Background

For a prime ${\displaystyle p}$ and a positive integer ${\displaystyle n}$ let ${\displaystyle \mathbb {F} _{p^{n}}}$ be the finite field with ${\displaystyle p^{n}}$ elements. Let ${\displaystyle F}$ be a map from the finite field to itself. Such function admits a unique representation as a polynomial of degree at most ${\displaystyle p^{n}-1}$, i.e.

${\displaystyle F(x)=\sum _{j=0}^{p^{n}-1}a_{j}x^{j},a_{j}\in \mathbb {F} _{p^{n}}}$.

The function ${\displaystyle F}$ is

• linear if ${\displaystyle F(x)=\sum _{j=0}^{n-1}a_{j}x^{p^{j}}}$,
• affine if it is the sum of a linear function and a constant,
• DO (Dembowski-Ostrim) polynomial if ${\displaystyle F(x)=\sum _{0\leq i\leq j<n}a_{ij}x^{p^{i}+p^{j}}}$,
• quadratic if it is the sum of a DO polynomial and an affine function.

For ${\displaystyle \delta }$ a positive integer, the function ${\displaystyle F}$ is called differentially ${\displaystyle \delta }$-uniform if for any pairs ${\displaystyle a,b\in \mathbb {F} _{p^{n}}}$, with ${\displaystyle a\neq 0}$, the equation ${\displaystyle F(x+a)-F(x)=b}$ admits at most ${\displaystyle \delta }$ solutions.

A function ${\displaystyle F}$ is called planar or perfect nonlinear (PN) if ${\displaystyle \delta _{F}=1}$. Obviously such functions exist only for ${\displaystyle p}$ an odd prime. In the even case the smallest possible case for ${\displaystyle \delta }$ is two (APN function).

For planar function we have that the all the nonzero derivatives, ${\displaystyle D_{a}F(x)=F(x+a)-F(x)}$, are permutations.

Equivalence Relations

Two functions ${\displaystyle F}$ and ${\displaystyle F'}$ from ${\displaystyle \mathbb {F} _{p^{n}}}$ to itself are called:

• affine equivalent if ${\displaystyle F'=A_{1}\circ F\circ A_{2}}$, where ${\displaystyle A_{1},A_{2}}$ are affine permutations;
• EA-equivalent (extended-affine) if ${\displaystyle F'=F''+A}$, where ${\displaystyle A}$ is affine and ${\displaystyle F''}$ is afffine equivalent to ${\displaystyle F}$;
• CCZ-equivalent if there exists an affine permutation ${\displaystyle {\mathcal {L}}}$ of ${\displaystyle \mathbb {F} _{p^{n}}\times \mathbb {F} _{p^{n}}}$ such that ${\displaystyle {\mathcal {L}}(G_{F})=G_{F'}}$, where ${\displaystyle G_{F}=\lbrace (x,F(x)):x\in \mathbb {F} _{p^{n}}\rbrace }$.

CCZ-equivalence is the most general known equivalence relation for functions which preserves differential uniformity. Affine and EA-equivalence are its particular cases. For the case of quadratic planar functions the isotopic equivalence is more general than CCZ-equivalence, where two maps are isotopic equivalent if the corresponding presemifields are isotopic.

On Presemifields and Semifields

A presemifield is a ring with left and right distributivity and with no zero divisor. A presemifield with a multiplicative identity is called a semifield. Any finite presemifield can be represented by ${\displaystyle \mathbb {S} =(\mathbb {F} _{p^{n}},+,\star )}$, for ${\displaystyle p}$ a prime, ${\displaystyle n}$ a positive integer, ${\displaystyle \mathbb {S} =(\mathbb {F} _{p^{n}},+)}$ additive group and ${\displaystyle x\star y}$ multiplication linear in each variable. Every commutative presemifield can be transformed into a commutative semifield^[1].

Two presemifields ${\displaystyle \mathbb {S} _{1}=(\mathbb {F} _{p^{n}},+,\star )}$ and ${\displaystyle \mathbb {S} _{2}=(\mathbb {F} _{p^{n}},+,\circ )}$ are called isotopic if there exist three linear permutations ${\displaystyle T,M,N}$ of ${\displaystyle \mathbb {F} _{p^{n}}}$ such that ${\displaystyle T(x\star y)=M(x)\circ N(y)}$, for any ${\displaystyle x,y\in \mathbb {F} _{p^{n}}}$. If ${\displaystyle M=N}$ then they are called strongly isotopic. Each commutative presemifields of odd order defines a planar DO polynomial and viceversa:

• given ${\displaystyle \mathbb {S} =(\mathbb {F} _{p^{n}},+,\star )}$ let ${\displaystyle F_{\mathbb {S} }(x)={\frac {1}{2}}(x\star x)}$;
• given ${\displaystyle F}$ let ${\displaystyle \mathbb {S} _{F}=(\mathbb {F} _{p^{n}},+,\star )}$ defined by ${\displaystyle x\star y=F(x+y)-F(x)-F(y)}$.

Given ${\displaystyle \mathbb {S} =(\mathbb {F} _{p^{n}},+,\star )}$ a finite semifield, the subsets

${\displaystyle N_{l}(\mathbb {S} )=\{\alpha \in \mathbb {S} :(\alpha \star x)\star y=\alpha \star (x\star y)}$ for all ${\displaystyle x,y\in \mathbb {S} \}}$

${\displaystyle N_{m}(\mathbb {S} )=\{\alpha \in \mathbb {S} :(x\star \alpha )\star y=x\star (\alpha \star y)}$ for all ${\displaystyle x,y\in \mathbb {S} \}}$

${\displaystyle N_{r}(\mathbb {S} )=\{\alpha \in \mathbb {S} :(x\star y)\star \alpha =x\star (y\star \alpha )}$ for all ${\displaystyle x,y\in \mathbb {S} \}}$

are called left, middle and right nucleus of ${\displaystyle \mathbb {S} }$.

The set ${\displaystyle N(\mathbb {S} )=N_{l}(\mathbb {S} )\cap N_{m}(\mathbb {S} )\cap N_{r}(\mathbb {S} )}$ is called the nucleus. All these sets are finite field and, when ${\displaystyle \mathbb {S} }$ is commutative, ${\displaystyle N_{l}(\mathbb {S} )=N_{r}(\mathbb {S} )\subseteq N_{m}(\mathbb {S} )}$. The order of the different nuclei are invariant under isotopism.

Properties

Hence two quadratic planar functions ${\displaystyle F,F'}$ are isotopic equivalent if their corresponding presemifields are isotopic. Moreover, we have:

• ${\displaystyle F,F'}$ are CCZ-equivalent if and only if the corresponding presemifileds are strongly isotopic^[2];
• for ${\displaystyle n}$ odd, isotopic coincides with strongly isotopic;
• if ${\displaystyle F,F'}$ are isotopic equivalent, then there exists a linear map ${\displaystyle L}$ such that ${\displaystyle F'}$ is EA-equivalent to ${\displaystyle F(x+L(x))-F(x)-F(L(x))}$;
• any commutative presemifield of odd order can generate at most two CCZ-equivalence classes of planar DO polynomials;
• if ${\displaystyle \mathbb {S} _{1}}$ and ${\displaystyle \mathbb {S} _{2}}$ are isotopic commutative semifields of characteristic ${\displaystyle p}$ with order of middle nuclei and nuclei ${\displaystyle p^{m}}$ and ${\displaystyle p^{k}}$ respectively, then either one of the following is satisfied:
  • ${\displaystyle m/k}$ is odd and the semifields are strongly isotopic,
  • ${\displaystyle m/k}$ is even and the semifields are strongly isotopic or the only isotopisms are of the form ${\displaystyle (\alpha \star N,N,L)}$ with ${\displaystyle \alpha \in N_{m}(\mathbb {S} _{1})}$ non-square.

Known cases of planar functions and commutative semifields

Among the known example of planar functions, the only ones that are non-quadratic are the power functions ${\displaystyle x^{\frac {3^{t}+1}{2}}}$ defined over ${\displaystyle \mathbb {F} _{3^{n}}}$, with ${\displaystyle t}$ is odd and gcd(${\displaystyle t,n}$)=1.

In the following the list of some known infinite families of planar functions (and corresponding commutative semifields):

• ${\displaystyle x^{2}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$ (finite field ${\displaystyle \mathbb {F} _{p^{n}}}$);
• ${\displaystyle x^{p^{t}+1}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$ with ${\displaystyle n/gcd(t,n)}$ odd (Albert's commutative twisted fields);
• ${\displaystyle L(t^{2}(x))+{\frac {1}{2}}x^{2}}$ over ${\displaystyle \mathbb {F} _{p^{2km}}}$ with ${\displaystyle L(x)={\frac {1}{8}}(x^{p^{k}}-x),t(x)=x^{p^{km}}-x}$ (Dickson semifields);
• • ${\displaystyle (ax)^{p^{s}+1}-(ax)^{p^{k}(p^{s}+1)}+x^{p^{k}+1}}$
  • ${\displaystyle bx^{p^{s}+1}+(bx^{p^{s}+1})^{p^{k}}+cx^{p^{k}+1}}$

over ${\displaystyle \mathbb {F} _{p^{2k}}}$ where ${\displaystyle a,b\in \mathbb {F} _{2^{2k}}^{\star },b}$ not square, ${\displaystyle c\in \mathbb {F} _{2^{2k}}\setminus \mathbb {F} _{2^{k}},gcd(k+s,2k)=gcd(k+s,k)}$ and for the first one also ${\displaystyle gcd(p^{s}+1,p^{k}+1)\neq gcd(p^{s}+1,(p^{k}+1)/2)}$. Without loss of generality it is possible to take ${\displaystyle a=1}$ and fix a value for ${\displaystyle c}$;

• ${\displaystyle x^{p^{s}+1}-a^{p^{t}-1}x^{p^{t}+p^{2t+s}}}$ over ${\displaystyle \mathbb {F} _{p^{3t}},a}$ primitive, ${\displaystyle gcd(3,t)=1,t-s\equiv 0}$ mod ${\displaystyle 3,3t/gcd(s,3t)}$ odd;
• ${\displaystyle x^{p^{s}+1}-a^{p^{t}-1}x^{p^{3t}+p^{t+s}}}$ over ${\displaystyle \mathbb {F} _{p^{4t}},a}$ primitive, ${\displaystyle p^{s}\equiv p^{t}\equiv 1}$ mod 4, ${\displaystyle 2t/gcd(s,2t)}$ odd;
• ${\displaystyle a^{1-p}x^{2}+x^{2p^{m}}+a^{1-p}T(x)-T(x)^{p^{m}}}$, with ${\displaystyle T(x)=\sum _{i=0}^{k}(-1)^{i}x^{p^{2i}(p^{2}+1)}+a^{p-1}\sum _{j=0}^{k-1}(-1)^{k+j}x^{p^{2j+1}(p^{2}+1)}}$, over ${\displaystyle \mathbb {F} _{p^{2m}}}$ for ${\displaystyle a\in \mathbb {F} _{p^{2}}^{\star },m=2k+1}$.

Cases defined for p=3

• ${\displaystyle x^{10}\pm x^{6}-x^{2}{\mbox{ over }}\mathbb {F} _{p^{n}}{\mbox{ with }}n}$ odd (Coulter-Matthews and Ding-Yuan semifields);
• ${\displaystyle L(t^{2}(x))+D(t(x))+{\frac {1}{2}}x^{2},{\mbox{ over }}\mathbb {F} _{3^{2k}}{\mbox{ with }}k{\mbox{ odd, }}t(x)=x^{3^{k}}-x,\beta \in \mathbb {F} _{3^{2k}}\setminus \mathbb {F} _{3^{k}},\alpha =t(\beta ),L(x)=\alpha ^{-5}x^{3}+x,D(x)=-\alpha ^{-10}x^{10}}$ (Ganley semifields);
• ${\displaystyle L(t^{2}(x))+{\frac {1}{2}}x^{2},{\mbox{ over }}\mathbb {F} _{3^{2k}}{\mbox{ with }}k{\mbox{ odd, }}t(x)=x^{3^{k}}-x,\beta \in \mathbb {F} _{3^{2k}}\setminus \mathbb {F} _{3^{k}},\alpha =t(\beta ),L(x)=-x^{9}-\alpha x^{3}+(1-\alpha ^{4})x}$ (Cohen-Ganley semifileds);
• ${\displaystyle L(t^{2}(x))+{\frac {1}{2}}x^{2},{\mbox{ over }}\mathbb {F} _{3^{10}}{\mbox{ with }}t(x)=x^{243}-x,\beta \in \mathbb {F} _{3^{10}}\setminus \mathbb {F} _{3^{5}},\alpha =t(\beta ),L(x)=-(\alpha ^{-53}x^{27}+\alpha ^{-18}x^{9}-x)}$ (Penttila-Williams semifileds);
• ${\displaystyle L(t^{2}(x))+D(t(x))+{\frac {1}{2}}x^{2},{\mbox{ over }}\mathbb {F} _{3^{8}}{\mbox{ with }}t(x)=x^{9}-x,L(x)=x^{243}+x^{9},D(x)=x^{246}+x^{82}-x^{10}}$ (Coulter-Henderson-Kosick semifield);
• ${\displaystyle x^{2}+x^{90}{\mbox{ over }}\mathbb {F} _{3^{5}}}$.

Known cases of APN functions in odd characteristic

• ${\displaystyle x^{3}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$, ${\displaystyle p\neq 3}$;
• ${\displaystyle x^{p^{n}-2}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$ with ${\displaystyle p^{n}\equiv 2{\pmod {3}}}$;
• ${\displaystyle x^{\frac {p^{n}-3}{2}}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$ with ${\displaystyle p^{n}\equiv 3,7{\pmod {20}},~p^{n}>7,~p^{n}\neq 27,n}$ odd;
• ${\displaystyle x^{{\frac {p^{n}+1}{4}}+{\frac {p^{n}-1}{2}}}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$ with ${\displaystyle p^{n}\equiv 3{\pmod {8}}}$;
• ${\displaystyle x^{\frac {p^{n}+1}{4}}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$ with ${\displaystyle p^{n}\equiv 7{\pmod {8}},~n>1}$;
• ${\displaystyle x^{\frac {2p^{n}-1}{3}}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$ with ${\displaystyle p^{n}\equiv 2{\pmod {3}}}$;
• ${\displaystyle x^{p^{m}+2}}$ over ${\displaystyle \mathbb {F} _{p^{n}}}$ with ${\displaystyle p^{m}\equiv 1{\pmod {3}},~n=2m}$;
• ${\displaystyle x^{3^{n}-3}}$ over ${\displaystyle \mathbb {F} _{3^{n}}}$ with ${\displaystyle n>1}$ odd;
• ${\displaystyle x^{\frac {3^{\frac {n+1}{2}}-1}{2}}}$ over ${\displaystyle \mathbb {F} _{3^{n}}}$ with ${\displaystyle n\equiv 3{\pmod {4}},~n>3}$;
• ${\displaystyle x^{{\frac {3^{\frac {n+1}{2}}-1}{2}}+{\frac {3^{n}-1}{2}}}}$ over ${\displaystyle \mathbb {F} _{3^{n}}}$ with ${\displaystyle n\equiv 1{\pmod {4}},~n>1}$;
• ${\displaystyle x^{\frac {3^{n+1}-1}{8}}}$ over ${\displaystyle \mathbb {F} _{3^{n}}}$ with ${\displaystyle n\equiv 3{\pmod {4}}}$;
• ${\displaystyle x^{{\frac {3^{n+1}-1}{8}}+{\frac {3^{n}-1}{4}}}}$ over ${\displaystyle \mathbb {F} _{3^{n}}}$ with ${\displaystyle n\equiv 1{\pmod {4}}}$;
• ${\displaystyle x^{\frac {3^{n+1}-1}{3^{L}+1}}}$ over ${\displaystyle \mathbb {F} _{3^{n}}}$, where ${\displaystyle L={\frac {n+1}{2^{\ell }}}}$ with ${\displaystyle n\equiv -1{\pmod {2^{\ell }}}}$;
• ${\displaystyle x^{\frac {5^{\ell }+1}{2}}}$ over ${\displaystyle \mathbb {F} _{5^{n}}}$ with ${\displaystyle \gcd(2n,\ell )=1}$;
• ${\displaystyle x^{{\frac {5^{n}-1}{4}}+{\frac {5^{\frac {n+1}{2}}-1}{2}}}}$ over ${\displaystyle \mathbb {F} _{5^{n}}}$ with ${\displaystyle n}$ odd;
• ${\displaystyle x^{{\frac {5^{n+1}-1}{2(5^{L}+1)}}+{\frac {5^{n}-1}{4}}}}$ over ${\displaystyle \mathbb {F} _{5^{n}}}$, where ${\displaystyle L={\frac {n+1}{2^{\ell }}},~n\equiv -1{\pmod {2^{\ell }}}}$ and ${\displaystyle \ell \geq 2}$;