Coding Theory and Applications Solved Exercises and Problems Of
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Hamming Weight Attacks on Cryptographic Hardware – Breaking Masking Defense?
Hamming Weight Attacks on Cryptographic Hardware { Breaking Masking Defense? Marcin Gomu lkiewicz1 and Miros law Kuty lowski12 1 Cryptology Centre, Poznan´ University 2 Institute of Mathematics, Wroc law University of Technology, ul. Wybrzeze_ Wyspianskiego´ 27 50-370 Wroc law, Poland Abstract. It is believed that masking is an effective countermeasure against power analysis attacks: before a certain operation involving a key is performed in a cryptographic chip, the input to this operation is com- bined with a random value. This has to prevent leaking information since the input to the operation is random. We show that this belief might be wrong. We present a Hamming weight attack on an addition operation. It works with random inputs to the addition circuit, hence masking even helps in the case when we cannot control the plaintext. It can be applied to any round of the encryption. Even with moderate accuracy of measuring power consumption it de- termines explicitly subkey bits. The attack combines the classical power analysis (over Hamming weight) with the strategy of the saturation at- tack performed using a random sample. We conclude that implementing addition in cryptographic devices must be done very carefully as it might leak secret keys used for encryption. In particular, the simple key schedule of certain algorithms (such as IDEA and Twofish) combined with the usage of addition might be a serious danger. Keywords: cryptographic hardware, side channel cryptanalysis, Ham- ming weight, power analysis 1 Introduction Symmetric encryption algorithms are often used to protect data stored in inse- cure locations such as hard disks, archive copies, and so on. -
A [49 16 6 ]-Linear Code As Product of the [7 4 2 ] Code Due to Aunu and the Hamming [7 4 3 ] Code
General Letters in Mathematics, Vol. 4, No.3 , June 2018, pp.114 -119 Available online at http:// www.refaad.com https://doi.org/10.31559/glm2018.4.3.4 A [49 16 6 ]-Linear Code as Product Of The [7 4 2 ] Code Due to Aunu and the Hamming [7 4 3 ] Code CHUN, Pamson Bentse1, IBRAHIM Alhaji Aminu2, and MAGAMI, Mohe'd Sani3 1 Department Of Mathematics, Plateau State University Bokkos, Jos Nigeria [email protected] 2 Department Of Mathematics, Usmanu Danfodiyo University Sokoto, Sokoto Nigeria [email protected] 3 Department Of Mathematics, Usmanu Danfodiyo University Sokoto, Sokoto Nigeria [email protected] Abstract: The enumeration of the construction due to "Audu and Aminu"(AUNU) Permutation patterns, of a [ 7 4 2 ]- linear code which is an extended code of the [ 6 4 1 ] code and is in one-one correspondence with the known [ 7 4 3 ] - Hamming code has been reported by the Authors. The [ 7 4 2 ] linear code, so constructed was combined with the known Hamming [ 7 4 3 ] code using the ( u|u+v)-construction method to obtain a new hybrid and more practical single [14 8 3 ] error- correcting code. In this paper, we provide an improvement by obtaining a much more practical and applicable double error correcting code whose extended version is a triple error correcting code, by combining the same codes as in [1]. Our goal is achieved through using the product code construction approach with the aid of some proven theorems. Keywords: Cayley tables, AUNU Scheme, Hamming codes, Generator matrix,Tensor product 2010 MSC No: 97H60, 94A05 and 94B05 1. -
Coding Theory: Linear Error-Correcting Codes Coding Theory Basic Definitions Error Detection and Correction Finite Fields Anna Dovzhik
Coding Theory: Linear Error- Correcting Codes Anna Dovzhik Outline Coding Theory: Linear Error-Correcting Codes Coding Theory Basic Definitions Error Detection and Correction Finite Fields Anna Dovzhik Linear Codes Hamming Codes Finite Fields Revisited BCH Codes April 23, 2014 Reed-Solomon Codes Conclusion Coding Theory: Linear Error- Correcting 1 Coding Theory Codes Basic Definitions Anna Dovzhik Error Detection and Correction Outline Coding Theory 2 Finite Fields Basic Definitions Error Detection and Correction 3 Finite Fields Linear Codes Linear Codes Hamming Codes Hamming Codes Finite Fields Finite Fields Revisited Revisited BCH Codes BCH Codes Reed-Solomon Codes Reed-Solomon Codes Conclusion 4 Conclusion Definition A q-ary word w = w1w2w3 ::: wn is a vector where wi 2 A. Definition A q-ary block code is a set C over an alphabet A, where each element, or codeword, is a q-ary word of length n. Basic Definitions Coding Theory: Linear Error- Correcting Codes Anna Dovzhik Definition If A = a ; a ;:::; a , then A is a code alphabet of size q. Outline 1 2 q Coding Theory Basic Definitions Error Detection and Correction Finite Fields Linear Codes Hamming Codes Finite Fields Revisited BCH Codes Reed-Solomon Codes Conclusion Definition A q-ary block code is a set C over an alphabet A, where each element, or codeword, is a q-ary word of length n. Basic Definitions Coding Theory: Linear Error- Correcting Codes Anna Dovzhik Definition If A = a ; a ;:::; a , then A is a code alphabet of size q. Outline 1 2 q Coding Theory Basic Definitions Error Detection Definition and Correction Finite Fields A q-ary word w = w1w2w3 ::: wn is a vector where wi 2 A. -
Mceliece Cryptosystem Based on Extended Golay Code
McEliece Cryptosystem Based On Extended Golay Code Amandeep Singh Bhatia∗ and Ajay Kumar Department of Computer Science, Thapar university, India E-mail: ∗[email protected] (Dated: November 16, 2018) With increasing advancements in technology, it is expected that the emergence of a quantum computer will potentially break many of the public-key cryptosystems currently in use. It will negotiate the confidentiality and integrity of communications. In this regard, we have privacy protectors (i.e. Post-Quantum Cryptography), which resists attacks by quantum computers, deals with cryptosystems that run on conventional computers and are secure against attacks by quantum computers. The practice of code-based cryptography is a trade-off between security and efficiency. In this chapter, we have explored The most successful McEliece cryptosystem, based on extended Golay code [24, 12, 8]. We have examined the implications of using an extended Golay code in place of usual Goppa code in McEliece cryptosystem. Further, we have implemented a McEliece cryptosystem based on extended Golay code using MATLAB. The extended Golay code has lots of practical applications. The main advantage of using extended Golay code is that it has codeword of length 24, a minimum Hamming distance of 8 allows us to detect 7-bit errors while correcting for 3 or fewer errors simultaneously and can be transmitted at high data rate. I. INTRODUCTION Over the last three decades, public key cryptosystems (Diffie-Hellman key exchange, the RSA cryptosystem, digital signature algorithm (DSA), and Elliptic curve cryptosystems) has become a crucial component of cyber security. In this regard, security depends on the difficulty of a definite number of theoretic problems (integer factorization or the discrete log problem). -
Type I Codes Over GF(4)
Type I Codes over GF(4) Hyun Kwang Kim¤ San 31, Hyoja Dong Department of Mathematics Pohang University of Science and Technology Pohang, 790-784, Korea e-mail: [email protected] Dae Kyu Kim School of Electronics & Information Engineering Chonbuk National University Chonju, Chonbuk 561-756, Korea e-mail: [email protected] Jon-Lark Kimy Department of Mathematics University of Louisville Louisville, KY 40292, USA e-mail: [email protected] Abstract It was shown by Gaborit el al. [10] that a Euclidean self-dual code over GF (4) with the property that there is a codeword whose Lee weight ´ 2 (mod 4) is of interest because of its connection to a binary singly-even self-dual code. Such a self-dual code over GF (4) is called Type I. The purpose of this paper is to classify all Type I codes of lengths up to 10 and extremal Type I codes of length 12, and to construct many new extremal Type I codes over GF (4) of ¤The present study was supported by Com2MaC-KOSEF, POSTECH BSRI research fund, and grant No. R01-2006-000-11176-0 from the Basic Research Program of the Korea Science & Engineering Foundation. ycorresponding author, supported in part by a Project Completion Grant from the University of Louisville. 1 lengths from 14 to 22 and 34. As a byproduct, we construct a new extremal singly-even self-dual binary [36; 18; 8] code, and a new ex- tremal singly-even self-dual binary [68; 34; 12] code with a previously unknown weight enumerator W2 for ¯ = 95 and γ = 1. -
Arxiv:1311.6244V1 [Physics.Comp-Ph] 25 Nov 2013
An efficient implementation of Slater-Condon rules Anthony Scemama,∗ Emmanuel Giner November 26, 2013 Abstract Slater-Condon rules are at the heart of any quantum chemistry method as they allow to simplify 3N- dimensional integrals as sums of 3- or 6-dimensional integrals. In this paper, we propose an efficient implementation of those rules in order to identify very rapidly which integrals are involved in a matrix ele- ment expressed in the determinant basis set. This implementation takes advantage of the bit manipulation instructions on x86 architectures that were introduced in 2008 with the SSE4.2 instruction set. Finding which spin-orbitals are involved in the calculation of a matrix element doesn't depend on the number of electrons of the system. In this work we consider wave functions Ψ ex- For two determinants which differ by two spin- pressed as linear combinations of Slater determinants orbitals: D of orthonormal spin-orbitals φ(r): jl hDjO1jDiki = 0 (4) X Ψ = c D (1) jl i i hDjO2jDiki = hφiφkjO2jφjφli − hφiφkjO2jφlφji i All other matrix elements involving determinants Using the Slater-Condon rules,[1, 2] the matrix ele- with more than two substitutions are zero. ments of any one-body (O1) or two-body (O2) oper- An efficient implementation of those rules requires: ator expressed in the determinant space have simple expressions involving one- and two-electron integrals 1. to find the number of spin-orbital substitutions in the spin-orbital space. The diagonal elements are between two determinants given by: 2. to find which spin-orbitals are involved in the X substitution hDjO1jDi = hφijO1jφii (2) i2D 3. -
Coded Computing Via Binary Linear Codes: Designs and Performance Limits Mahdi Soleymani∗, Mohammad Vahid Jamali∗, and Hessam Mahdavifar, Member, IEEE
1 Coded Computing via Binary Linear Codes: Designs and Performance Limits Mahdi Soleymani∗, Mohammad Vahid Jamali∗, and Hessam Mahdavifar, Member, IEEE Abstract—We consider the problem of coded distributed processing capabilities. A coded computing scheme aims to computing where a large linear computational job, such as a divide the job to k < n tasks and then to introduce n − k matrix multiplication, is divided into k smaller tasks, encoded redundant tasks using an (n; k) code, in order to alleviate the using an (n; k) linear code, and performed over n distributed nodes. The goal is to reduce the average execution time of effect of slower nodes, also referred to as stragglers. In such a the computational job. We provide a connection between the setup, it is often assumed that each node is assigned one task problem of characterizing the average execution time of a coded and hence, the total number of encoded tasks is n equal to the distributed computing system and the problem of analyzing the number of nodes. error probability of codes of length n used over erasure channels. Recently, there has been extensive research activities to Accordingly, we present closed-form expressions for the execution time using binary random linear codes and the best execution leverage coding schemes in order to boost the performance time any linear-coded distributed computing system can achieve. of distributed computing systems [6]–[18]. However, most It is also shown that there exist good binary linear codes that not of the work in the literature focus on the application of only attain (asymptotically) the best performance that any linear maximum distance separable (MDS) codes. -
ERROR CORRECTING CODES Definition (Alphabet)
ERROR CORRECTING CODES Definition (Alphabet) An alphabet is a finite set of symbols. Example: A simple example of an alphabet is the set A := fB; #; 17; P; $; 0; ug. Definition (Codeword) A codeword is a string of symbols in an alphabet. Example: In the alphabet A := fB; #; 17; P; $; 0; ug, some examples of codewords of length 4 are: P 17#u; 0B$#; uBuB; 0000: Definition (Code) A code is a set of codewords in an alphabet. Example: In the alphabet A := fB; #; 17; P; $; 0; ug, an example of a code is the set of 5 words: fP 17#u; 0B$#; uBuB; 0000;PP #$g: If all the codewords are known and recorded in some dictionary then it is possible to transmit messages (strings of codewords) to another entity over a noisy channel and detect and possibly correct errors. For example in the code C := fP 17#u; 0B$#; uBuB; 0000;PP #$g if the word 0B$# is sent and received as PB$#, then if we knew that only one error was made it can be determined that the letter P was an error which can be corrected by changing P to 0. Definition (Linear Code) A linear code is a code where the codewords form a finite abelian group under addition. Main Problem of Coding Theory: To construct an alphabet and a code in that alphabet so it is as easy as possible to detect and correct errors in transmissions of codewords. A key idea for solving this problem is the notion of Hamming distance. Definition (Hamming distance dH ) Let C be a code and let 0 0 0 0 w = w1w2 : : : wn; w = w1w2 : : : wn; 0 0 be two codewords in C where wi; wj are elements of the alphabet of C. -
Faster Population Counts Using AVX2 Instructions
Faster Population Counts Using AVX2 Instructions Wojciech Mula,Nathan Kurz and Daniel Lemire∗ ?Universit´edu Qu´ebec (TELUQ), Canada Email: [email protected] Counting the number of ones in a binary stream is a common operation in database, information-retrieval, cryptographic and machine-learning applications. Most processors have dedicated instructions to count the number of ones in a word (e.g., popcnt on x64 processors). Maybe surprisingly, we show that a vectorized approach using SIMD instructions can be twice as fast as using the dedicated instructions on recent Intel processors. The benefits can be even greater for applications such as similarity measures (e.g., the Jaccard index) that require additional Boolean operations. Our approach has been adopted by LLVM: it is used by its popular C compiler (Clang). Keywords: Software Performance; SIMD Instructions; Vectorization; Bitset; Jaccard Index 1. INTRODUCTION phy [5], e.g., as part of randomness tests [6] or to generate pseudo-random permutations [7]. They can help find We can represent all sets of integers in f0; 1;:::; 63g duplicated web pages [8]. They are frequently used in using a single 64-bit word. For example, the word 0xAA bioinformatics [9, 10, 11], ecology [12], chemistry [13], (0b10101010) represents the set f1; 3; 5; 7g. Intersections and so forth. Gueron and Krasnov use population-count and unions between such sets can be computed using instructions as part of a fast sorting algorithm [14]. a single bitwise logical operation on each pair of words The computation of the population count is so (AND, OR). We can generalize this idea to sets of important that commodity processors have dedicated integers in f0; 1; : : : ; n − 1g using dn=64e 64-bit words. -
Improved List-Decodability of Random Linear Binary Codes
Improved list-decodability of random linear binary codes∗ Ray Li† and Mary Wootters‡ November 26, 2020 Abstract There has been a great deal of work establishing that random linear codes are as list- decodable as uniformly random codes, in the sense that a random linear binary code of rate 1 H(p) ǫ is (p, O(1/ǫ))-list-decodable with high probability. In this work, we show that such codes− are− (p,H(p)/ǫ + 2)-list-decodable with high probability, for any p (0, 1/2) and ǫ > 0. In addition to improving the constant in known list-size bounds, our argument—which∈ is quite simple—works simultaneously for all values of p, while previous works obtaining L = O(1/ǫ) patched together different arguments to cover different parameter regimes. Our approach is to strengthen an existential argument of (Guruswami, H˚astad, Sudan and Zuckerman, IEEE Trans. IT, 2002) to hold with high probability. To complement our up- per bound for random linear codes, we also improve an argument of (Guruswami, Narayanan, IEEE Trans. IT, 2014) to obtain an essentially tight lower bound of 1/ǫ on the list size of uniformly random codes; this implies that random linear codes are in fact more list-decodable than uniformly random codes, in the sense that the list sizes are strictly smaller. To demonstrate the applicability of these techniques, we use them to (a) obtain more in- formation about the distribution of list sizes of random linear codes and (b) to prove a similar result for random linear rank-metric codes. -
Conversion of Mersenne Twister to Double-Precision Floating-Point
Conversion of Mersenne Twister to double-precision floating-point numbers Shin Harasea,∗ aCollege of Science and Engineering, Ritsumeikan University, 1-1-1 Nojihigashi, Kusatsu, Shiga, 525-8577, Japan. Abstract The 32-bit Mersenne Twister generator MT19937 is a widely used random number generator. To generate numbers with more than 32 bits in bit length, and particularly when converting into 53-bit double-precision floating-point numbers in [0, 1) in the IEEE 754 format, the typical implementation con- catenates two successive 32-bit integers and divides them by a power of 2. In this case, the 32-bit MT19937 is optimized in terms of its equidistribution properties (the so-called dimension of equidistribution with v-bit accuracy) under the assumption that one will mainly be using 32-bit output values, and hence the concatenation sometimes degrades the dimension of equidis- tribution compared with the simple use of 32-bit outputs. In this paper, we analyze such phenomena by investigating hidden F2-linear relations among the bits of high-dimensional outputs. Accordingly, we report that MT19937 with a specific lag set fails several statistical tests, such as the overlapping collision test, matrix rank test, and Hamming independence test. Keywords: Random number generation, Mersenne Twister, Equidistribution, Statistical test 2010 MSC: arXiv:1708.06018v4 [math.NA] 2 Sep 2018 65C10, 11K45 1. Introduction Random number generators (RNGs) (or more precisely, pseudorandom number generators) are an essential tool for scientific computing, especially ∗Corresponding author Email address: [email protected] (Shin Harase) Preprint submitted to Elsevier September 5, 2018 for Monte Carlo methods. -
Applications of Search Techniques to Cryptanalysis and the Construction of Cipher Components. James David Mclaughlin Submitted F
Applications of search techniques to cryptanalysis and the construction of cipher components. James David McLaughlin Submitted for the degree of Doctor of Philosophy (PhD) University of York Department of Computer Science September 2012 2 Abstract In this dissertation, we investigate the ways in which search techniques, and in particular metaheuristic search techniques, can be used in cryptology. We address the design of simple cryptographic components (Boolean functions), before moving on to more complex entities (S-boxes). The emphasis then shifts from the construction of cryptographic arte- facts to the related area of cryptanalysis, in which we first derive non-linear approximations to S-boxes more powerful than the existing linear approximations, and then exploit these in cryptanalytic attacks against the ciphers DES and Serpent. Contents 1 Introduction. 11 1.1 The Structure of this Thesis . 12 2 A brief history of cryptography and cryptanalysis. 14 3 Literature review 20 3.1 Information on various types of block cipher, and a brief description of the Data Encryption Standard. 20 3.1.1 Feistel ciphers . 21 3.1.2 Other types of block cipher . 23 3.1.3 Confusion and diffusion . 24 3.2 Linear cryptanalysis. 26 3.2.1 The attack. 27 3.3 Differential cryptanalysis. 35 3.3.1 The attack. 39 3.3.2 Variants of the differential cryptanalytic attack . 44 3.4 Stream ciphers based on linear feedback shift registers . 48 3.5 A brief introduction to metaheuristics . 52 3.5.1 Hill-climbing . 55 3.5.2 Simulated annealing . 57 3.5.3 Memetic algorithms . 58 3.5.4 Ant algorithms .