The 2-adic complexity of a class of binary sequences with almost optimal autocorrelation
Yuhua Sun, Qiang Wang, Tongjiang Yan

TL;DR
This paper analyzes the 2-adic complexity of a class of binary sequences with near-optimal autocorrelation, providing lower bounds and demonstrating their suitability for cryptographic applications.
Contribution
The paper determines the 2-adic complexity of sequences constructed from almost difference sets, extending previous autocorrelation analyses and establishing bounds relevant for cryptography.
Findings
2-adic complexity is at least N - log2(sqrt(N+1))
Complexity reaches N - 1 in many cases
Sequences are resistant to rational approximation algorithms
Abstract
Pseudo-random sequences with good statistical property, such as low autocorrelation, high linear complexity and large 2-adic complexity, have been applied in stream cipher. In general, it is difficult to give both the linear complexity and 2-adic complexity of a periodic binary sequence. Cai and Ding \cite{Cai Ying} gave a class of sequences with almost optimal autocorrelation by constructing almost difference sets. Wang \cite{Wang Qi} proved that one type of those sequences by Cai and Ding has large linear complexity. Sun et al. \cite{Sun Yuhua} showed that another type of sequences by Cai and Ding has also large linear complexity. Additionally, Sun et al. also generalized the construction by Cai and Ding using -form function with difference-balanced property. In this paper, we first give the detailed autocorrelation distribution of the sequences was generalized from Cai and Ding…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCoding theory and cryptography · Cellular Automata and Applications · graph theory and CDMA systems
The detailed autocorrelation distribution and 2-adic complexity of a classes of binary sequences with almost optimal autocorrelation
Yuhua Sun1,2,3, Qiang Wang2, Tongjiang Yan1,3
1 College of Sciences, China University of Petroleum,
Qingdao 266555, Shandong, China
2 School of Mathematics and Statistics,
Carleton University, Ottawa , Ontario,K1S 5B6, Canada
3 Key Laboratory of Network Security and Cryptology,
Fujian Normal University, Fuzhou, Fujian 350117, China
Email: [email protected]; [email protected]; [email protected]
Abstract
Pseudo-random sequences with good statistical property, such as low autocorrelation, high linear complexity and large 2-adic complexity, have been used in designing reliable stream ciphers. In this paper, we obtain the exact autocorrelation distribution of a class of sequence with three-level autocorrelation and analyze the 2-adic complexity of this sequence. Our results show that the 2-adic complexity of the sequence is at least and that in many cases it is maximal, which is large enough to resist the attack of the rational approximation algorithm (RAA) for feedback with carry shift registers (FCSRs).
**Index Terms.**stream ciphers; pseudo-random sequences; autocorrelation; 2-adic complexity;
11footnotetext: The work is supported by Shandong Provincial Natural Science Foundation of China(No. ZR2014FQ005, The Fundamental Research Funds for the Central Universities(No. 15CX02065A, No. 15CX08011A, No. 15CX02056A, No. 16CX02013A, No. 16CX02009A), Fujian Provincial Key Laboratory of Network Security and Cryptology Research Fund(Fujian Normal University)(No.15002).
1 INTRODUCTION
Pseudo-random sequences with good statistical property are widely used as basic blocks for constructing stream ciphers. Any key stream generators could be implemented by both linear feedback shift registers (LFSRs) and feedback with carry shift registers (FCSRs). However, after the Berlekamp-Massey algorithm (BMA) for LFSRs [13] and the rational approximation algorithm for FCSRs [10] were presented, linear complexity and 2-adic complexity of the key stream sequence have been regarded as the critical security criteria and required to be no less than one half of the period. Autocorrelation is another critical statistical measure of the key stream sequence. Although the linear complexity of many classes of sequences have been obtained (See [3]-[4]), there are only a handful research papers that focus on 2-adic complexity. For example, in 1997, Klapper has pointed out that an -sequence with prime period has maximal 2-adic complexity [10]. In 2010, Tian and Qi showed that the 2-adic complexity of all the binary -sequences is maximal [17]. Afterwards, Xiong et al. [22] presented a new method of circulant matrices to compute the 2-adic complexities of binary sequences.
Several recent results show that the 2-adic complexity of a sequence possesses a close relationship with its another critical statistical property (i.e., autocorrelation). In [22], Xiong et al showed that all the known sequences with ideal 2-level autocorrelation have maximum 2-adic complexity. Moreover, in [2], Ding et al proved that the 2-adic complexities of Legendre sequences and Ding-Helleseth-Lam sequences with optimal autocorrelation are also maximal. Then, using the same method as that in [22], Xiong et al. [23] pointed out that two other classes of sequences based on interleaved structure have also maximal 2-adic complexity. One of these two classes of sequences was constructed by Tang and Ding [15], which has optimal autocorrelation, the other was constructed by Zhou et al [24], which is optimal with respect to the Tang-Fan-Matsufuji bound [16]. Recently, Hu [7] presented a simpler method to obtain the results of Xiong et al. [22], using detailed autocorrelation values.
In [1], Cai and Ding gave a generic construction of a large class of sequences with almost optimal autocorrelation, using almost difference sets. Then Wang [18] and Sun et al [14] proved that most of these sequences have high linear complexity. Meanwhile, Sun et al [14] generalized Cai and Ding’s construction using -form function with difference-balanced property and obtained more sequences with almost optimal autocorrelation in this way. In this paper, motivated by Hu’s method [7], we determine the exact autocorrelation distribution and obtain a lower bound on the 2-adic complexity of these sequences. Our result shows that the low bound for this class of sequences with period is at least and that in many cases it is maximal, which is large enough to resist against the rational approximation algorithm (RAA) attack for feedback with carry shift registers (FCSRs).
The rest of this paper is organized as follows. Some neccesary definitions, notations, and previous results are introduced in Section 2. The exact autocorrelation distribution of a class of almost optimal autocorrelation sequences that generalized from Cai and Ding [1] by Sun et al [14] is given in Section 3. In Section 4, the lower bounds on the 2-adic complexities of these sequences will be presented. Finally we summarize our results and give some remarks in Section 5.
2 Preliminaries
Let be a positive integer and a binary sequence of period . Let . Then we write
[TABLE]
The 2-adic complexity of the sequence is the integer , i.e.,
[TABLE]
where is the greatest integer that is less than or equal to .
Let be the support of . Then is called the characteristic sequence of . The autocorrelation of is defined by
[TABLE]
where . It is well known that for all . Moreover, it can be computed by
[TABLE]
where is the difference function of the support such that and
[TABLE]
Definition 1
Let be a cyclic group with elements and be a -element subset of . Supposing the variable ranges over all the nonzero elements of . If always takes on the value , then is called a cyclic difference set of ; if takes on altogether times and altogether times, then is called a cyclic almost difference set (CADS) in .
According to Eq. (4), when the support of a sequence is a cyclic almost difference set, the autocorrelation of is
[TABLE]
Therefore, under the assumption , a sequence of period has almost optimal autocorrelation if and only if or for all (see [1]).
Let be a power of a prime and a positive integer.
Definition 2
A function from to is called a -form function on over if for any and .
Definition 3
A function from to is said to be balanced if the element 0 appears one less time than each nonzero element in in the list , where is a primitive element of .
Definition 4
Let be a -form function on over and . Then the function is called difference-balanced if is balanced for any .
Earlier, Sun et al [14] extended Cai and Ding’s construction [1] to obtain the following almost difference sets.
Lemma 1
[14]** Let be a positive integer, a primitive element of the finite field and a -form function from to with difference-balanced property. Suppose that is any difference set in . Define , , . Then is a almost difference set in . Furthermore, the characteristic sequence of the set has the out-of-phase autocorrelation values only.
In the sequel, we also need the following number theoretical results.
Definition 5
A composite number is called a 2-pseudoprime if .
For exmple, both and are 2-pseudoprimes.
Lemma 2
[11]** If is a 2-pseudoprime, then is a 2-pseudoprime. Therefore, there are infinitely many 2-pseudoprimes.
3 Detailed autocorrelation distribution of sequences generalized from Cai and Ding by Sun et al.
In this section, we derive the exact autocorrelation distribution of the sequence constructed in Lemma 1. Previously, we know that the autocorrelation of this sequence is almost optimal, however, it is not good enough to help us determine the lower bound on its 2-adic complexity. In order to achieve our goal, we use Eq. (6) and Lemma 1 to find out the exact autocorrelation distribution of .
Lemma 3
Let be a -form function on over with difference-balanced property. Define . Then, for a primitive element of and , we must have for any and .
By the definition of -form function, for any . If and , we get , which is impossible since and . Additionally, the difference-balanced property guarantees .
Lemma 4
Let all the symbols be the same as those in Lemma 1. Suppose that , where . Then
[TABLE]
Let with a fixed such that . Then, for any , we can see that and . Conversely, for any , the pair such that with and is unique. Moreover, there exists exactly one such that and . Indeed, by the first conclusion of Lemma 3, for any and any . Therefore, and if and only if , i.e., .
Hence,
[TABLE]
By the assumption that is a difference set in . Then . Furthermore, by Lemma 3. The result follows.
Theorem 1
Let be a positive integer, a primitive element of and a -form function from to with difference-balanced property. Suppose that is any difference set in . Define , , . Then the exact autocorrelation distribution of the characteristic sequence of is given by
[TABLE]
First of all, from the parameters of the almost difference set in Lemma 1, we know that and that there are ’s such that the autocorrelation . Secondly, by Lemma 4 we have for . Then, using Eq. (4), we get for . Note that the size of the set is exactly . Therefore the proof is complete.
4 Lower bounds on the 2-adic complexity of sequences generalized from Cai and Ding by Sun et al.
Recall that the sequence in Lemma 1 has the period . In the following we let and .
Lemma 5
Let and . Then
[TABLE]
According to the definition of , we have
[TABLE]
Furthermore, we have
[TABLE]
Combining Eqs. (8)(9), we obtain the result.
Employing Lemma 5 and the detailed autocorrelation distribution of , we can obtain the following.
Lemma 6
Let be a positive integer, , and be the binary sequence with almost optimal autocorrelation in Lemma 1. Then
[TABLE]
Recall that in Lemma 5. In convenience, we denote . Substituting the autocorrelation in Theorem 1 into Eq. (7) in Lemma 5, we can see
[TABLE]
Then, substituting 2 for we have
[TABLE]
The result follows.
In order to give the lower bound on the 2-adic complexity, we also need the following simple result in number theory whose proof is omitted here.
Lemma 7
Let be any positive integer. Then
[TABLE]
Now we give a general lower bound on the 2-adic complexity for the sequence constructed in Lemma 1.
Theorem 2
Let be a positive integer, a primitive element of and a -form function from to with difference-balanced property. Suppose that is any difference set in , , and . Denote to be the characteristic sequence of . Then the 2-adic complexity of is bounded by
[TABLE]
Above all, from the known conditions, we know that . It is easy to see that
[TABLE]
and that the product
[TABLE]
is divided by . Then we get
[TABLE]
By Lemma 6, we have
[TABLE]
Then we have
[TABLE]
Upper bound of is considered in the following. Note that . By Lemma 7, we get
[TABLE]
Then, by Lemma 6 again, we have
[TABLE]
Accordingly, we know that
[TABLE]
Note that
[TABLE]
Therefore we obtain an upper bound of
[TABLE]
Combining Eqs. (13),(14) and (16), we have
[TABLE]
Therefore, by Eq. (2), the 2-adic complexity of is bounded by
[TABLE]
Remark 1
From the result of Theorem 2, it is easy to test that the lower bound in Eq.(12) is larger than for any positive integer . Hence, the 2-adic complexity of is large enough to resist RAA. In fact, in many cases, the lower bound can be maximal. In the following, we will discuss these cases.
Lemma 8
Let be a prime or a 2-pseudoprime. Then we have
[TABLE]
Note that . Then, by Eq. (15), we know that
[TABLE]
Next, we will determine the value of in several steps.
Firstly, it is easy to see that
[TABLE]
Since is a prime or a 2-pseudoprime, then we have , which implies that . Therefore, we have . By Eq. (18), we know that
[TABLE]
Secondly, we will prove if , i.e., is not even if . Otherwise, if is even, i.e., is odd, then or , which implies that if and if . But since is a prime or 2-pseudoprime, we have . Further, since , then and , a contradiction to or . Thus, we obtain that
[TABLE]
Thirdly, we will prove if , i.e., if . Otherwise, if , then we have or , which implies , a contradiction to the above . Thus we have
[TABLE]
Now, we will prove that is not divided by if . Otherwise, it is easy to see that , i.e., . Then, we have , which implies that . By Lemma 7, we have . Then we can get . Therefore, we have , i.e., , which implies , a contradiction to the fact . Thus, by Eqs. (17) and (4), we know that Eq. (8) holds. The desired result follows.
Theorem 3
Let be a positive integer, , a primitive element of and a -form function from to with difference-balanced property. Suppose that is any difference set in . Define , , . Let be the sequence whose support set is . Then the 2-adic complexity of is bounded by
[TABLE]
From Eq. (2), the 2-adic complexity of satisfies
[TABLE]
The rest of the proof is from Lemma 8 and the discussion in the proof of Theorem 2.
Remark 2
From Theorem 3, the 2-adic complexity of the sequences with almost optimal autocorrelation is large enough to resist the analysis of RAA.
5 Summary and concluding remarks
In this paper, we first gave the detailed autocorrelation distribution of the sequence with almost optimal autocorrelation generalized from Cai and Ding by Sun et al.. Then, using the the detailed autocorrelation distribution and combining the method of Hu and some number theory, we present the lower bounds on the 2-adic complexity of these sequences in the general case and some special cases respectively. Our results show that the 2-adic complexity is at least and that in many cases it is maximal, which is obviously large enough to resist RAA of FCSR.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1[1] Cai, Y., Ding, C.: Binary sequences with optimal autocorrelation. Theoretical Computer Science 410, 2316-2322 (2009).
- 2[2] Ding, C., Helleseth, T., Lam, K. Y.: Several classes of sequences with three-level autocorrelation. IEEE Trans. Inf. Theory 45, 2606-2612 (1999).
- 3[3] Ding, C., Helleseth, T., Shan, W.: On the linear complexity of Legendre sequences. IEEE Trans. Inf. Theory 45, 693-698 (1998).
- 4[4] Edemskiy, V., Palvinskiy, A.: The linear complexity of binary sequences of length 2 p 2 𝑝 2p with optimal three-level autocorrelation. Information Processing Letters 116, 153-156 (2016).
- 5[5] Etzion, T.: Linear complexity of de Bruijn sequences-old and new results. IEEE Trans. Inf. Theory 45, 693-698 (1999).
- 6[6] Helleseth, T., Maas, M., Mathiassen, E., Segers,T.: Linear complexity over 𝔽 p subscript 𝔽 𝑝 \mathbb{F}_{p} of Sidel’nikov sequences. IEEE Trans. Inf. Theory 50, 2468-2472 (2004).
- 7[7] Hu, H.: Comments on a new method to compute the 2-adic complexity of binary sequences. IEEE Trans. Inf. Theory 60, 5803-5804 (2014).
- 8[8] Hu, L., Yue, Q., Wang, M.: The linear complexity of whiteman’s generalized cyclotomic sequences of period p m + 1 q n + 1 superscript 𝑝 𝑚 1 superscript 𝑞 𝑛 1 p^{m+1}q^{n+1} . IEEE Trans. Inf. Theory 58, 5534-5543 (2012).
