1.

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 252 Jiao Du, Longjiang Qu, Chao Li and Xin Liao

We can construct OA(pq, q, p, 1) by solving the equation system (1), but it maybe difficult to solve it if p is too large. So how to obtain efficiently some solutions of the equation system (1) is a challenge work, we will present a novel method to construct different OA(pq, 1, p, 1). 2 p−1 Suppose that π ∈ Sp is such that {0, π(0), π (0), ··· , π (0)} = Fp, then the following matrix is a latin square  0 1 ··· p − 1   π(0) π(1) ··· π(p − 1)  L =  ,  . . . .   . . . .  πp−1(0) πp−1(1) ··· πp−1(p − 1) j a transformation τ is defined as τ (i0, i1, ··· , ip−1) = (iπj (0), iπj (1), ··· , iπj (p−1)), where 0 ≤ j ≤ p − 1. l Considering the action of the cyclic group Cp = {τ |0 ≤ l ≤ p − 1} on the set N I, we obtain m = p different orbits, and let the lexicographically first element of each orbit is regarded as the representative element. These representative elements are denoted by Ik, where k varies from 1 to m. Then, these orbits are represented as follows: p−1 j ∆k = {Ik, τ(Ik), ··· , τ (Ik)} = {τ (Ik)|0 ≤ j ≤ p − 1)}, 1 ≤ k ≤ m. l For simplicity and convenience, we denote RSO(τ (Ik)) as the set composed l of all the rotation symmetric orbits whose form is τ (Ik), where 1 ≤ k ≤ m. If Ik = (i0, i1, ··· , ip−1), then we have

l (q − 1)! nk = |RSO(τ (Ik))| = , 0 ≤ l ≤ p − 1, 1 ≤ k ≤ m. i0!i1! ···!ip−1! It can be shown that m m [ j [ I = {τ (Ik)|0 ≤ j ≤ p − 1)} = ∆k. k=1 k=1 According to the transformation τ j, a method to construct OA(pq, q, p, 1) is proposed as follows:

Theorem 2 Suppose that Qj is a long rotation symmetric orbit, and Qj is j τ (i0, i1, ··· , ip−1)-form for each j satisfying 0 ≤ j ≤ p − 1. Then   Q0  Q1  Q =   = (c , c , ··· , c )  .  1 2 q  .  Qp−1 is an OA(pq, q, p, 1), where ck is the k-th column of Q.

Proof. By Lemma 3, we only need to prove that c1 is an OA(pq, 1, p, 1). Notice that there are i0 number of 0 in the first column of Q0, iπ(0) number of 0 in the first column of Q1, ··· , iπp−1(0) number of 0 in the first column of Qp−1, so there are i0 + iπ(0) + ··· + iπp−1(0) number of 0 totally in the column vector c1. Notice that 2 p−1 {0, π(0), π (0), ··· , π (0)} = Fp and i0 +iπ(0) +···+iπp−1(0) = i0 +i1 +···+ip−1 = q. This means that there are q number of 0 in c1. Similarly, we can prove that there are q number of j in c1, where 1 ≤ j ≤ p − 1. This implies that c1 is an OA(pq, 1, p, 1). Then the proof of Theorem 2 is completed.

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 Constructing 1-resilient rotation symmetric functions over Fp 253

j j Remark 1 If the transformation τ = ρp, then

j j τ (i0, i1, ··· , ip−1) = ρp(i0, i1, ··· , ip−1) = (ij, ij+1, ··· , ip−1, i0, i1, ··· , ij−1), this means that Theorem 1 in reference [12] is a special case of Theorem 2. Theorem 3 There exists an simple orthogonal array, i.e. OA(p, q, p, 1) and N = pq −p pq number of different simple orthogonal array, i.e.OA(pq, q, p, 1), the union of q q the OAs forms a trivial OA(p , q, p, q), i.e. finite field Fp, we denote them as

OA0(p, q, p, 1), OA1,1(pq, q, p, 1), OA1,2(pq, q, p, 1),··· , OA1,n1 (pq, q, p, 1),

OA2,1(pq, q, p, 1), OA2,2(pq, q, p, 1),··· , OA2,n2 (pq, q, p, 1),······ , OAk,1(pq, q, p, 1),

OAk,2(pq, q, p, 1), ··· , OAk,nk (pq, q, p, 1) respectively,

Proof. Firstly, considering all the short rotation symmetric orbits, i.e. {eq,i} = {(i, i, ··· , i)}, where 0 ≤ i ≤ p − 1, it is obvious that {eq,0, eq,1, ··· , eq,p−1} make | {z } q up an OA(p, q, p, 1), denote it as OA0(p, q, p, 1); Secondly, considering the each orbit generated by the action of the cyclic group l Cp = {τ |0 ≤ l ≤ p − 1} on the set I, then we have m different orbits, i.e. p−1 j ∆k = {Ik, τ(Ik), ··· , τ (Ik)} = {τ (Ik)|0 ≤ j ≤ p − 1)}, where 1 ≤ k ≤ m. l For each τ (Ik) ∈ ∆k, by Theorem 2, we choose a rotation symmetric orbit from l RSO(τ (Ik)) for l ∈ Fp respectively, and regard these p different rotation symmetric orbits as OAk,1(pq, q, p, 1). If we do this step repeatedly, until all the rotation sym- l metric orbits in RSO(τ (Ik)) are arranged, then we have nk different OA(pq, q, p, 1), which are denoted as OAk,1(pq, q, p, 1), OAk,2(pq, q, p, 1),··· , OAk,nk (pq, q, p, 1). For convenience and simplicity, we write them as OAk,1, OAk,2,··· , OAk,nk respec- Pm pq−1−1 tively in this paper. Then we altogether have N = k=1 nk(= q ) different OA(pq, q, p, 1). This finishes the proof of Theorem 3. pq−1−1 Notice that q is not a multiple of p, so we can not construct q-variable 1-resilient rotation symmetric functions if we do not partition anyone of the above OAs(pq, q, p, 1). In order to overcome the obstacle, our main idea is to divide some OAs(pq, q, p, 1) obtained above into p different groups Vl(l ∈ Fp) in average. We partition the rest of OAs(pq, q, p, 1) into long rotation symmetric orbits, and com- bine each short rotation symmetric orbit with the same number of special rotation symmetric orbits into an orthogonal array of strength 1, then p different orthogonal arrays of strength 1 with the same number of rows are constructed. At last, we place these p different orthogonal arrays of strength 1 into p different groups Vl(l ∈ Fp). Construction 1(A generalized method of the known results in [12]) Step 1. (Precompute) Suppose that r, g are both nonnegative integers such that

pq−1 − 1 = p · g + r, 1 ≤ r ≤ p − 1, g ≥ 0. q

r·q+1 q−2 Then we have w = p = p − q · g. Step 2. Find r special OAs(pq, q, p, 1), and partition them into rp diﬀerent long rotation symmetric orbits. In what follows, we assign the rp diﬀerent long rotation symmetric orbits again, and propose a method to reach the goal. The following technique is important in our construction, we give it as follows:

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 254 Jiao Du, Longjiang Qu, Chao Li and Xin Liao

Suppose that ei = (0, 0, ··· , 0, 1, 0, 0, ··· , 0). Solving the following equation | {z } | {z } i−1 p−i system er,1X = ep,w − e1 (2) > > Xep,1 = er,q we have a solution     x1,0 x1,1 ··· x1,p−1 x1  x2,0 x2,1 ··· x2,p−1   x2  X =   =  .  . . . .   .   . . . .   .  xr,0 xr,1 ··· xr,p−1 xr If X satisﬁes the following conditions (a). xu,v ∈ {0, 1, ··· , q − 1}, 1 ≤ u ≤ r, 0 ≤ v ≤ p − 1; (b). xi is the ith row vector of X such that l l +l l +l +l r [1 1[2 1 [2 3 [ {xi} ⊆ ∆k1 , {xi} ⊆ ∆k2 , {xi} ⊆ ∆k3 , ··· , {xi} ⊆ ∆kt ,

i=1 i=l1+1 i=l1+l2+1 i=r−lt+1 where 1 ≤ t ≤ r < p, 1 ≤ lj ≤ nkj , 1 ≤ j ≤ t, 1 ≤ k1, k2, ··· , kt ≤ m, and l1 + l2 + ··· + lt = r. Firstly, we construct B0 according to the following steps: (1). We choose l number of OA(pq, q, p, 1) from {OA , OA , ··· , OA }, 1 k1,1 k1,2 k1,nk1 without loss of generality, we denote them as OAk1,1, OAk1,2, ··· , OAk1,l1 . We choose l number of OAs(pq, q, p, 1) from {OA , OA , ··· , OA }, and de- 2 k2,1 k2,2 k2,nk2 note them as OA , OA , ··· , OA , ··· . We choose l number of OAs k2,1 k2,2 k2,nl2 t (pq, q, p, 1) from {OA , OA , ··· , OA }, and denote them as OA , kt,1 kt,2 kt,nkt kt,1

OAkt,2, ··· , OAkt,lt .

(2). Based on (1), we pick out the x1-form rotation symmetric orbit from OAk1,1, and pick out the x2-form rotation symmetric orbit from OAk1,2, ··· , and pick out the xl1 -form rotation symmetric orbit from OAk1,l1 ;

(3). We pick out the xl1+1-form rotation symmetric orbit from OAk2,1, and pick out the xl1+2-form rotation symmetric orbit from OAk2,2, ··· , and pick out the xl1+l2 -form rotation symmetric orbit from OAk2,l2 . So on and so forth, ··· , ··· , ···

(t + 1). We pick out the xr−lt+1-form rotation symmetric orbit from OAkt,1, and pick out the xr−lt+2-form rotation symmetric orbit from OAkt,2, ··· , and pick out the xr-form rotation symmetric orbit from OAkt,lt . All the rotation symmetric orbits picked out from (2) to (t + 1) are regarded as B0. The equation system (1) means that r number of rotation symmetric orbits picked out from (2) to (t + 1) contribute w − 1 number of 0s and w number of js for the ﬁrst column of B0 for 1 ≤ j ≤ p − 1, adding the vector eq,0 to B0, then B0 is now an OA(rq + 1, q, p, 1). Notice that if X = (X0, X1, ··· , Xp−1) is a solution of the following equation system er,1X = ep,w − e1, (2) > > Xep,1 = er,q, then (Xπj (0), Xπj (1), ··· , Xπj (p−1)) is a solution of the following equation system er,1X = ep,w − e1+πp−j (0), (3) > > Xep,1 = er,q,

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 Constructing 1-resilient rotation symmetric functions over Fp 255 and vice visa, where Xπj (i) is the (1 + i)-th column vector of X. In what follows, we regard (Xπj (0), Xπj (1), ··· , Xπj (p−1)) as X above, do (2) to (t + 1) repeatedly, and pick out eq,πp−j (0), and regard these rotation symmetric orbits as Bπp−j (0), where 1 ≤ j ≤ p − 1. By the same way, we know that Bπp−j (0) is also an OA(rq + 1, q, p, 1). Step 3. We divide the rest OAs(pq, q, p, 1) into p groups on average, denoted pq−1−(qr+1) them by A0,A1, ··· ,Ap−1, and each group Ai contains g = pq diﬀerent OA(pq, q, p, 1). At last, we add an OA(rq + 1, q, p, 1) constructed in Step 2 to each group Ai, and denote the groups as V0,V1, ··· ,Vp−1. Now we deﬁne q-variable function f(x) as

f(x): {x|f(x) = i} = Vi, 0 ≤ i ≤ p − 1.

Theorem 4 The functions f(x) obtained in Construction 1 are q-variable 1- resilient rotation symmetric functions over Fp. Proof. It is clear that f(x) take the same value in all the vectors of the same rotation symmetric orbit, this implies that f(x) is a q-variable rotation symmetric function over Fp. We only need to prove that f(x) is 1-resilient. Firstly, from step 2, we know that each Vi contains an OA(rq+1, q, p, 1), which is consisted of r long rotation symmetric orbits and a short rotation symmetric orbit, where 0 ≤ i ≤ p − 1. pq−1−(qr+1) Secondly, by Step 3, we know that each Vi also contains g = pq different OAs(pq, q, p, 1), each OA(pq, q, p, 1) consist of p different long rotation symmetric orbits. Thirdly, from step 2 to step 3, we know that the number of vectors contained q−1 in Vi is g · pq + (rq + 1) = p , where 0 ≤ i ≤ p − 1. This implies that f(x) is balanced. Because each Vi is composed of many orthogonal arrays of strength 1, Vi is also orthogonal arrays of strength 1. By reasons above, we conclude that f(x) is 1-resilient. This finishes the proof of Theorem 4. j j Remark 2. Particularly, if {τ |0 ≤ j ≤ p − 1} = Cp = {ρp|0 ≤ j ≤ p − 1}, and let it act on the set I, then the method proposed in [12] can be seen as a special case of Construction 1 proposed above. Corollary 1 Suppose that N is the number of the q-variable 1-resilient rotation symmetric functions over Fp. Then (p · g)! N ≥ p! · . (g!)p

Proof. For all the groups obtained from Step 2 to Step 3, according to Step 3, the total number of q-variable rotation symmetric 1-resilient functions over GF (p) is p−1 p−1 p! · ( Q C(p · g − i · g, g)). By Lemma 2 in [7], we know that p! · ( Q C(p · g − i=0 i=0 (p·g)! i · g, g)) = p! · (g!)p . But if we adopt diﬀerent X or diﬀerent transformation τ to obtain B0,B1, ··· ,Bp−1 and A0,A1, ··· ,Ap−1, we will get more q-variable 1- (p·g)! resilient rotation symmetric functions over Fp, which means that N ≥ p! · (g!)p . This completes the proof of Corollary 1. In order to demonstrate the method proposed above, we give a simple example as follows:

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 256 Jiao Du, Longjiang Qu, Chao Li and Xin Liao

Example 1. Suppose that p = 5, q = 7, we consider the construction of 7-variable 1-resilient rotation symmetric functions over the space F5. Step 1. We can compute the total number of all the long rotation symmetric 57−5 orbits is 7 = 1160, and the number of the diﬀerent forms of the long rotation symmetric orbits is C(p + q − 1, q) − p = C(11, 4) − 5 = 325. According to Step 1 57−1−1 of Construction 1, suppose that r = 7 − 5 · g, 1 ≤ r ≤ 4, g ≥ 0, then we know 2·7+1 that r = 2, w = 5 = 3. Without loss of generality, suppose that π ∈ Sp is such that 0 → π(0) = 3 → π2(0) = 2 → π3(0) = 4 → π4(0) = 1, and the transformation τ is deﬁned as

j τ (i0, i1, i2, i3, i4) = (iπj (0), iπj (1), iπj (2), iπj (3), iπj (4)), 0 ≤ j ≤ 4.

j Let the group C5 = {τ |0 ≤ j ≤ 4} act on set whose elements are all the forms of the long rotation symmetric orbits, for simplicity, denote (i0, i1, i2, i3, i4) as i0i1i2i3i4, then we have the following orbits with help of a computer: ∆1 = {00016, 10600, 01060, 60001, 06100}; ∆2 = {00061, 60100, 06010, 10006, 01600}; ∆3 = {00106, 00610, 10060, 61000, 06001}; ∆4 = {00601, 00160, 60010, 16000, 01006}; ∆5 = {00025, 20500, 02050, 50002, 05200}; ∆6 = {00052, 50200, 05020, 20005, 02500}; ∆7 = {00205, 00520, 20050, 52000, 05002}; ∆8 = {00502, 00250, 50020, 25000, 02005}; ∆9 = {00034, 30400, 03040, 40003, 04300}; ∆10 = {00043, 40300, 04030, 30004, 03400}; ∆11 = {00304, 00430, 30040, 43000, 04003}; ∆12 = {00403, 00340, 40030, 34000, 03004}; ∆13 = {00115, 10510, 11050, 51001, 05101}; ∆14 = {00151, 50110, 15010, 11005, 01501}; ∆15 = {00511, 10150, 51010, 15001, 01105}; ∆16 = {01015, 10501, 01150, 50011, 15100}; ∆17 = {01051, 50101, 05110, 10015, 11500}; ∆18 = {01105, 00511, 10150, 51010, 15001} ∆19 = {00124, 20410, 12040, 41002, 04201}; ∆20 = {00142, 40210, 14020, 21004, 02401} ∆21 = {00214, 10420, 21040, 42001, 04102}; ∆22 = {00241, 40120, 24010, 12004, 01402} ∆23 = {00412, 10240, 41020, 24001, 02104}; ∆24 = {00421, 20140, 42010, 14002, 01204} ∆25 = {01024, 20401, 02140, 40012, 14200}; ∆26 = {01042, 40201, 04120, 20014, 12400} ∆27 = {01204, 00421, 20140, 42010, 14002}; ∆28 = {01402, 00241, 40120, 24010, 12004} ∆29 = {02041, 40102, 04210, 10024, 21400}; ∆30 = {02104, 00412, 10240, 41020, 24001} ∆31 = {00133, 30310, 13030, 31003, 03301}; ∆32 = {00313, 10330, 31030, 33001, 03103} ∆33 = {00331, 30130, 33010, 13003, 01303}; ∆34 = {01033, 30301, 03130, 30013, 13300} ∆35 = {01303, 00331, 30130, 33010, 13003}; ∆36 = {03031, 30103, 03310, 10033, 31300} ∆37 = {00223, 20320, 22030, 32002, 03202}; ∆38 = {00232, 30220, 23020, 22003, 02302} ∆39 = {00322, 20230, 32020, 23002, 02203}; ∆40 = {02023, 20302, 02230, 30022, 23200} ∆41 = {02032, 30202, 03220, 20023, 22300}; ∆42 = {02203, 00322, 20230, 32020, 23002} ∆43 = {01114, 10411, 11140, 41011, 14101}; ∆44 = {01141, 40111, 14110, 11014, 11401} ∆45 = {01411, 10141, 41110, 14011, 11104}; ∆46 = {04111, 10114, 11410, 11041, 41101} ∆47 = {01123, 20311, 12130, 31012, 13201}; ∆48 = {01132, 30211, 13120, 21013, 12301} ∆49 = {01213, 10321, 21130, 32011, 13102}; ∆50 = {01231, 30121, 23110, 12013, 11302} ∆51 = {01312, 10231, 31120, 23011, 12103}; ∆52 = {01321, 20131, 32110, 13012, 11203} ∆53 = {02113, 10312, 11230, 31021, 23101}; ∆54 = {02131, 30112, 13210, 11023, 21301} ∆55 = {02311, 10132, 31210, 13021, 21103}; ∆56 = {03112, 10213, 11320, 21031, 32101} ∆57 = {03121, 20113, 12310, 11032, 31201}; ∆58 = {03211, 10123, 21310, 12031, 31102} ∆59 = {01222, 20221, 22120, 22012, 12202}; ∆60 = {02122, 20212, 12220, 21022, 22201} ∆61 = {02212, 10222, 21220, 22021, 22102}; ∆62 = {02221, 20122, 22210, 12022, 21202} ∆63 = {11113, 11311, 11131, 31111, 13111}; ∆64 = {11122, 21211, 12121, 21112, 12211} ∆65 = {11212, 11221, 21121, 22111, 12112}; n1 = n2 = n3 = n4 = 1, n5 = n6 = n7 = n8 = 3, n9 = n10 = n11 = n12 = 5, n13 = n14 = n15 = n16 = n17 = n18 = 6, n19 = n20 = n21 = n22 = n23 = n24 = n25 = n26 = n27 = n28 = n29 = n30 = 15, n31 = n32 = n33 = n34 = n35 = n36 = 20,

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 Constructing 1-resilient rotation symmetric functions over Fp 257

n37 = n38 = n39 = n40 = n41 = n42 = n43 = n44 = n45 = n46 = 30, n47 = n48 = n49 = n50 = n51 = n52 = n53 = n54 = n55 = n56 = n57 = n58 = 60, n59 = n60 = n61 = n62 = 90, n63 = 120, n64 = n65 = 180. By Theorem 2, we can construct the following orthogonal arrays:

OAk,1(pq, q, p, 1), OAk,2(pq, q, p, 1), ······ , OAk,nk (pq, q, p, 1), where 1 ≤ k ≤ 65. Step 2. Find r special OAs(pq, q, p, 1), and partition them into rp diﬀerent rotation symmetric orbits. Recall that the corresponding equation system (2) turned into the following equation system: e2,1X = e5,3 − e1, > > Xe5,1 = e2,7, x x x x x x where X = 1,0 1,1 1,2 1,3 1,4 = 1 . Solve the above equation x2,0 x2,1 x2,2 x2,3 x2,4 x2 system, then we have a solution as follows: 1 1 3 1 1 x = 1 . 1 2 0 2 2 x2

Notice that x1 = (i0, i1, i2, i3, i4) = 11311 ∈ ∆63, and x2 = (j0, j1, j2, j3, j4) = 12022 ∈ ∆62, then l l τ (x1) = (iπl(0), iπl(1), iπl(2), iπl(3), iπj (4)), τ (x2) = (jπl(0), jπl(1), jπl(2), jπl(3), jπl(4)), l τ (x1) where 0 ≤ l ≤ 4, this implies that X = l is a solution of the following τ (x2) equation system e2,1X = e5,3 − e1+π5−l(0), > > Xe5,1 = e2,7, Now we divide two OAs(35,7,5,1) into 10 diﬀerent long rotation symmetric orbits, without loss of generality, denoted by OA62,1(35,7,5,1) and OA63,1(35, 7, 5, 1), according to Step 2 of Construction 1, we can construct 5 diﬀerent OAs(15,7,5,1), i.e. B0,B1, ··· ,B4. Step 3. According to Step 3 of Construction 1, without loss of generality, let [ [ A0 = OAk,l OA39,l;

1≤k≤38,1≤l≤nk 1≤l≤14 [ [ [ A1 = OA39,l OAk,l OA50,l;

15≤l≤30 40≤k≤49,1≤l≤nk 1≤l≤40 [ [ [ A2 = OA50,l OAk,l OA58,l;

41≤l≤60 51≤k≤57,1≤l≤nk 1≤l≤6 [ [ [ [ A3 = OA58,l OAk,l OA62,l OA65,l;

7≤l≤60 59≤k≤61,1≤l≤nk 2≤l≤90 1≤l≤33 [ [ [ A4 = OA63,l OA64,l OA65,l; 2≤l≤120 1≤l≤180 34≤l≤180 then we can deﬁne f(x) as

f(x): {x|f(x) = i} = Vi = Bi ∪ Ai, 0 ≤ i ≤ 4. It is clear that f(x) is 1-resilient, and it is easy to check that f(x) can not be S constructed by the method proposed in [12]. In fact, notice that OA37,l is 1≤l≤30

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 258 Jiao Du, Longjiang Qu, Chao Li and Xin Liao

S contained in A0, and OA40,l is contained in A1, without loss of generality, 1≤l≤30 we consider the rotation symmetric orbits whose form is 00223 ∈ ∆37. According to Theorem 1 in [12], we know that there exist some rotation symmetric orbits whose form is 02230 ∈ ∆40 take same value with some of the 00223-form rotation symmetric orbits, where 00223 ∈ ∆37. Now, based on the functions constructed by the method above, we present a novel method to construct more new 1-resilient rotation symmetric functions. Construction 2 Construction 2 is an eﬃcient method via switching the rotation symmetric orbits based on Construction 1. Now, we give a technique to obtain new q-variable resilient rotation symmetric functions over Fp via switching the rotation symmetric orbits based on Construction 1. The transformation τ is deﬁned as before, notice that the following correspon- dences     i0, i1, ··· , ip−1 i0 i1 ··· ip−1  τ(i0, i1, ··· , ip−1)   iπ(0) iπ(1) ··· iπ(p−1)    =   = M.  .   . . . .   .   . . . .  p−1 τ (i0, i1, ··· , ip−1) iπp−1(0) iπp−1(1) ··· iπp−1(p−1)

Suppose that   y1,0 y1,1 ··· y1,p−1  y2,0 y2,1 ··· y2,p−1  Y =    . . . .   . . . .  yp,0 yp,1 ··· yp,p−1 is a solution of the following equation system ep,1Y = ep,0, > > Yep,1 = ep,0, where all yi,j are integers for 0 ≤ i, j ≤ p − 1, and 0 ≤ yi,j + iπi−1(j) ≤ p − 1 for all possible i and j. Then we have the matrix M + Y = (yi,j + iπi−1(j))p×p =

  i0 + y1,0 i1 + y1,1 ··· ip−1 + y1,p−1  iπ(0) + y2,0 iπ(1) + y2,1 ··· iπ(p−1) + y2,p−1   .  . . . .   . . . .  iπp−1(0) + yp,0 iπp−1(1) + yp,1 ··· iπp−1(p−1) + yp,p−1

It can be checked that M and M + Y are both the solutions of the equation system (1) in Theorem 1. According to proof of Theorem 1, by utilizing the row vectors of M + Y , an OAs(pq, q, p, 1) can be constructed. On the other hand, we can determine p diﬀerent integers, i.e. 1 ≤ l0, l1, ··· , lp−1 ≤ m, such that (i0 + y1,0, i1 + y1,1, ··· , ip−1 + y1,p−1) ∈ ∆l0 ,(iπ(0) + y2,0, iπ(1) + p−1 p−1 p−1 y2,1, ··· , iπ(p−1)+y2,p−1) ∈ ∆l1 , ······ ,(iπ (0)+yp,0, iπ (1)+yp,1, ··· , iπ (p−1)+ yp,p−1) ∈ ∆lp−1 , without loss of generality, in the sequel, we choose OAl0,1(pq, q, p, 1),

OAl1,1(pq, q, p, 1), ··· , OAlp−1,1(pq, q, p, 1), and divide them into p diﬀerent rotation

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 Constructing 1-resilient rotation symmetric functions over Fp 259 symmetric orbits respectively. Notice that

 k  τ (i0 + y1,0, i1 + y1,1, ··· , ip−1 + y1,p−1) k  τ (iπ(0) + y2,0, iπ(1) + y2,1, ··· , iπ(p−1) + y2,p−1)  τ k(M + Y ) =    .   .  k τ (iπp−1(0) + yp,0, iπp−1(1) + yp,1, ··· , iπp−1(p−1) + yp,p−1) is also a solution of the equation system (1) in Theorem 1 for each 1 ≤ k ≤ p − 1. By Theorem 1, we can construct p number of diﬀerent OAs(pq, q, p, 1) again, and add them to Vi respectively to keep f(x) to be balanced. And do the above steps repeatedly, then diﬀerent q-variable 1-resilient rotation symmetric functions over Fp can be constructed. Theorem 5 If f(x) is a q-variable 1-resilient rotation symmetric function over Fp constructed by Construction 1, and g(x) is constructed via switching rotation symmetric orbits based on f(x) according to Construction 2. Then g(x) is also a q-variable 1-resilient rotation symmetric function. Proof Notice that f(x) is a q-variable 1-resilient rotation symmetric function over Fp constructed by Construction 1, this means that f(x) is correspondence with a large set of orthogonal arrays, i.e.{V0,V1, ··· ,Vp−1}. According to Construction

2, we choose p diﬀerent orthogonal arrays, i.e., OAl0,1(pq, q, p, 1), OAl1,1(pq, q, p, 1),

··· , OAlp−1,1(pq, q, p, 1), without loss of generality, we assume that OAli,1 is contained in Vi, where 0 ≤ i ≤ p − 1. By switching rotation symmetric orbits of these p number of OAs(pq, q, p, 1), we construct p diﬀerent new OAs(pq, q, p, 1), and set them aside Vi to keep the function to be balanced. It is obvious that g(x) is also a q-variable 1-resilient rotation symmetric function. In order to demonstrate the eﬀectiveness of the above method, we present an example as follows:

Example 2. Based on the function f(x) in Example 1, we assume that π ∈ S5 is such that 0 → π(0) = 3 → π2(0) = 2 → π3(0) = 4 → π4(0) = 1, we have the following latin square

 0 1 2 3 4   0 1 2 3 4   π(0) π(1) π(2) π(3) π(4)   3 0 4 2 1       π2(0) π2(1) π2(2) π2(3) π2(4)  =  2 3 1 4 0 ,      π3(0) π3(1) π3(2) π3(3) π3(4)   4 2 0 1 3  π4(0) π4(1) π4(2) π4(3) π4(4) 1 4 3 0 2 which is corresponded with the following matrix

  i0 i1 i2 i3 i4  i3 i0 i4 i2 i1     i2 i3 i1 i4 i0 .    i4 i2 i0 i1 i3  i1 i4 i3 i0 i2

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 260 Jiao Du, Longjiang Qu, Chao Li and Xin Liao

Without loss of generality, suppose that (i0, i1, i2, i3, i4) = (0, 0, 2, 1, 4) ∈ ∆21, then we have     i0 i1 i2 i3 i4 0 0 2 1 4  i3 i0 i4 i2 i1   1 0 4 2 0      M =  i2 i3 i1 i4 i0  =  2 1 0 4 0 .      i4 i2 i0 i1 i3   4 2 0 0 1  i1 i4 i3 i0 i2 0 4 1 0 2 Let  0 0 3 0 −3   1 0 −3 −1 3    Y =  −1 0 0 1 0 ,    −2 2 0 0 0  2 −2 0 0 0 then M + Y =  0 0 2 1 4   0 0 3 0 −3   0 0 5 1 1   1 0 4 2 0   1 0 −3 −1 3   2 0 1 1 3         2 1 0 4 0  +  −1 0 0 1 0  =  1 1 0 5 0 .        4 2 0 0 1   −2 2 0 0 0   2 4 0 0 1  0 4 1 0 2 2 −2 0 0 0 2 2 1 0 2

Notice that 00511 ∈ ∆15 = {00511, 10150, 51010, 15001, 01105}, 20113 ∈ ∆57 = {03121, 20113, 12310, 11032, 31201}, 11050 ∈ ∆13 = {00115, 10510, 11050, 51001, 05101}, 24001 ∈ ∆23 = {00412, 10240, 41020, 24001, 02104}, 22102 ∈ ∆61 = {02212, 10222, 21220, 22021, 22102}. It is obvious that the matrix M + Y is a solution of equation system (1), and 00511 ∈ ∆15, 20113 ∈ ∆57, 11050 ∈ ∆13, 24001 ∈ ∆23, 22102 ∈ ∆61. Without loss of generality, we choose OA15,1, OA57,1, OA13,1, OA23,1, OA61,1 respectively, and divide them into 25 different rotation symmetric orbits. By Theorem 1, We construct 5 different new OAs(35, 7, 5, 1) according to the following method: According to the matrix τ i(M + Y ), where 0 ≤ i ≤ p − 1, firstly, if we choose a τ i(0, 0, 5, 1, 1)-form rotation symmetric orbit, and a τ i(2, 0, 1, 1, 3)-form, a τ i(1, 1, 0, 5, 0)-form, a τ i(2, 4, 0, 0, 1)-form, a τ i(2, 2, 1, 0, 2)-form rotation symmetric orbit respectively, notice that  τ i(0, 0, 5, 1, 1)   τ i(2, 0, 1, 1, 3)  i   τ (M + Y ) =  τ i(2, 4, 0, 0, 1)     τ i(4, 2, 0, 0, 1)  τ i(2, 2, 1, 0, 2) is the solution of equation system (1), by Theorem 1, then we can obtain 5 different OAs(35, 7, 5, 1), denoted by Ci, 0 ≤ i ≤ 4. Suppose that f(x),Ai, and Bi are defined as Example 1, where 0 ≤ i ≤ 4, and Ci is defined as above, 0 ≤ i ≤ 4, let

U0 = [V0 \ (OA15,1 ∪ OA13,1OA23,1)] ∪ C0 ∪ C1 ∪ C2;

U1 = V1;

U2 = (V2 \ OA57,1) ∪ C3;

U3 = (V3 \ OA61,1) ∪ C4;

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 Constructing 1-resilient rotation symmetric functions over Fp 261

U4 = V4. Then we deﬁne g(x) as

g(x): {x|g(x) = i} = Ui, 0 ≤ i ≤ 4. By using Theorem 5, we can draw a conclusion that g(x) is also a q-variable 1- resilient rotation symmetric function. Remark 3 In fact, if we modify the matrix Y , then diﬀerent M + Y is obtained, by utilizing M + Y , more q-variable 1-resilient rotation symmetric functions can be constructed.

4. Concluding remarks In this paper, a method to construct OAs(pq, q, p, 1) is presented via solving an equation system. Based on a latin square with maximum cycle structure, a special strategy to construct OAs(pq, q, p, 1) is proposed, i.e, Theorem 2. With the help of Theorem 2, a generalized method of the known results proposed in [12] to obtain a class of q-variable 1-resilient RSFs is demonstrated. In fact, the constructions proposed in [12] can be seen as a special case of Construction 1. Additionally, inspired by known results, by modifying the l-value support tables of the known q- variable 1-resilient RSFs, a new class of q-variable 1-resilient RSFs are constructed. Two examples are given to illustrate our constructions, it seems that the q-variable 1-resilient RSFs constructed by our methods can not be constructed by earlier method. We also try to study the constructions of all the q-variable 1-resilient RSFs, where q prime and q 6= p, but this case is seems diﬃcult to construct all the q-variable 1-resilient RSFs. Owing to the 1-resilient RSFs represented by support tables, how to study the other properties of of 1-resilient RSFs constructed by the method proposed in this paper, and the construction of 1-resilient RSFs on given number of variables remain to be an open problems. This will be our future work.

Acknowledgments The authors sincerely thank the editors and the referees for their many valuable comments which help us highly improving the paper. The authors are supported by National Natural Science Foundation of China(Grant No.61672530, No.61722213, No.6152026, No.11971004, No.61972142, No.U1404601), Hunan Provincial Natu- ral Science Foundation of China(Grant No.2017JJ3040), Open Project Program of National Laboratory of Pattern Recognition(Grant No.201900017), CERNET In- novation Project (Grant No. NGII20180412).

References

[1] A. Canteaut and M. Videau, Symmetric Boolean functions,IEEE Trans. Inf. Theory, 51 (2005), 2791–2811. [2] C. Carlet, G. P. Gao and W. F. Liu, A secondary construction and a transformation on rotation symmetric functions, and their action on bent and semibent functions, J. Combin. Theory Ser. A, 127 (2014), 161–175. [3] C. Carlet, G. P. Gao and W. F. Liu, Results on constructions of rotation symmetric bent and semibent functions, Sequences and Their Applications—SETA 2014 , Lecture Notes in Comput. Sci., Springer, Cham, 8865 (2014), 21–33, http://dx.doi.org/10.1007/ 978-3-319-12325-7_2. [4] C. Carlet, D. K. Dalai, K. C. Gupta and S. Maitra, Algebraic immunity for cryptographically signiﬁcant Boolean functions: Analysis and construction, IEEE Trans. Inf. Theory, 52 (2006), 3105–3121.

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 262 Jiao Du, Longjiang Qu, Chao Li and Xin Liao

[5] G. Z. Chen, C. Shi and Y. Guo, Ideal ramp schemes and augmented orthogonal arrays, Discrete Mathematics, 342 (2019), 405–411. [6] T. W. Cusick and P. Stˇanicˇa, Cryptographic Boolean Functions and Applications, Else- vier/Academic Press, Amsterdam, 2009. [7] T. W. Cusick, Y. Li and P. Stˇanicˇa, Balanced symmetric functions over GF (p), IEEE Trans. Inf. Theory, 54 (2008), 1304–1307. [8] J. Du, Q. Wen, J. Zhang and S. Pang, Constructions of resilient rotation symmetric Boolean functions on given number of variables, IET Information Security, 8 (2014), 265–272. [9] J. Du, Q. Wen, S. Pang and X. Liao, Construction and count of 1-resilient rotation symmetric Boolean functions on pr variables, Chinese Journal of Electronics, 23 (2014), 816–820. [10] J. Du, S.-Q. Pang, Q.-Y. Wen and J. Zhang, Construction of a class of quantum Boolean functions based on the Hadamard matrix, Acta Mathematicae Applicatae Sinica, English Series, 31 (2015), 1013–1020. [11] J. Du, C. Li, S. Fu and S. Pang, Constructions of p-varible 1-resilient rotation symmetric functions over GF (p), Security and Communication Networks, 9 (2016), 5651–5658. [12] J. Du, S. Fu, L. Qu, C. Li and S. Pang, New constructions of q-varible 1-resilient rotation symmetric functions over Fp, Science China Information Science, 59 (2016), 079102, http: //dx.doi.org/10.1007/s11432-016-5569-x. [13] J. Du, Q. Y. Wen, J. Zhang and X. Liao, New construction of symmetric orthogonal arrays of strength t, IEICE Transactions on Fundamentals., 96-A (2013), 1901–1904. [14] E. Filiol and C. Fontaine, Highly nonlinear balanced Boolean functions with a good correlation-immunity, in Advances in Cryptology—EUROCRYPT’98 (Espoo), Lecture Notes in Comput.Sci., Springer, Berlin, 1403 (1998), 475–488. [15] C. Fontaine, On some cosets of the first-order Reed-Muller code with high minimum weight, IEEE Trans. Inf. Theory, 45 (1999), 1237–1243. [16] S. Fu, L. Qu, C. Li and B. Sun, Balanced rotation symmetric Boolean functions with maximum algebraic immunity, IET Information Security, 5 (2011), 93–99. [17] S. J. Fu, C. Li, K. Matsuura and L. J. Qu, Construction of even-variable rotation symmetric Boolean functions with maximum algebraic immunity. Sci. China Inf. Sci., 56 (2013), 032106, 9 pp, https://link.springer.com/article/10.1007/s11432-011-4350-4. [18] S. J. Fu, C. Li, K. Matsuura and L. J. Qu, Enumeration of balanced symmetric functions over GF (p), Inf. Process. Lett., 110 (2010), 544–548. [19] S. J. Fu, C. Li, L. J. Qu and D. S. Dong, On the number of rotation symmetric functions over GF (p), Mathematical and Computer Modelling, 55 (2012), 142–150. [20] G. Gao, T. W. Cusick and W. Liu, Families of rotation symmetric functions with useful cryptographic properties, IET Information Security, 8 (2014), 297–302. [21] G. P. Gao, X. Y. Zhang, W. F. Liu and C. Carlet, Constructions of quadratic and cubic rotation symmetric bent Boolean functions, IEEE Trans. Inf. Theory, 58 (2012), 4908–4913. [22] K. Gopalakrishnan and D. R. Stinson, Three characterizations of non-binary correlation- immune and resilient functions, Des. Codes Cryptogr., 5 (1995), 241–251. [23] Y. P. Hu and G. Z. Xiao, Resilient functions over finite fields, IEEE Trans. Inf. Theory, 49 (2013), 2040–2046. [24] S. Kavut, Results on rotation symmetric S-boxes, Information Science, 201 (2012), 93–113. [25] S. Kavut, S. Maitra, S. Sarkar and M. D. Yücel, Enumeration of 9-variable Rotation symmetric Boolean functions having nonlinearity> 240, in Progress in Cryptology—INDOCRYPT 2006 , Lecture Notes in Comput. Sci., Springer, Berlin, 4329 (2006), 266–279. Available at: https: //eprint.iacr.org/2006/249. [26] S. Kavut, S. Maitra and M. D. Yücel, Search for Boolean functions with excellent profiles in the rotation symmetric class, IEEE Trans. Inf. Theory, 53 (2007), 1743–1751. [27] P. H. Ke, L. L. Huang and S. Y. Zhang, Improved lower bound on the number of balanced symmetric functions over GF (p), Information Sciences, 179 (2009), 682–687. [28] Y. Li, Results on rotation symmetric polynomials over GF (p), Information Sciences, 178 (2008), 280–286. [29] Y. Li and T. W. Cusick, Linear structure of symmetric functions over finite fields, Inf. Process. Lett., 97 (2006), 124–127. [30] M. Liu, P. Z. Lu and G. L. Mullen, Correlation-immune functions over finite fields, IEEE Trans. Inf. Theory, 44 (1998), 1273–1276.

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263 Constructing 1-resilient rotation symmetric functions over Fp 263

[31] A. Maximov, M. Hell and S. Maitra, Plateaued rotation symmetric Boolean functions on odd number of variables, First Workshop on Boolean Functions: Cryptography and Applica- tions(BFCA 05), Rouen, France, (2005), 83–104. [32] B. Mazumdar, D. Mukhopadhyay and I. Sengupta, Design and implementation of rotation symmetric S-boxes with high nonlinearity and high DPA resiliency, in IEEE International Symposium on Hardware-Oriented Security and Trust(HOST), (2013), 87–92. [33] S. Q. Pang, W. J. Xu, G. Z. Chen and Y. Wang, Constructions of symmetric and asymmetric orthogonal arrays of strength t from orthogonal partition, Indian Journal of Pure & Applied Mathematics, 49 (2018), 663–669. [34] J. Peng and H. B. Kan, Constructing correlation immune symmetric Boolean functions, IEICE Transactions on Fundamentals, 94-A (2011), 1591–1596. [35] J. Pieprzyk and C. X. Qu, Fast hashing and rotation symmetric functions, J. Univers. Com- put. Sci., 5 (1999), 20–31. [36] V. Rijmen, P. S. L. M. Barreto, F. Gazzoni and L. D´ecio, Rotation symmetry in algebraically generated cryptographic substitution tables, Inf. Process. Lett., 106 (2008), 246–250. [37] P. Sarkar and S. Maitra, Balancedness and correlation immunity of symmetric Boolean functions, Discrete Math., 307 (2007), 2351–2358. [38] P. Stˇanicˇa,S. Maitra and J. Clark, Results on rotation symmetric bent and correlation immune Boolean functions, Fast software encryption workshop (FSE 2004), New Delhi, India, LNCS3017, Springer Verlag, (2004), 161–177. [39] P. Stˇanicˇaand S. Maitra, Rotation symmetric Boolean functions—Count and cryptographic properties, Discrete Applied Mathematics, 156 (2008), 1567–1580. [40] P. Stˇanicˇaand S. Maitra, A constructive count of rotation symmetric functions, Inf. Process. Lett., 88 (2003), 299–304. [41] D. R. Stinson, Resilient functions and large sets of orthogonal arrays, Congressus Numer., 92 (1993), 105–110. [42] S. H. Su and X. H. Tang, Construction of rotation symmetric Boolean functions with optimal algebraic immunity and high nonlinearity, Des. Codes Cryptogr., 71 (2014), 183–199. [43] X. Y. Zeng, C. Carlet, J. Y. Shan and L. Hu, More balanced Boolean functions with optimal algebraic immunity and good nonlinearity and resistance to fast algebraic attacks, IEEE Trans. Inf. Theory, 57 (2011), 6310–6320. [44] Y. Zhang, M. C. Liu and D. D. Lin, On the immunity of rotation symmetric Boolean functions against fast algebraic attacks, Discrete Applied Mathematics, 162 (2014), 17–27. [45] W.-G. Zhang and E. Pasalic, Constructions of resilient S-boxes with strictly almost optimal nonlinearity through disjoint linear codes, IEEE Trans. Inf. Theory, 60 (2014), 1638–1651. Received May 2018; revised December 2018. E-mail address: [email protected] E-mail address: ljqu [email protected] E-mail address: lichao [email protected] E-mail address: [email protected]

Advances in Mathematics of Communications Volume 14, No. 2 (2020), 247–263