Hacking of the AES with Boolean Functions

Total Page:16

File Type:pdf, Size:1020Kb

Hacking of the AES with Boolean Functions Hacking of the AES with Boolean Functions Michel Dubois and Eric´ Filiol Operational Cryptology and Virology Laboratory, 38 rue des Docteurs Calmette et Gurin, 53000 Laval, France Keywords: Block Cipher, Boolean Function, Cryptanalysis, AES. Abstract: One of the major issues of cryptography is the cryptanalysis of cipher algorithms. Some mechanisms for breaking codes include differential cryptanalysis, advanced statistics and brute-force. Recent works also at- tempt to use algebraic tools to reduce the cryptanalysis of a block cipher algorithm to the resolution of a system of quadratic equations describing the ciphering structure. In our study, we will also use algebraic tools but in a new way: by using Boolean functions and their properties. A Boolean function is a function from Fn F with n > 1. The arguments of Boolean functions are binary words of length n. Any Boolean function 2 → 2 can be represented, uniquely, by its algebraic normal form which is an equation which only contains additions modulo 2—the XOR function—and multiplications modulo 2—the AND function. Our aim is to describe the AES algorithm as a set of Boolean functions then calculate their algebraic normal forms by using the Moe- bius transforms. After, we use a specific representation for these equations to facilitate their analysis and particularly to try a combinatorial analysis. Through this approach we obtain a new kind of equations system. 1 INTRODUCTION nately, these approaches are infeasible because of the difficulty of solving large systems of equations. The block cipher algorithms are a family of cipher al- We will also use algebraic tools but in a new way gorithms which use symmetric key and work on fixed by using Boolean functions and their properties. Our length blocks of data. aim is to describe a block cipher algorithm as a set of Since Novembre 26, 2001, the block cipher algo- Boolean functions then calculate their algebraic nor- rithm “Rijndael”, became the successor of DES under mal forms by using the Moebius transforms. the name of “Advanced Encryption Standard” (AES). In our study, we will test our approach on the Its designers, Joan Daemen and Vincent Rijmen used AES algorithm. Our goal is to describe it under the algebraic tools to give to their algorithm an unequaled form of systems of Boolean functions and to calcu- level of assurance against the standard statistical tech- late their algebraic normal forms by using the Moe- niques of cryptanalysis. The AES can process data bius transforms. The system of equations obtained blocks of 128 bits, using cipher keys with lengths of is more easily implementable and could open new 128, 192, and 256 bits (NIST, 2001). ways to cryptanalysis of the AES. We have devel- One of the major issues of cryptography is the oped a proof of concept of our approach in python cryptanalysis of cipher algorithms. Cryptanalysis is language. The resulting programs are open source the study of methods for obtaining the meaning of and available on github at the following address: encrypted information, without access to the secret https://github.com/archoad/BooleanAES. information that is normally required. Some mech- anisms for breaking codes include differential crypt- analysis, advanced statistics and brute-force. Recent works like (Murphy and Robshaw, 2002), 2 BOOLEAN FUNCTIONS attempt to use algebraic tools to reduce the cryptanal- ysis of a block cipher algorithm to the resolution of a 2.1 Definition system of quadratic equations describing the cipher- ing structure. As an example, Nicolas Courtois and Let be the set B = 0,1 and B2 = B, , , a { n} { ∧ ∨ ¬} Josef Pieprzyk have described the AES-128 algorithm Boolean algebra, then B2 = (x1,x2, ,xn) such that as a system of 8000 quadratic equations with 1600 x B and 1 i n, is a subset of ···B containing all i ∈ 2 5 5 2 variables (Courtois and Pieprzyk, 2002). Unfortu- n-tuples of 0 and 1. The variable xi is called Boolean 599 Dubois, M. and Filiol, E. Hacking of the AES with Boolean Functions. DOI: 10.5220/0006091305990609 In Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP 2017), pages 599-609 ISBN: 978-989-758-209-7 Copyright c 2017 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved ForSE 2017 - 1st International Workshop on FORmal methods for Security Engineering variable if she only accepts values from B, that is Table 1: The 16 Boolean functions of degree 2. to say, if and only if x = 0 or x = 1 regardless of i i f0 0 1 i n. 5 5 f1 x1 x2 A Boolean function of degree n with n > 1 is a ∧ n f2 x1 x2 function f defined from B B2, that is to say built ∧ ¬ 2 → f3 x1 from Boolean variables and agreeing to return values f x x only in the set B = 0,1 . 4 ¬ 1 ∧ 2 f x For example, the{ function} f (x ,x ) = x x de- 5 2 1 2 1 2 f x x fined from B2 B is a Boolean function∧¬ of degree 6 1 Y 2 2 2 f x x two with: → 7 1 2 f (x ∨ x ) 8 ¬ 1 ∨ 2 f (x x ) f (0,0) = 0 9 ¬ 1 Y 2 f x f (0,1) = 0 10 ¬ 2 f11 x1 x2 f (1,0) = 1 ∨ ¬ f12 x1 f (1,1) = 0 f x¬ x 13 ¬ 1 ∨ 2 f (x x ) 14 ¬ 1 ∧ 2 Let n and m be two positive integers. A vec- f15 1 tor Boolean function is a Boolean function f defined n m from B2 B2 . Finally,→ we can define a random Boolean function 2.2 Representations as a Boolean function f whose values are independent and identically distributed random variables, that is to There are multiple representations of Boolean func- say: tions. We’ll look at the most common—the truth table—and that we will use later—a representation in n (x1,x2, ,xn) B GF(2). ∀ ··· ∈ 2 1 P[ f (x ,x , ,x ) = 0] = 1 2 ··· n 2 2.2.1 The Truth Table The number of Boolean functions is limited and n The different values taken by a Boolean function may depends on n. Thus, there is 22 Boolean functions. be presented in the form of a table called truth table. Similarly, the number of vector Boolean functions is The truth table characterizes a Boolean function. limited and depends on n and m. Thus, there exists n (2m)2 vector Boolean functions. 2.2.2 Representation in GF(2) If we take, for example, n = 2 then there exists 2 22 = 16 Boolean functions of degree two. These A Boolean function can also be presented in the form 16 Boolean functions are presented in the table 1. of a series of conjunctions including disjunctions, Among the Boolean functions of degree 2, the best negations and/or variables. This is called the con- junctive normal form. Thus, the sequence f = (a known are the functions OR, AND and XOR. ∨ ( ) b) ( a b) is the conjunctive normal form of the f The support supp f of a Boolean function is the ∧ ¬ ∨ set of elements x such that f (x) = 0, the Hamming function. Conversely, a Boolean function can be pre- weight wt( f ) of a Boolean function6 is the cardinal sented in the form of a series of disjunctions includ- from its support and we have: ing conjunctions, negations and/or variables. This is called the disjunctive normal form. Thus, the se- n quence g = (a b) ( a b) is the disjunctive normal wt( f ) = x B f (x) = 1 ∧ ∨ ¬ ∧ |{ ∈ 2 | }| form of the function g. A Boolean function is called balanced if wt( f ) = Now let the representation of Boolean functions in n 1 n m GF( ) 2 − . Similarly, a Boolean vector function B2 B2 2 . is said to be balanced if wt( f ) = 2n m (Carlet, 2010b).→ The set B = 0,1 associated with , and − { } ∧ ∨ ¬ For example, the support of the function operations is the Boolean algebra B2 = B, , , { ∧ ∨ ¬} f (x1,x2) = x1 x2, corresponding to logical OR is with the truth tables of the operations described in supp( f ) = (0∨,1),(1,0),(1,1) and its weight is figure (see fig. 1). If we introduce the two binary op- wt(f) = 3. { } erations and defined by the truth tables in fig- ⊕ • ure (see fig. 2), then B2 and the Galois field GF(2) are similar. More specifically, the Boolean algebra 600 Hacking of the AES with Boolean Functions of ANF( f ) with non-zero coefficients. Finally, the al- 0 1 0 1 ∧ ∨ a 0 1 gebraic normal form of a Boolean function exists and 0 0 0 0 0 1 is unique. a 1 0 In summary, any Boolean function can be repre- 1 0 1 1 1 1 ¬ sented uniquely by its algebraic normal form as the equation: Figure 1: Rules for Boolean algebra with two elements. f (x , ,x ) = a + 1 ··· n 0 0 1 0 1 a x + a x + + a x + • ⊕ 1 1 2 2 ··· n n a1,2x1x2 + + an 1,nxn 1xn+ 0 0 0 0 0 1 ··· − − + 1 0 1 1 1 0 ··· a1,2,...,nx1x2 ...xn Figure 2: Truth tables of and . • ⊕ Consider an example. Let the function f described by the truth table of the table 2 (B, , , ) and the field (GF(2), , ) are related by the∧ following∨ ¬ transformation formulas:• ⊕ Table 2: Truth table of the function f . a b = a b x x x f (x) ∧ • 1 2 3 a b = a b 0 0 0 0 • ∧ a b = a b (a b) 0 0 1 1 ∨ ⊕ ⊕ • 0 1 0 0 a b = (a b) ( a b) ⊕ ∧ ¬ ∨ ¬ ∧ 0 1 1 0 a = a 1 1 0 0 0 ¬ ⊕ 1 0 1 1 We can now define a Boolean function as a func- 1 1 0 0 tion f : n with n the set of binary vectors of F2 F2 F2 1 1 1 1 length n > →1.
Recommended publications
  • Convert Truth Table to Boolean Expression
    Convert Truth Table To Boolean Expression Gustave often dozings hydrostatically when neap Caspar libelled readably and Frenchify her mare's-tails. Weidar enlarges consumedly while oven-ready Byron allaying penetratingly or matriculating contagiously. Micah hark her tart calumniously, she thresh it commensurately. Input boolean expressions can have iframes disabled in use boolean truth table to convert truth tables into one convenient source from. This page an example, are converted into single output line argument to convert a boolean function as the truth table lists all possible. This is converted to follow up for example to a bar, we occasionally miss an arrow at boolean. Converting Truth Tables into Boolean Expressions Boolean. So that we know that is either nand gates instead of expression to relate outputs are the faster than by. Truth table Rosetta Code. And a sale group- eliminating algorithm to headquarters the superintendent of enable input. The and converting from my two. Tutorial Performing Boolean Algebra inside an FPGA using Look-Up Tables LUTs. DeMorgan's Laws tell us how to negate a boolean expression and what it. Creating expressions. Gives a nested table that truth values of expr with the outermost level on possible combinations of the ai. Truth Table from All Boolean Functions of 2 Variables y 0. Algebra simplifications methods: converting truth table to these symbols, we have already. Boolean function CircuitVerse. S1 S2 Light he is living truth abuse for the logical connective. Boolean Functions and Truth Tables The meaning or braid of a logical expression tout a Boolean function from the set is possible assignments of truth values for.
    [Show full text]
  • Multiplicative Complexity of Boolean Functions
    Multiplicative Complexity of Boolean Functions Meltem S¨onmezTuran National Institute of Standards and Technology, Gaithersburg, MD WPI ECE Online Graduate Seminar Lecture March 17 2021 In this presentation, ... • Overview - Computer Security Division of NIST • Circuit Complexity Problem • Multiplicative Complexity • Three results • Multiplicative Complexity of Boolean functions with n ≤ 6 • Boolean functions with Multiplicative Complexity 1,2,3 and 4 • Multiplicative Complexity of Symmetric Boolean Functions • Research Directions 1 National Institute of Standards and Technology • Non-regulatory federal agency within U.S. Department of Commerce. • Founded in 1901, known as the National Bureau of Standards (NBS) prior to 1988. • Headquarters in Gaithersburg, Maryland, and laboratories in Boulder, Colorado. • Employs around 6,000 employees and associates. Computer Security Division (CSD) conducts research, development and outreach necessary to provide standards and guidelines, mechanisms, tools, metrics and practices to protect nation's information and information systems. 2 CSD Publications • Federal Information Processing Standards (FIPS): Specify approved crypto standards. • NIST Special Publications (SPs): Guidelines, technical specifications, recommendations and reference materials, including multiple sub-series. • NIST Internal or Interagency Reports (NISTIR): Reports of research findings, including background information for FIPS and SPs. • NIST Information Technology Laboratory (ITL) Bulletins: Monthly overviews of NIST's security and privacy publications, programs and projects. 3 Standard Development Process • International \competitions": Engage community through an open competition (e.g., AES, SHA-3, PQC, Lightweight Crypto). • Adoption of existing standards: Collaboration with accredited standards organizations (e.g., RSA, HMAC). • Open call for proposals: Ongoing open invitation (e.g., modes of operations). • Development of new algorithms: if no suitable standard exists (e.g., DRBGs).
    [Show full text]
  • CS228 Logic for Computer Science 2020 Lecture 7: Conjunctive
    CS228 Logic for Computer Science 2020 Lecture 7: Conjunctive Normal Form Instructor: Ashutosh Gupta IITB, India Compile date: 2020-02-01 cbna CS228 Logic for Computer Science 2020 Instructor: Ashutosh Gupta IITB, India 1 Removing ⊕, ), and ,. We have seen equivalences that remove ⊕, ), and , from a formula. I (p ) q) ≡ (:p _ q) I (p ⊕ q) ≡ (p _ q) ^ (:p _:q) I (p , q) ≡ :(p ⊕ q) In the lecture, we will assume you can remove them at will. Commentary: Note that removal of ⊕ and , blows up the formula size. Their straight up removal is not desirable. cbna CS228 Logic for Computer Science 2020 Instructor: Ashutosh Gupta IITB, India 2 Topic 7.1 Negation normal form cbna CS228 Logic for Computer Science 2020 Instructor: Ashutosh Gupta IITB, India 3 Negation normal form(NNF) Definition 7.1 A formula is in NNF if : appears only in front of the propositional variables. Theorem 7.1 For every formula F , there is a formula F 0 in NNF such that F ≡ F 0. Proof. Due to the equivalences, we can always push : under the connectives I Often we assume that the formulas are in NNF. I However, there are negations hidden inside ⊕, ), and ,. Sometimes, the symbols are also expected to be removed while producing NNF Exercise 7.1 Write an efficient algorithm to convert a propositional formula to NNF? Commentary: In our context, we will not ask one to remove e ⊕, ), and , during conversion to NNF. cbna CS228 Logic for Computer Science 2020 Instructor: Ashutosh Gupta IITB, India 4 Example :NNF Example 7.1 Consider :(q ) ((p _:s) ⊕ r)) ≡ q ^ :((p _:s) ⊕ r) ≡ q ^ (:(p _:s) ⊕ r) ≡ q ^ ((:p ^ ::s) ⊕ r) ≡ q ^ ((:p ^ s) ⊕ r) Exercise 7.2 Convert the following formulas into NNF I :(p ) q) I :(:((s ):(p , q))) ⊕ (:q _ r)) Exercise 7.3 Remove ), ,, and ⊕ before turning the above into NNF.
    [Show full text]
  • Algebraic and Logic Solving Methods for Cryptanalysis Jan Horácek
    DISSERTATION Algebraic and Logic Solving Methods for Cryptanalysis Submitted to the Faculty of Computer Science and Mathematics of the University of Passau in Partial Fulfillment of the Requirements for the Degree of Doctor of Natural Sciences Jan Hor´aˇcek Advisor: Prof. Dr. Martin Kreuzer Chair of Symbolic Computation, University of Passau External Referee: Prof. Dr. Armin Biere Institute for Formal Models and Verification, Johannes Kepler University Linz Passau, June 2019 Abstract Algebraic solving of polynomial systems and satisfiability of propositional logic for- mulas are not two completely separate research areas, as it may appear at first sight. In fact, many problems coming from cryptanalysis, such as algebraic fault attacks, can be rephrased as solving a set of Boolean polynomials or as deciding the satisfiability of a propositional logic formula. Thus one can analyze the security of cryptosystems by ap- plying standard solving methods from computer algebra and SAT solving. This doctoral thesis is dedicated to studying solvers that are based on logic and algebra separately as well as integrating them into one such that the combined solvers become more powerful tools for cryptanalysis. This disseration is divided into three parts. In this first part, we recall some theory and basic techniques for algebraic and logic solving. We focus mainly on DPLL-based SAT solving and techniques that are related to border bases and Gr¨obnerbases. In particular, we describe in detail the Border Basis Algorithm and discuss its specialized version for Boolean polynomials called the Boolean Border Basis Algorithm. In the second part of the thesis, we deal with connecting solvers based on algebra and logic.
    [Show full text]
  • 1 Compositions and Clones of Boolean Functions 5
    Cambridge University Press 978-0-521-84752-0 - Boolean Models and Methods in Mathematics, Computer Science, and Engineering Edited by Yves Crama and Peter L. Hammer Excerpt More information Part I Algebraic Structures © in this web service Cambridge University Press www.cambridge.org Cambridge University Press 978-0-521-84752-0 - Boolean Models and Methods in Mathematics, Computer Science, and Engineering Edited by Yves Crama and Peter L. Hammer Excerpt More information 1 Compositions and Clones of Boolean Functions Reinhard Poschel¨ and Ivo Rosenberg 1.1 Boolean Polynomials The representations of Boolean functions are frequently based on the fundamental operations {∨, ∧, }, where the disjunction x ∨ y represents the logical OR, the conjunction x ∧ y represents the logical AND and is often denoted by x · y or simply by the juxtaposition xy, and x stands for the negation, or complement, of x and is often denoted by x. This system naturally appeals to logicians and, for some reasons, also to electrical engineers, as illustrated by many chapters of this volume and by the monograph [7]. Its popularity may be explained by the validity of many identities or laws: for example, the associativity, commutativity, idempotence, distributive, and De Morgan laws making B :=B; ∨, ∧, , 0, 1 a Boolean algebra, where B ={0, 1}; in fact, B is the least nontrivial Boolean algebra. It is natural to ask whether there is a system of basic Boolean functions other than {∨, ∧, }, but equally powerful in the sense that each Boolean function may be represented over this system. To get such a system, we introduce the following binary (i.e., two-variable) Boolean function +˙ defined by setting x+˙ y = 0ifx = y and x+˙ y = 1ifx = y; its truth table is xyx+˙ y 00 0 01 1 10 1 11 0 Clearly x+˙ y = 1 if and only if the arithmetical sum x + y is odd, and for this reason +˙ is also referred to as the sum mod 2.
    [Show full text]
  • Combinatorics in Algebraic and Logical Cryptanalysis Monika Trimoska
    Combinatorics in Algebraic and Logical Cryptanalysis Monika Trimoska To cite this version: Monika Trimoska. Combinatorics in Algebraic and Logical Cryptanalysis. Cryptography and Security [cs.CR]. Université de Picardie - Jules Verne, 2021. English. tel-03168389 HAL Id: tel-03168389 https://hal.archives-ouvertes.fr/tel-03168389 Submitted on 13 Mar 2021 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Th`ese de Doctorat Mention Informatique pr´esent´ee`al'Ecole´ Doctorale en Sciences, Technologie, Sant´e(ED 585) `al'Universit´ede Picardie Jules Verne par Monika Trimoska pour obtenir le grade de Docteur de l'Universit´ede Picardie Jules Verne Combinatorics in Algebraic and Logical Cryptanalysis Soutenue le 14 janvier 2021 apr`esavis des rapporteurs, devant le jury d'examen : Antoine Joux, Professeur Pr´esident Pierrick Gaudry, Directeur de Recherche Rapporteur Laurent Simon, Professeur Rapporteur Martin R. Albrecht, Professeur Examinateur Laure Brisoux Devendeville, Ma^ıtrede Conf´erences Examinateur Gilles Dequen, Professeur Directeur de th`ese Sorina Ionica, Ma^ıtrede Conf´erences Co-encadrant Cette th`esea ´et´eeffecut´eedans le cadre du projet CASSPair. Le projet CASSPair est cofinanc´epar l'Union europ´eenneavec le Fonds europ´eende d´eveloppement r´egional.
    [Show full text]
  • 2020-CS228-CNF-Slides
    CS228 Logic for Computer Science 2020 Lecture 7: Conjunctive Normal Form Instructor: Ashutosh Gupta IITB, India Compile date: 2020-08-21 cbna CS228 Logic for Computer Science 2020 Instructor: Ashutosh Gupta IITB, India 1 Normal forms I Grammar of propositional logic is too complex. I If one builds a tool, one will prefer to handle fewer connectives and simpler structure I We transform given formulas into normal forms before handling them. Commentary: Building a software for handling formulas with the complexity is undesirable. We aim to reduce the complexity by applying transformations to obtain a normalized form. The normalization results in standardization and interoperability of tool. cbna CS228 Logic for Computer Science 2020 Instructor: Ashutosh Gupta IITB, India 2 Removing ⊕, ), and ,. Please note the following equivalences that remove ⊕, ), and , from a formula. I (p ) q) ≡ (:p _ q) I (p ⊕ q) ≡ (p _ q) ^ (:p _:q) I (p , q) ≡ :(p ⊕ q) For the ease of presentation, we will assume you can remove them at will. Commentary: Removing ) is common and desirable. The removal of ⊕ and ,, however, blows up the formula size. Their straight up removal is not desirable. We can avoid the blow up in some contexts. However, in our presentation we will skip the issue. cbna CS228 Logic for Computer Science 2020 Instructor: Ashutosh Gupta IITB, India 3 Topic 7.1 Negation normal form cbna CS228 Logic for Computer Science 2020 Instructor: Ashutosh Gupta IITB, India 4 Negation normal form(NNF) Definition 7.1 A formula is in NNF if : appears only in front of the propositional variables.
    [Show full text]
  • Propositional Logic for Knowledge Representation and Formalization of Reasoning
    Propositional Logic for Knowledge Representation and Formalization of Reasoning Kurdman Abdulrahman Rasol Submitted to the Institute of Graduate Studies and Research in partial fulfillment of the requirements for the degree of Master of Science in Applied Mathematics and Computer Science Eastern Mediterranean University June 2017 Gazimağusa, North Cyprus Approval of the Institute of Graduate Studies and Research Prof. Dr. Mustafa Tümer Director I certify that this thesis satisfies the requirements as a thesis for the degree of Master of Science in Applied Mathematics and Computer Science. Prof. Dr. Nazim Mahmudov Chair, Department of Mathematics We certify that we have read this thesis and that in our opinion it is fully adequate in scope and quality as a thesis for the degree of Master of Science in Applied Mathematics and Computer Science. Prof. Dr. Rashad Aliyev Supervisor Examining Committee 1. Prof. Dr. Rashad Aliyev 2. Asst. Prof. Dr. Ersin Kuset Bodur 3. Asst. Prof. Dr. Müge Saadetoğlu ABSTRACT The purpose of this master thesis is to investigate the basic concepts of propositional logic for knowledge representation and formalization of reasoning in Artificial Intelligence. The different properties of logical propositions are discussed. The basic and derived logical connectives are used to establish the compound statements, and the truth tables are constructed to investigate the properties of logical connectives. Such propositions as tautology, satisfiability, contradiction, contingency, logical entailment and logical equivalence are analyzed. Three algebraic normal forms - negation normal form, disjunctive normal form and conjunctive normal form are studied. Horn clauses are implemented. Two forms of valid inferences as modus ponens and modus tollens are considered.
    [Show full text]
  • Neural Networks As Universal Approximators, and the Issue of Depth 3 2.1 the Perceptron Revisited
    Contents Part I: Introductory Block 1 2 Neural networks as universal approximators, and the issue of depth 3 2.1 The perceptron revisited . 3 2.2 Deep structures and the concept of depth . 6 2.2.1 The formal notion of depth . 6 2.2.2 The multi-layer perceptron . 8 2.3 MLPs as approximate functions . 10 2.4 MLPs as universal Boolean functions . 11 2.4.1 The perceptron as a Boolean gate . 11 2.4.2 Reducing the Boolean function . 18 2.4.3 Width of a one-hidden-layer Boolean MLP . 24 2.4.4 Size of a deep MLP . 25 2.4.5 The challenge of depth . 28 2.4.6 The actual number of parameters in the network . 28 2.4.7 Depth vs size in Boolean circuits . 30 2.5 MLPs as universal classifiers . 33 2.5.1 Composing an arbitrarily shaped decision boundary . 40 2.6 MLPs as universal approximators . 49 2.7 The issue of depth . 53 2.8 RBF networks: a brief introduction . 60 i List of Figures 2.1 Recap: Threshold logic in a perceptron . 5 2.2 Examples of some activation functions . 6 2.3 The concept of layering and deep layering in a network of per- ceptrons . 7 2.4 Explaining the notion of depth in deep structures . 8 2.5 Explaining the notion of depth in MLPs . 9 2.6 Examples of Boolean and continuous valued functions modeled by an MLP . 10 2.7 AND, NOT and OR gates modeled by a perceptron . 11 2.8 Generalized gates modeled by a perceptron .
    [Show full text]
  • Efficiently Representing the Integer Factorization Problem Using Binary Decision Diagrams" (2017)
    Utah State University DigitalCommons@USU All Graduate Plan B and other Reports Graduate Studies 8-2017 Efficientlyepr r esenting the integer factorization problem using binary decision diagrams David Skidmore Utah State University Follow this and additional works at: https://digitalcommons.usu.edu/gradreports Part of the Algebra Commons, Discrete Mathematics and Combinatorics Commons, Information Security Commons, Number Theory Commons, Other Computer Sciences Commons, and the Other Mathematics Commons Recommended Citation Skidmore, David, "Efficiently representing the integer factorization problem using binary decision diagrams" (2017). All Graduate Plan B and other Reports. 1043. https://digitalcommons.usu.edu/gradreports/1043 This Creative Project is brought to you for free and open access by the Graduate Studies at DigitalCommons@USU. It has been accepted for inclusion in All Graduate Plan B and other Reports by an authorized administrator of DigitalCommons@USU. For more information, please contact [email protected]. Efficiently representing the integer factorization problem using binary decision diagrams David Skidmore 29 April 2017 Abstract Let p be a prime positive integer and let α be a positive integer greater than 1. A method is given to reduce the problem of finding a nontrivial factorization of α to the problem of finding a solution to a system of modulo p polynomial congruences where each variable in the system is constrained to the set f0; : : : ; p − 1g. In the case that p = 2 it is shown that each polynomial in the system can be represented by an ordered binary decision diagram with size less than 3 2 20:25 log2(α) + 16:5 log2(α) + 6 log2(α) whereas previous work on the subject has only produced systems in which at least one of the polynomials has an ordered binary decision diagram representation with size exponential in log2(α).
    [Show full text]
  • Boolean Functions and Boolean Maps
    Boolean Functions, Boolean Maps, and Boolean Circuits Klaus Pommerening Fachbereich Physik, Mathematik, Informatik der Johannes-Gutenberg-Universit¨at Saarstraße 21 D-55099 Mainz February 2, 2003|English version August 30, 2003 last change March 6, 2021 1 Elementary Operations on Bits On the lowest software level computers process bits or groups of bits. Ex- amples of such groups are bytes that usually consist of 8 bits, or \words", usually 32 or 64 bits, depending on the processor architecture. Bits have a logical interpretation as truth values \true" (T) or \false" (F). They also have an algebraic interpretation as values 0 (corresponding to F) or 1 (corresponding to T). As mathematical objects they are elements of the two element set f0; 1g, denoted by F2. This notation comes from the algebraic context: Consider the residue class ring of Z modulo 2. This ring has two elements and is a field since 2 is a prime number. Addition in this field is the same as the logical operation XOR, multiplication is the same as the logical operation AND, see Table 1. The algebraic structure as field is of fundamental importance in Cryp- tography. Therefore, as usual in Algebra, we use the notation Fq for finite fields where q is the number of elements (often also written as GF(q) for \Galois Field"). In this context we also use the algebraic symbols + (for XOR), and · (for AND) for the operations, and often omit the multiplica- tion dot. Cryptographers sometimes like to use the symbols ⊕ and ⊗ that unfortunately have a quite different meaning in Mathematics (direct sum or tensor product of vector spaces).
    [Show full text]
  • New Techniques for Handling Quantifiers in Boolean and First
    IT Licentiate theses 2016-012 New Techniques for Handling Quantifiers in Boolean and First-Order Logic PETER BACKEMAN UPPSALA UNIVERSITY Department of Information Technology New Techniques for Handling Quantifiers in Boolean and First-Order Logic Peter Backeman [email protected] December 2016 Division of Computer Systems Department of Information Technology Uppsala University Box 337 SE-751 05 Uppsala Sweden http://www.it.uu.se/ Dissertation for the degree of Licentiate of Philosophy in Computer Science c Peter Backeman 2016 ISSN 1404-5117 Printed by the Department of Information Technology, Uppsala University, Sweden u Abstract The automation of reasoning has been an aim of research for a long time. Already in 17th century, the famous mathematician Leibniz invented a mechanical calculator capable of performing all four basic arithmetic operators. Although automatic reas- oning can be done in di↵erent fields, many of the procedures for automated reasoning handles formulas of first-order logic. Examples of use cases includes hardware verification, program analysis and knowledge representation. One of the fundamental challenges in first-order logic is hand- ling quantifiers and the equality predicate. On the one hand, SMT-solvers (Satisfiability Modulo Theories) are quite efficient at dealing with theory reasoning, on the other hand they have limited support for complete and efficient reasoning with quanti- fiers. Sequent, tableau and resolution calculi are methods which are used to construct proofs for first-order formulas, and can use more efficient techniques to handle quantifiers. Unfortunately, in contrast to SMT, handling theories is more difficult. In this thesis we investigate methods to handle quantifiers by re- stricting search spaces to finite domains, explorable in a system- atic manner.
    [Show full text]