### 2020编码密码研讨会

2020编码密码研讨会

2020.9.19-20

南京航空航天大学组织者：曹喜望  岳勤  朱小萌

 9月19日上午，5个报告，腾讯会议号：999 418 234, 密码:111111 8：00-8：10致欢迎词 时间 报告人 报告题目 主持人 8：10-8：50 冯克勤 二元序列的2-adic复杂度 邢朝平 8：50-9：30 丁存生 The Linear Codes of T-designs Held in the Reed-Muller and Simplex Codes 邢朝平 9：30-10：10 冯荣权 Perfect Codes in Circulant Graphs 邢朝平 10：10-10：30 休息 10：30-11：10 邢朝平 Asymptotically Good Multiplicative LSSS over GaloisRings and Applications to MPC over Z/p^kZ 冯克勤 11：10-11：50 施敏加 How many weights can a quasi-cyclic code have ? 冯克勤 午休 9月19日下午，5个报告，腾讯会议号：999 418 234, 密码:111111 2：00-2：40 陈  豪 子空间编码的几种构造 王丽萍 2：40-3：20 胡  磊 分组密码算法的抗侧信道实现 王丽萍 3：20-4：00 李超 回旋棒均匀度新的刻画与特征 王丽萍 4：00-4：20 休息 4：20-5：00 唐春明 安全多方计算的设计 陈豪 5：00-5：40 周正春 Sequence Design for IEEE 802.11 Standards 陈豪

 9月20日上午，5个报告，腾讯会议号：138 745 712, 密码:111111 时间 报告人 报告题目 主持人 8：10-8：50 唐小虎 A new Capacity-Achieving Private Information Retrieval Scheme with (Almost) Optimal File Length for Coded Servers 刘宏伟 8：50-9：30 曾祥勇 A Class of Quadrinomial Permutations with Boomerang Uniformity Four 刘宏伟 9：30-10：10 屈龙江 Further Study of Planar Functions in Characteristic Two 刘宏伟 10：10-10：30 休息 10：30-11：10 王丽萍 A code-based blind signature 唐小虎 11：10-11：50 刘宏伟 Generalized pair weights of linear codes and pair r-equiweight codes 唐小虎 午休 9月20日下午，5个报告，腾讯会议号：138 745 712, 密码:111111 2：00-2：40 符方伟 Optimal cyclic (r,δ) locally repairable codes with unbounded length 林东岱 2：40-3：20 曹永林 Left dihedral codes over Galois rings ${\rm GR}(p^2,m)$ 林东岱 3：20-4：00 林富春 抵抗全局泄漏的秘密共享方案 林东岱 4：00-4：20 休息 4：20-5：00 林东岱 Correlation cube attack 符方伟 5：00-5：40 罗金权 Packing sets of residue rings 符方伟 5：40-5：50 总结讲话

The linear codes of t-designs held in the Reed-Muller and Simplex codes

Abstract

A fascinating topic of combinatorics is t-designs, which have a very long history. The incidence matrix of a t-design generates a linear code over GF(q) for any prime power q, which is called the linear code of the t-design over GF(q). On the other hand, some linear codes hold t-designs for some t ≥ 1. In this talk, we will study the linear codes of some t-designs held in the Reed-Muller and Simplex codes. Some general theory for the linear codes of t-designs held in linear codes and open problems will be presented. This is a joint work with Chunming Tang.

Perfect Codes in Circulant Graphs

Abstract

A perfect code in a graph Γ=(V,E) is a subset C of V that is an independent set such that every vertex in V\C is adjacent to exactly one vertex in C. A total perfect coed in Γ is a subset C of V such that every vertex of V is adjacent to exactly one vertex in C. A perfect code in the Hamming graph H(n,q) agrees with a q-ary perfect 1-code of length n in the classical setting. A necessary and sufficient condition for a circulant graph of of degree p−1 to admit a perfect code is given in this talk, where p is an odd prime. We also obtain a necessary and sufficient condition for a circulant graph of order n and degree pl−1 to have a perfect code , where p is a prime and pl the largest power of p dividing n. Similar results for total perfect codes are also obtained.

Asymptotically Good Multiplicative LSSS over Galois Rings and Applications to MPC over Z/p^kZ

Abstract

Due to practical need of implementation, we require to conduct secure multiparty computations over the Galois ring Z/p^kZ. In this talk, we briefly introduce some results on linear codes over Z/p^kZ and linear secret sharing schemes associated with such codes. We also show how the linear secret sharing schemes over Z/p^kZ are used in secure multiparty computations. This is a joint work with R. Cramer et al.

How many weights can a quasi-cyclic code have ?

Abstract

We investigate the largest number of nonzero weights of quasi-cyclic codes. In particular, we focus on the function $\Gamma_Q(n,\ell,k,q),$ that is defined to be the largest number of nonzero weights a quasi-cyclic code of index  $\gcd(\ell,n)$, length $n$ and  dimension $k$ over $\Fq$ can have, and connect it to similar functions related to linear and cyclic codes. We provide several upper and lower bounds on this function, using different techniques and studying its asymptotic behavior. Moreover, we determine the smallest index for which a $q$-ary Reed-Muller code is quasi-cyclic, a result of independent interest.

A code-based blind signature

Abstract

The coding-based cryptography has been extensively concerned because of resistance to quantum attacks. To protect the anonymity of message, blind signature is widely used in Internet banking and e- voting. In this paper, we propose the first new code-based blind signature scheme. The message owner uses hash and blind factors to blind message, and the signer uses Durandal signature scheme to sign the message and sends it back to the owner. Then, the message owner obtains the unblind signature by using blind factors. Finally, we provide the security proof of our scheme in the random oracle model.

Sequence Design for IEEE 802.11 Standards

Abstract

In this talk, we shall give a short introduction to the history of IEEE 802.11 Standards for WIFI. We will focus on the problems on sequence design for such standards and introduce our recent results.

A new Capacity-Achieving Private Information Retrieval Scheme with (Almost) Optimal File Length for Coded Servers

A Class of Quadrinomial Permutations with Boomerang Uniformity Four

Abstract

In Eurocrypt'18, Cid et al. proposed a new cryptanalysis tool called Boomerang Connective Table (BCT), to evaluate S-boxes of block ciphers. Later, Boura and Canteaut further investigated} the new parameter Boomerang uniformity for cryptographic S-boxes. It is of great interest to find new S-boxes with low Boomerang uniformity for even dimensions. In this topic, we discuss and prove that a class of permutation quadrinomials over F_{2^{2m}} with m odd has Boomerang uniformity four, which gives the fifth class of red such kind of permutation polynomials. Further, the occurrences of0and4in the BCTs of the investigated permutation polynomials are also completely determined.

Further Study of Planar Functions in Characteristic Two

Abstract

Planar functions are of great importance in the constructions of DES-like iterated ciphers, error-correcting codes, signal sets and the area of mathematics.They are defined over finite fields of odd characteristic originally and generalized by Y. Zhou in even characteristic. In 2016, L. Qu proposed a new approach to constructing quadratic planar functions over $\F_{2^n}$.Very recently, D. Bartoli and M. Timpanella characterized the condition on coefficients $a,b$ such that the function $f_{a,b}(x)=ax^{2^{2m}+1}+bx^{2^m+1} \in\F_{2^{3m}}[x]$ is a planar function over $\F_{2^{3m}}$ by the Hasse-Weil bound.In this paper, using the Lang-Weil bound, a generalization of the Hasse-Weil bound, and the new approach introduced by L. Qu, we completely characterize the necessary and sufficient conditions on coefficients of four classes of planar functions over $\F_{q^k}$, where $q=2^m$ with $m$ sufficiently large.The first and last classes of them are over $\F_{q^2}$ and $\F_{q^4}$ respectively, while the other two classes are over $\F_{q^3}$. One class over $\F_{q^3}$ is an extension of $f_{a,b}(x)$ investigated by D. Bartoli and M. Timpanella, while our proofs seem to be much simpler. In addition, although the planar  binomial over $\F_{q^2}$ of our results is finally a known planar monomial, we also answer the necessity at the same time and solve partially an open problem for the binomial case.

Correlation cube attack

Abstract

In this talk, we will describe a new variant of cube attacks calledcorrelation cube attack.The new attack recovers the secret key of a cryptosystemby exploiting conditional correlation properties between thesuperpoly of a cube and a specific set of low-degree polynomials that wecall a basis, which satisfies that the superpoly is a zero constant when allthe polynomials in the basis are zeros.We present a detailed procedure ofcorrelation cube attack for the general case, including how to find a basisof the superpoly of a given cube. One of the most significant advantagesof this new analysis technique over other variants of cube attacks is that itconverts from a weak-key distinguisher to a key recovery attack.

Optimal cyclic (r,δ) locally repairable codes with unbounded length

Locally repairable codes with locality r (r-LRCs for short) were introduced by Gopalan et al. to recover a failed node of the code from at most other r available nodes. And then (r, δ)-locally repairable codes ((r, δ)-LRCs for short) were produced by Prakash et al. for tolerating multiple failed nodes. An r-LRC can be viewed as an (r, 2)­LRC. An (r, δ)-LRC is called optimal if it achieves the Singleton-type bound. It has been a great challenge to construct q-ary optimal (r, δ)-LRCs with length much larger than q. Surprisingly, Luo et al. presented a construction of q-ary optimal r-LRCs of minimum dis­tances 3 and 4 with unbounded lengths (i.e., lengths of these codes are independent of q) via cyclic codes. In this paper, inspired by the work of [3], we ﬁrstly construct two classes of optimal cyclic (r, δ)-LRCs with unbounded lengths and minimum distances δ+1 or δ+2, which generalize the results about the δ = 2 case given in [3]. Secondly, with a slightly stronger condition, we present a construction of optimal cyclic (r, δ)-LRCs with unbounded length and larger minimum distance 2δ. Furthermore, when δ = 3, we give another class of optimal cyclic (r, 3)-LRCs with unbounded length and minimum distance 6. This is a joint research work with Dr. Weijun Fang.

Left dihedral codes over Galois rings ${\rm GR}(p^2,m)$

Abstract

Let $D_{2n}=\langle x,y\mid x^n=1, y^2=1, yxy=x^{-1}\rangle$ be a dihedral group, and $R={\rm GR}(p^2,m)$ be a Galois ring of characteristic $p^2$ and cardinality $p^{2m}$ where $p$ is a prime. Left ideals of the group ring $R[D_{2n}]$ are calledleft dihedral codes over $R$ of length $2n$, and abbreviated as left $D_{2n}$-codes over $R$. Let ${\rm gcd}(n,p)=1$. Then any left $D_{2n}$-code over $R$ is uniquely decomposed into a direct sum of concatenated codes with inner codes ${\cal A}_i$ and outer codes $C_i$, where ${\cal A}_i$ is a cyclic code over $R$ of length $n$ and $C_i$ is a skew cyclic code of length $2$ over a Galois ring or principal ideal ring extension of $R$. In particaular, a generator matrix and basic parameters for each outer code $C_i$ are given. A formula to count the number of these codes is obtained and the dual code for each left $D_{2n}$-code is determined. Moreover, all self-dual left $D_{2n}$-codes and self-orthogonal left $D_{2n}$-codes over $R$ are presented.

2000年晋升教授，2001年评为全国优秀教师、山东省中青年学术骨干。担任山东省代数学会常务理事，淄博市数学学会理事长，《系统科学与数学》第八届编委。在国际和国内学术期刊发表论文80多篇、其中SCI检索40多篇，多次出席国内和国际学术会议并作报告。参加完成国家自然科学基金项目4项，主持完成山东省自然科学基金和中科院数学机械化中心开放课题等多项，目前主持2017年至2020年的国家自然科学基金面上项目。

Generalized pair weights of linear codes and pair $r$-equiweight codes

Abstract

In this talk, we introduce the notion of generalized pair weights of linear codes over finite fields.  This concept may have some potential applications in crypography when the message is transfered in symbol-pair read channels. We first characterize  some basic properties of generalized pair weights of linear codes. Then, for an $[n,k]$-linear code over the finite field $F_q$, we introduce the notion of pair $r$-equiweight codes, where $1\le r\le k-1$. The pair $1$-equiweight code is called the pair equiweight code. A necessary and sufficient condition for an $[n,k]$-linear code to be a pair equiweight code is obtained. For any $1\le r\l k-1$, the properties of pair $r$-equiweight codes are derived.

Packing sets of residue rings

Abstract

In this talk we will investigate bounds on packing sets over residue rings. In particular, maximal size of some packing sets is determined. These sets can be applied to construct flash memory codes which can correct limited magnitude of errors.