https://boolean.h.uib.no/mediawiki/api.php?action=feedcontributions&user=129.177.123.137&feedformat=atomBoolean Functions - User contributions [en]2021-10-24T10:00:46ZUser contributionsMediaWiki 1.31.1https://boolean.h.uib.no/mediawiki/index.php?title=Main_Page&diff=191Main Page2019-02-11T16:18:25Z<p>129.177.123.137: </p>
<hr />
<div>The following pages aim to provide a broad overview of topics that are of interest to researchers in the fields of Boolean functions and cryptography, including information on past and upcoming events, lists of useful books and other publications, and, last but not least, an encyclopedia of Boolean functions giving an overview of known results and research topics in the field.<br />
<br />
== Useful pages ==<br />
* [[People in Boolean Functions ]]<br />
* [[Books on Boolean Functions]]<br />
* [[Papers on Boolean Functions]]<br />
* [[Conferences in Boolean Functions]]<br />
* [[Tables]]<br />
* [[Magma Code]]<br />
<br />
== Encyclopedia of Boolean Functions ==<br />
* [[Vectorial Boolean Functions]]<br />
** [[Bent Functions]]<br />
** [[Almost Bent Functions]]<br />
** [[Almost Perfect Nonlinear (APN) Functions ]]<br />
*** [[APN Permutations]]<br />
** [[Plateaued Functions]]<br />
* [[Nonlinearity]]</div>129.177.123.137https://boolean.h.uib.no/mediawiki/index.php?title=Under_construction&diff=115Under construction2019-01-15T11:49:46Z<p>129.177.123.137: </p>
<hr />
<div>This page contains a list of all pages that are currently under construction (and should not be accessible from the main site):<br />
<br />
From the main part:<br />
* [[Notation]]<br />
<br />
From the encyclopedia part:<br />
* [[Boolean Functions]]<br />
* [[Equivalence Relations on Boolean Functions]]<br />
* [[Classes of Cryptographically Optimal Functions]]<br />
* [[Almost Perfect Nonlinear (APN) Functions ]]<br />
** [[APN Permutations]]<br />
* [[Almost Bent (AB) Functions]]</div>129.177.123.137https://boolean.h.uib.no/mediawiki/index.php?title=Main_Page&diff=108Main Page2019-01-14T16:07:20Z<p>129.177.123.137: </p>
<hr />
<div><br />
<br />
== Useful pages ==<br />
* [[People in Boolean Functions ]]<br />
* [[Books on Boolean Functions]]<br />
* [[Papers on Boolean Functions]]<br />
* [[Conferences in Boolean Functions]]<br />
* [[Tables]]<br />
<br />
== Encyclopedia of Boolean Functions ==<br />
* [[Vectorial Boolean Functions]]</div>129.177.123.137https://boolean.h.uib.no/mediawiki/index.php?title=Vectorial_Boolean_Functions&diff=58Vectorial Boolean Functions2018-12-30T21:18:23Z<p>129.177.123.137: </p>
<hr />
<div>= Introduction =<br />
Let <math>\mathbb{F}_2^n</math> be the vector space of dimension <math>n</math> over the finite field <math>\mathbb{F}_2</math> with two elements. Functions from <math>\mathbb{F}_2^n</math> to <math>\mathbb{F}_2^m</math> are called <span class="definition"><math>(n,m)</math>-functions</span> or simply <span class="definition">vectorial Boolean functions</span> when the dimensions of the vector spaces are implicit or irrelevant.<br />
<br />
Any <math>(n,m)</math>-function <math>F</math> can be written as a vector <math>F = (f_1, f_2, \ldots f_n)</math> of <math>m</math>-dimensional [[Boolean functions]] <math>f_1, f_2, \ldots f_n</math> which are called the <span class="definition">coordinate functions</span> of <math>F</math>.<br />
<br />
== Cryptanalytic attacks ==<br />
Vectorial Boolean functions, also referred to as "S-boxes", or "Substitution boxes", in the context of cryptography, are a fundamental building block of block ciphers and are crucial to their security: more precisely, the resistance of the block cipher to cryptanalytic attacks directly depends on the properties of the S-boxes used in its construction.<br />
<br />
The main types of cryptanalytic attacks that result in the definition of design criteria for S-boxes are the following:<br />
* the differential attack introduced by Biham and Shamir; to resist it, an S-box must have low [[differential uniformity]];<br />
* the linear attack introduced by Matsui; to resist it, an S-box must have high [[nonlinearity]];<br />
* the higher order differential attack; to resist it, an S-box must have high [[algebraic degree]];<br />
* the interpolation attack; to resist it, the univariate representation of an S-box must have high degree, and its distance to the set of low univariate degree functions must be large;<br />
* algebraic attacks.<br />
<br />
= Generalities on Boolean functions =<br />
<br />
== Walsh transform ==<br />
<br />
The <span class="definition">Walsh transform</span> of <math>F : \mathbb{F}_2^n \rightarrow \mathbb{F}_2^m</math> is the integer-valued function <math>W_F : \mathbb{F}_2^n \times \mathbb{F}_2^m</math> defined by<br />
<br />
<div class="equation><math><br />
W_F(u,v) = \sum_{x \in \mathbb{F}_2^n} (-1)^{v \cdot F(x) + u \cdot x}<br />
</math></div><br />
<br />
It can be observed that the Walsh transform of some <math>F</math> is in fact the Fourier transform of the indicator of its graph, i.e. the Fourier transform of the function <math>1_{G_F}</math> defined as<br />
<div class="equation><math><br />
1_{G_F}(x,y) = \begin{cases}<br />
1 & F(x) = y \\<br />
0 & F(x) \ne y.<br />
\end{cases}<br />
</math></div><br />
<br />
The <span class="definition">Walsh spectrum</span> of <math>F</math> is the multi-set of all the values of its Walsh transform for all pairs <math>(u,v) \in \mathbb{F}_2^n \times {\mathbb{F}_2^m}^*</math>. The <span class="definition">extended Walsh spectrum</span> of <math>F</math> is the multi-set of the absolute values of its Walsh transform, and the <span class="definition">Walsh support</span> of <math>F</math> is the set of pairs <math>(u,v)</math> for which <math>W_F(u,v) \ne 0</math>.<br />
<br />
== Representations ==<br />
<br />
Vectorial Boolean functions can be represented in a number of different ways.<br />
<br />
=== Algebraic Normal Form ===<br />
<br />
An <math>(n,m)</math>-function <math>F</math> can be uniquely represented as a polynomial with coefficients in <math>\mathbb{F}_2^m</math> of the form<br />
<br />
<div class="equation><math><br />
F(x)=\sum_{I \in {\cal P}(N)} a_I\, \left(\prod_{i\in I}x_i\right)=\sum_{I\in {\cal P}(N)} a_I\, x^I,<br />
</math></div><br />
<br />
where <math>{\cal P}(N)</math> is the power set of <math>N = \{ 1, \ldots, n \}</math> and the coefficients <math>a_I</math> belong to <math>\mathbb{F}_2^m</math>. This representation is known as the <span class="definition">algebraic normal form (ANF)</span> of <math>F</math>. The <span class="definition">algebraic degree</span> of <math>F</math>, denoted <math>d^\circ(F)</math> is then defined as the global degree of its ANF, i.e.<br />
<br />
<div class="equation><math><br />
d^\circ(F)=\ max \{|I|/\, a_I\neq (0,\dots ,0); I\in {\cal P}(N)\}<br />
</math></div><br />
<br />
and is equal to the maximal algebraic degree of the coordinate functions of <math>F</math>.<br />
<br />
=== Univariate Representation ===<br />
<br />
If we identify the vector space <math>\mathbb{F}_2^n</math> with the finite field <math>\mathbb{F}_{2^n}</math> with <math>2^n</math> elements, then any <math>(n,n)</math>-function can be uniquely represented as univariate polynomial over <math>\mathbb{F}_{2^n}</math> of degree at most <math>2^n-1</math> taking the form<br />
<br />
<div class="equation><math><br />
F(x)=\sum_{j=0}^{2^n-1}\delta_jx^j~,~~\delta_j\in \Bbb{F}_{2^n}.<br />
</math></div><br />
<br />
This is the <span class="definition">univariate representation</span> of <math>F</math>.<br />
<br />
The algebraic degree of <math>F</math> can be expressed using the 2-weight of the exponents of the univariate representation. Given a positive integer <math>j</math>, its <span class="definition">2-weight</span> is the number of summands in its representation as a sum of powers of two; that is, if we write <math>j = \sum_{i = 0}^{n-1} j_s \cdot 2^s</math> for <math>j_s \in \{0,1\}</math>, then its 2-weigt is <math>w_2(j) = \sum_{i = 0}^{n-1} j_s</math>. The <span class="definition">algebraic degree</span> of <math>F</math> can the be written as<br />
<br />
<div class="equation><math><br />
\max_{j=0,\dots ,2^n-1/\, \delta_j\neq 0}w_2(j).<br />
</math></div><br />
<br />
=== Multi-dimensional Walsh Transform ===<br />
<br />
TODO<br />
<br />
== Basic Properties of Vectorial Boolean Functions ==<br />
<br />
=== Balanced Functions ===<br />
<br />
An <math>(n,m)</math>-function <math>F</math> is called <span class="definition">balanced</span> if it takes every value of <math>\mathbb{F}_2^m</math> precisely <math>2^{n-m}</math> times. In particular, an <math>(n,n)</math>-function is balanced if and only if it is a permutation.<br />
<br />
<div class="proposition"><br />
An <math>(n,m)</math>-function <math>F</math> is balanced if and only if its component functions are balanced, i.e. if and only if <math>v \cdot F</math> is balanced for every <math>v \in {\mathbb{F}_2^m}^*</math>.<br />
<br />
=== Covering Sequences ===<br />
<br />
TODO<br />
<br />
=== Algebraic Immunity ===<br />
<br />
TODO</div>129.177.123.137https://boolean.h.uib.no/mediawiki/index.php?title=Main_Page&diff=46Main Page2018-12-20T17:47:55Z<p>129.177.123.137: </p>
<hr />
<div><br />
<br />
== Useful pages ==<br />
* [[Notation]]<br />
* [[People in Boolean Functions ]]<br />
* [[Books on Boolean Functions]]<br />
* [[Papers on Boolean Functions]]<br />
* [[Tables]]<br />
<br />
== Encyclopedia of Boolean Functions ==<br />
* [[Notation]]<br />
* [[Boolean Functions]]<br />
* [[Vectorial Boolean Functions]]<br />
** [[Equivalence Relations on Boolean Functions]]<br />
* [[Classes of Cryptographically Optimal Functions]]<br />
** [[Almost Perfect Nonlinear (APN) Functions ]]<br />
** [[Almost Bent (AB) Functions]]<br />
<br />
<br />
<strong>MediaWiki has been installed.</strong><br />
<br />
Consult the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents User's Guide] for information on using the wiki software.<br />
<br />
== Getting started ==<br />
* [https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:Configuration_settings Configuration settings list]<br />
* [https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:FAQ MediaWiki FAQ]<br />
* [https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce MediaWiki release mailing list]<br />
* [https://www.mediawiki.org/wiki/Special:MyLanguage/Localisation#Translation_resources Localise MediaWiki for your language]<br />
* [https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:Combating_spam Learn how to combat spam on your wiki]</div>129.177.123.137https://boolean.h.uib.no/mediawiki/index.php?title=People_in_Boolean_Functions&diff=5People in Boolean Functions2018-11-15T23:29:46Z<p>129.177.123.137: Created page with "* [http://ieeexplore.ieee.org/abstract/document/1683931/ On Almost Perfect Nonlinear Functions Over $\mathbb{F}_2^n$] ** T.P. Berger , A. Canteaut , P. Charpin , Y. Laigle-Cha..."</p>
<hr />
<div>* [http://ieeexplore.ieee.org/abstract/document/1683931/ On Almost Perfect Nonlinear Functions Over $\mathbb{F}_2^n$]<br />
** T.P. Berger , A. Canteaut , P. Charpin , Y. Laigle-Chapuy<br />
** We investigate some open problems on almost perfect nonlinear (APN) functions over a finite field of characteristic 2. We provide new characterizations of APN functions and of APN permutations by means of their component functions. We generalize some results of Nyberg (1994) and strengthen a conjecture on the upper bound of nonlinearity of APN functions. We also focus on the case of quadratic functions. We contribute to the current works on APN quadratic functions by proving that a large class of quadratic functions cannot be APN<br />
<br />
<br />
* [https://link.springer.com/chapter/10.1007/978-3-642-38348-9_24 New Links between Differential and Linear Cryptanalysis]<br />
** C. Blondeau, K. Nyberg<br />
** Recently, a number of relations have been established among previously known statistical attacks on block ciphers. Leander showed in 2011 that statistical saturation distinguishers are on average equivalent to multidimensional linear distinguishers. Further relations between these two types of distinguishers and the integral and zero-correlation distinguishers were established by Bogdanov et al. [6]. Knowledge about such relations is useful for classification of statistical attacks in order to determine those that give essentially complementary information about the security of block ciphers. The purpose of the work presented in this paper is to explore relations between differential and linear attacks. The mathematical link between linear and differential attacks was discovered by Chabaud and Vaudenay already in 1994, but it has never been used in practice. We will show how to use it for computing accurate estimates of truncated differential probabilities from accurate estimates of correlations of linear approximations. We demonstrate this method in practice and give the first instantiation of multiple differential cryptanalysis using the LLR statistical test on PRESENT. On a more theoretical side, we establish equivalence between a multidimensional linear distinguisher and a truncated differential distinguisher, and show that certain zero-correlation linear distinguishers exist if and only if certain impossible differentials exist.<br />
<br />
<br />
* [https://link.springer.com/article/10.1023%2FA%3A1008344232130?LI=true Codes, Bent Functions and Permutations Suitable For DES-like Cryptosystems]<br />
** C. Carlet, P. Charpin, V. Zinoviev<br />
** Almost bent functions oppose an optimum resistance to linear and differential cryptanalysis. We<br />
<br />
<br />
* [https://link.springer.com/chapter/10.1007/978-3-319-16277-5_5 Open Questions on Nonlinearity and on APN Functions]<br />
** C. Carlet<br />
** In a first part of the paper, we recall some known open questions on the nonlinearity of Boolean and vectorial functions and on the APN-ness of vectorial functions. All of them have been extensively searched and seem quite difficult. We also indicate related less well-known open questions. In the second part of the paper, we introduce four new open problems (leading to several related sub-problems) and the results which lead to them. Addressing these problems may be less difficult since they have not been much worked on.<br />
<br />
<br />
* [https://eprint.iacr.org/2017/516.pdf Characterizations of the differential uniformity of vectorial functions by the Walsh transform]<br />
** C. Carlet<br />
** TODO<br />
<br />
<br />
* [http://www.sciencedirect.com/science/article/pii/S0885064X03001158 Highly nonlinear mappings]<br />
** C. Carlet, C. Ding<br />
** Functions with high nonlinearity have important applications in cryptography, sequences and coding theory. The purpose of this paper is to give a well-rounded treatment of non-Boolean functions with optimal nonlinearity. We summarize and generalize known results, and prove a number of new results. We also present open problems about functions with high nonlinearity.<br />
<br />
<br />
* [https://link.springer.com/chapter/10.1007/BFb0053450 Links between differential and linear cryptanalysis]<br />
** F. Chabaud, S. Vaudenay<br />
** Linear cryptanalysis, introduced last year by Matsui, will most certainly open-up the way to new attack methods which may be made more efficient when compared or combined with differential cryptanalysis.<br />
<br />
<br />
* [https://link.springer.com/article/10.1007/s10623-008-9194-6 On the classification of APN functions up to dimension five]<br />
** M. Brinkmann, G. Leander<br />
** We classify the almost perfect nonlinear (APN) functions in dimensions 4 and 5 up to affine and CCZ equivalence using backtrack programming and give a partial model for the complexity of such a search. In particular, we demonstrate that up to dimension 5 any APN function is CCZ equivalent to a power function, while it is well known that in dimensions 4 and 5 there exist APN functions which are not extended affine (EA) equivalent to any power function. We further calculate the total number of APN functions up to dimension 5 and present a new CCZ equivalence class of APN functions in dimension 6.<br />
<br />
<br />
* [http://www.sciencedirect.com/science/article/pii/S1071579707000718 New families of quadratic almost perfect nonlinear trinomials and multinomials]<br />
** C. Bracken, E. Byrne, N. Markin, G. McGuire<br />
** We introduce two new infinite families of APN functions, one on fields of order $2^{2k}$ for $k$ not divisible by $2$, and the other on fields of order $2^{3k}$ for $k$ not divisible by $3$. The polynomials in the first family have between three and $k+2$ terms, the second family's polynomials have three terms.<br />
<br />
<br />
* [https://www.researchgate.net/publication/265815787_An_APN_permutation_in_dimension_six An APN permutation in dimension six]<br />
** KA Browning, JF Dillon, MT McQuistan, AJ Wolfe<br />
** TODO<br />
<br />
<br />
* [http://ieeexplore.ieee.org/abstract/document/4036450/ An infinite class of quadratic APN functions which are not equivalent to power mappings]<br />
** L. Budaghyan, C. Carlet, P. Felke, G. Leander<br />
** We exhibit an infinite class of almost perfect nonlinear quadratic polynomials from F2n to F2n (n ges 12, n divisible by 3 but not by 9). We prove that these functions are EA-inequivalent to any power function and that they are CCZ-inequivalent to any Gold function. In a forthcoming full paper, we shall also prove that at least some of these functions are CCZ-inequivalent to any Kasami function<br />
<br />
<br />
* [http://ieeexplore.ieee.org/abstract/document/4608957/ Two Classes of Quadratic APN Binomials Inequivalent to Power Functions]<br />
** L. Budaghyan, C. Carlet, G. Leander<br />
** This paper introduces the first found infinite classes of almost perfect nonlinear (APN) polynomials which are not Carlet-Charpin-Zinoviev (CCZ)-equivalent to power functions (at least for some values of the number of variables). These are two classes of APN binomials from F2n to F2n (for n divisible by 3, resp., 4). We prove that these functions are extended affine (EA)-inequivalent to any power function and that they are CCZ-inequivalent to the Gold, Kasami, inverse, and Dobbertin functions when n ges 12. This means that for n even they are CCZ-inequivalent to any known APN function. In particular, for n = 12,20,24, they are therefore CCZ-inequivalent to any power function.<br />
<br />
<br />
* [http://ieeexplore.ieee.org/abstract/document/4494676/ Classes of Quadratic APN Trinomials and Hexanomials and Related Structures]<br />
** L. Budaghyan, C. Carlet<br />
** A method for constructing differentially 4-uniform quadratic hexanomials has been recently introduced by J. Dillon. We give various generalizations of this method and we deduce the constructions of new infinite classes of almost perfect nonlinear quadratic trinomials and hexanomials from $F_{2^{2m}}$ to $F_{2^{2m}}$. We check for $m = 3$ that some of these functions are CCZ-inequivalent to power functions.<br />
<br />
<br />
* [http://ieeexplore.ieee.org/abstract/document/1603777/ New classes of almost bent and almost perfect nonlinear polynomials]<br />
** L. Budaghyan, C. Carlet, A. Pott<br />
** New infinite classes of almost bent and almost perfect nonlinear polynomials are constructed. It is shown that they are affine inequivalent to any sum of a power function and an affine function<br />
<br />
<br />
* [http://www.sciencedirect.com/science/article/pii/S1071579707000160 A new class of monomial bent functions]<br />
** A. Canteaut, P. Charpin, G. Kyureghyan<br />
** We study the Boolean functions $f_{\lambda}:\mathbb{F}_{2^n} \rightarrow \mathbb{F}_{2^n} ,n=6r$, of the form $f(x)=\Tr(\lambda x^d)$ with $d=2^{2r}+2^r+1$ and $\lambda \in \mathbb{F}_{2^n}$. Our main result is the characterization of those $\lambda$ for which $f_\lambda$ are bent. We show also that the set of these cubic bent functions contains a subset, which with the constantly zero function forms a vector space of dimension $2^r$ over $\mathbb{F}_2$. Further we determine the Walsh spectra of some related quadratic functions, the derivatives of the functions $f_\lambda$.<br />
<br />
<br />
* [http://www.sciencedirect.com/science/article/pii/S1071579708000622 Constructing new APN functions from known ones]<br />
** L. Budaghyan, C. Carlet, G. Leander<br />
** We present a method for constructing new quadratic APN functions from known ones. Applying this method to the Gold power functions we construct an APN function $x^3+\Tr(x^9)$ over $\mathbb{F}_{2^n}$. It is proven that for $n \ge 7$ this function is CCZ-inequivalent to the Gold functions, and in the case $n=7$ it is CCZ-inequivalent to any power mapping (and, therefore, to any APN function belonging to one of the families of APN functions known so far).<br />
<br />
<br />
* [http://zoo.cs.yale.edu/classes/cs426/2012/bib/biham91differential.pdf Differential cryptanalysis of DES-like cryptosystems]<br />
** Biham E, Shamir A.<br />
** The Data Encryption Standard (DES) is the best known and most widely usedc ryptosystem for civilian applications.It was developed at IBM and adopted by the National Buraeu of Standards in the mid 70's, and has successfully withstood all the attacks published so far in the open literature. In this paper we develop a new type of cryptanalytic attack which can break the reduced variant of DES with eight rounds in a few minutes on a PC and can break any reduced variant of DES (with up to 15 rounds) in less than 256 operations.The new attack can be applied to a variety of DES-like substitution/permutation cryptosystems, and demonstrates the crucial role of the (unpublished) design rules.<br />
<br />
<br />
* [https://link.springer.com/chapter/10.1007%2F3-540-48285-7_33 Linear Cryptanalysis Method for DES Cipher]<br />
** M. Matsui<br />
** We introduce a new method for cryptanalysis of DES cipher, which is essentially a known-plaintext attack. As a result, it is possible to break 8-round DES cipher with $2^{21}$ known-plaintexts and 16-round DES cipher with $2^{47}$ known-plaintexts, respectively. Moreover, this method is applicable to an only-ciphertext attack in certain situations. For example, if plaintexts consist of natural English sentences represented by ASCII codes, 8-round DES cipher is breakable with $2^{29}$ ciphertexts only.<br />
<br />
<br />
* [https://link.springer.com/chapter/10.1007/3-540-48285-7_6 Differentially uniform mappings for cryptography]<br />
** K. Nyberg<br />
** This work is motivated by the observation that in DES-like ciphers it is possible to choose the round functions in such a way that every non-trivial one-round characteristic has small probability. This gives rise to the following definition. A mapping is called differentially uniform if for every non-zero input difference and any output difference the number of possible inputs has a uniform upper bound. The examples of differentially uniform mappings provided in this paper have also other desirable cryptographic properties: large distance from affine functions, high nonlinear order and efficient computability.<br />
<br />
<br />
* [https://link.springer.com/chapter/10.1007/978-3-642-56755-1_11 Almost Perfect Nonlinear Power Functions on $GF(2^n)$: A New Case for n Divisible by 5]<br />
** H. Dobbertin<br />
** We prove that for $d = 2^{4s} + 2^{3s} + 2^{2s} + 2^s − 1$ the power function $x^d$ is almost perfect nonlinear (APN) on $L = GF(2^{5s})$, i.e. for each $a \in L$ the equation $(x + 1)^d + x^d = a$ has either no or precisely two solutions in $L$. The proof of this result is based on a new “multi-variate” technique which was recently introduced by the author in order to confirm the conjectured APN property of Welch and Niho power functions.<br />
<br />
<br />
* [http://www.sciencedirect.com/science/article/pii/S089054019892764X Almost Perfect Nonlinear Power Functions on $GF(2^n)$: The Niho Case]<br />
** H. Dobbertin<br />
** Almost perfect nonlinear (APN) mappings are of interest for applications in cryptography. We prove for odd $n$ and the exponent $d=2^{2r}+2^r−1$, where $4r+1 \equiv 0 mod n$, that the power functions $x^d$ on $GF(2^n)$ is APN. The given proof is based on a new class of permutation polynomials which might be of independent interest. Our result supports a conjecture of Niho stating that the power function $x^d$ is even maximally nonlinear or, in other terms, that the crosscorrelation function between a binary maximum-length linear shift register sequences of degree $n$ and a decimation of that sequence by $d$ takes on precisely the three values $−1$, $−1 \pm 2^{(n+1)/2}$.<br />
<br />
* [https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=761283 Almost Perfect Nonlinear Power Functions on $GF(2^n)$ : The Welch Case ]<br />
** H. Dobbertin<br />
** We summarize the state of the classification of almost perfect nonlinear (APN) power functions $x^d$ on $GF(2^n)$ and contribute two new cases. To prove these cases we derive new permutation polynomials. The first case supports a well-known conjecture of Welch stating that for odd $n=2m+1$, the power function $x^{2m+3}$ is even maximally nonlinear or, in other terms, that the crosscorrelation function between a binary maximum-length linear shift register sequence of degree $n$ and a decimation of that sequence by $2^{m}+3$ takes on precisely the three values $-1$, $-1 \pm 2^{ m+1}$.<br />
<br />
<br />
* [Y. Edel, A. Pott https://pdfs.semanticscholar.org/0d6c/71fac2ec96cfe437a02e558fd26a33ea5bed.pdf]<br />
** A new almost perfect nonlinear function which is not quadratic<br />
** Following an example in [13], we show how to change one coordinate function of an almost perfect nonlinear (APN) function in order to obtain new examples. It turns out that this is a very powerful method to construct new APN functions. In particular, we show that the approach can be used to construct “non-quadratic” APN functions. This new example is in remarkable contrast to all recently constructed functions which have all been quadratic.<br />
<br />
<br />
* [http://ieeexplore.ieee.org/abstract/document/1580810/ A new APN function which is not equivalent to a power mapping]<br />
** Y. Edel, G. Kyureghyan, A. Pott<br />
** A new almost-perfect nonlinear function (APN) on $\mathbb{F}_{2^{10}$ which is not equivalent to any of the previously known APN mappings is constructed. This is the first example of an APN mapping which is not equivalent to a power mapping.</div>129.177.123.137https://boolean.h.uib.no/mediawiki/index.php?title=Notation&diff=3Notation2018-11-15T17:31:53Z<p>129.177.123.137: </p>
<hr />
<div>This page will contain some basic notation.<br />
<math>\mathbb{F}_{2^n}</math></div>129.177.123.137