Abstract: Recently, algebraic attacks have received a lot of attention in the cryptographic literature. It has been observed that a Boolean function f used as a cryptographic primitive, and interpreted as a multivariate polynomial over F/sub 2/, should not have low degree multiples obtained by multiplication with low degree nonzero functions. In this paper, we show that a Boolean function having low nonlinearity is (also) weak against algebraic attacks, and we extend this result to higher order nonlinearities. Next, we present enumeration results on linearly independent annihilators. We also study certain classes of highly nonlinear resilient Boolean functions for their algebraic immunity. We identify that functions having low-degree subfunctions are weak in terms of algebraic immunity, and we analyze some existing constructions from this viewpoint. Further, we present a construction method to generate Boolean functions on n variables with highest possible algebraic immunity /spl lceil/n/2/spl rceil/ (this construction, first presented at the 2005 Workshop on Fast Software Encryption (FSE 2005), has been the first one producing such functions). These functions are obtained through a doubly indexed recursive relation. We calculate their Hamming weights and deduce their nonlinearities; we show that they have very high algebraic degrees. We express them as the sums of two functions which can be obtained from simple symmetric functions by a transformation which can be implemented with an algorithm whose complexity is linear in the number of variables. We deduce a very fast way of computing the output to these functions, given their input.

Abstract: So far there is no systematic attempt to construct Boolean functions with maximum annihilator immunity. In this paper we present a construction keeping in mind the basic theory of annihilator immunity. This construction provides functions with the maximum possible annihilator immunity and the weight, nonlinearity and algebraic degree of the functions can be properly calculated under certain cases. The basic construction is that of symmetric Boolean functions and applying linear transformation on the input variables of these functions, one can get a large class of non-symmetric functions too. Moreover, we also study several other modifications on the basic symmetric functions to identify interesting non-symmetric functions with maximum annihilator immunity. In the process we also present an algorithm to compute the Walsh spectra of a symmetric Boolean function with O(n2) time and O(n) space complexity.

Abstract: External control of a genetic regulatory network is used for the purpose of avoiding undesirable states, such as those associated with disease. Heretofore, intervention has focused on finite-horizon control, i.e., control over a small number of stages. This paper considers the design of optimal infinite-horizon control for context-sensitive probabilistic Boolean networks (PBNs). It can also be applied to instantaneously random PBNs. The stationary policy obtained is independent of time and dependent on the current state. We concentrate on discounted problems with bounded cost per stage and on average-cost-per-stage problems. These formulations are used to generate stationary policies for a PBN constructed from melanoma gene-expression data. The results show that the stationary policies obtained by the two different formulations are capable of shifting the probability mass of the stationary distribution from undesirable states to desirable ones.

Abstract: A new almost-perfect nonlinear function (APN) on F(2/sup 10/) which is not equivalent to any of the previously known APN mappings is constructed. This is the first example of an APN mapping which is not equivalent to a power mapping.

Abstract: We return to the study of the relation of query complexity and soundness in probabilistically checkable proofs.We present a PCP verifier for languages that are Unique-Games-Hard and such that the verifier makes q queries, has almost perfect completeness, and has soundness error at most 2q/2q+e, for arbitrarily small e>0. For values of q of the form 2t-1, the soundness error is (q+1)/2q+e.Charikar et al. show that there is a constant c such that for every language that has a verifier of query complexity q, and a ratio of soundness error to completeness smaller than cq/2q is decidable in polynomial time. Up to the value of the multiplicative constant and to the validity of the Unique Games Conjecture, our result is therefore tight.As a corollary, we show that approximating the Maximum Independent Set problem in graphs of degree Δ within a factor better than Δ/(log Δ)c is Unique-Games-Hard for a certain constant c>0.Our main technical results are (i) a connection between the Gowers uniformity of a Boolean function and the influence of its variables and (ii) the proof that "Gowers uniform" functions pass the "hypergraph linearity test" approximately with the same probability of a random function. The connection between Gowers uniformity and influence might have other applications.

Abstract: In this paper we propose several efficient algorithms for assessing the resistance of Boolean functions against algebraic and fast algebraic attacks when implemented in LFSR-based stream ciphers. An algorithm is described which permits to compute the algebraic immunity d of a Boolean function with n variables in O(D 2 ) operations, for D ≃ ( n d ), rather than in O(D 3 ) operations necessary in all previous algorithms. Our algorithm is based on multivariate polynomial interpolation. For assessing the vulnerability of arbitrary Boolean functions with respect to fast algebraic attacks, an efficient generic algorithm is presented that is not based on interpolation. This algorithm is demonstrated to be particularly efficient for symmetric Boolean functions. As an application it is shown that large classes of symmetric functions are very vulnerable to fast algebraic attacks despite their proven resistance against conventional algebraic attacks.

Abstract: Game theory is a widely used formal model for studying strategical interactions between agents. Boolean games [8] are two players, zero-sum static games where players' utility functions are binary and described by a single propositional formula, and the strategies available to a player consist of truth assignments to each of a given set of propositional variables (the variables controlled by the player.) We generalize the framework to n-players games which are not necessarily zero-sum. We give simple characterizations of Nash equilibria and dominated strategies, and investigate the computational complexity of the related problems.

Abstract: In this paper, we study the construction of (2t +1)-variable Boolean functions with maximum algebraic immunity, and we also analyze some other cryptographic properties of this kind of functions, such as nonlinearity, resilience. We first identify several classes of this kind of functions. Further, some necessary conditions of this kind of functions which also have higher nonlinearity are obtained. In this way, a modified construction method is proposed to possibly obtain (2(+ Invariable Boolean functions which have maximum algebraic immunity and higher nonlinearity, and a class of such functions is also obtained. Finally, we present a sufficient and necessary condition of (2t + 1)-variable Boolean functions with maximum algebraic immunity which are also 1-resilient.

Abstract: SAT sweeping is a method for simplifying an shape And/Inverter graph (AIG) by systematically merging graph vertices from the inputs towards the outputs using a combination of structural hashing, simulation, and SAT queries. Due to its robustness and efficiency, SAT sweeping provides a solid algorithm for Booleanreasoning in functional verification and logic synthesis. In previous work, SAT sweeping merges two vertices only if they are functionally equivalent. In this paper we present a significant extension of the SAT-sweeping algorithm that exploits local observability don't-cares (ODCs) to increase the number of vertices merged. We use a novel technique to bound the use of ODCs and thus the computational effort to find them, while still finding a large fraction of them. Our reported results based on a set of industrial benchmark circuits demonstrate that ODC-based SAT sweeping results in significantly more graph simplification with great benefit for Boolean reasoning with a moderate increase in computational effort.

Abstract: Grain [11] is a lightweight stream cipher proposed by M. Hell, T. Johansson, and W. Meier to the eSTREAM call for stream cipher proposals of the European project ECRYPT [5]. Its 160-bit internal state is divided into a LFSR and an NFSR of length 80 bits each. A filtering boolean function is used to derive each keystream bit from the internal state. By combining linear approximations of the feedback function of the NFSR and of the filtering function, it is possible to derive linear approximation equations involving the keystream and the LFSR initial state. We present a key recovery attack against Grain which requires 243 computations and 238 keystream bits to determine the 80-bit key.

Abstract: In this paper, we study the construction of (2t+1)-variable Boolean functions with maximum algebraic immunity, and we also analyze some other cryptographic properties of this kind of functions, such as nonlinearity, resilience. We first identify several classes of this kind of functions. Further, some necessary conditions of this kind of functions which also have higher nonlinearity are obtained. In this way, a modified construction method is proposed to possibly obtain (2t+1)-variable Boolean functions which have maximum algebraic immunity and higher nonlinearity, and a class of such functions is also obtained. Finally, we present a sufficient and necessary condition of (2t+1)-variable Boolean functions with maximum algebraic immunity which are also 1-resilient.

Abstract: We present a complete all-optical-processing polarization-based binary-logic system, by which any logic gate or processor can be implemented. Following the new polarization-based logic presented in [Opt. Express 14, 7253 (2006)], we develop a new parallel processing technique that allows for the creation of all-optical-processing gates that produce a unique output either logic 1 or 0 only once in a truth table, and those that do not. This representation allows for the implementation of simple unforced OR, AND, XOR, XNOR, inverter, and more importantly NAND and NOR gates that can be used independently to represent any Boolean expression or function. In addition, the concept of a generalized gate is presented which opens the door for reconfigurable optical processors and programmable optical logic gates. Furthermore, the new design is completely compatible with the old one presented in [Opt. Express 14, 7253 (2006)], and with current semiconductor based devices. The gates can be cascaded, where the information is always on the laser beam. The polarization of the beam, and not its intensity, carries the information. The new methodology allows for the creation of multiple-input-multiple-output processors that implement, by itself, any Boolean function, such as specialized or non-specialized microprocessors. Three all-optical architectures are presented: orthoparallel optical logic architecture for all known and unknown binary gates, singlebranch architecture for only XOR and XNOR gates, and the railroad (RR) architecture for polarization optical processors (POP). All the control inputs are applied simultaneously leading to a single time lag which leads to a very-fast and glitch-immune POP. A simple and easy-to-follow step-by-step algorithm is provided for the POP, and design reduction methodologies are briefly discussed. The algorithm lends itself systematically to software programming and computer-assisted design. As examples, designs of all binary gates, multiple-input gates, and sequential and non-sequential Boolean expressions are presented and discussed. The operation of each design is simply understood by a bullet train traveling at the speed of light on a railroad system preconditioned by the crossover states predetermined by the control inputs. The presented designs allow for optical processing of the information eliminating the need to convert it, back and forth, to an electronic signal for processing purposes. All gates with a truth table, including for example Fredkin, Toffoli, testable reversible logic, and threshold logic gates, can be designed and implemented using the railroad architecture. That includes any future gates not known today. Those designs and the quantum gates are not discussed in this paper.

Abstract: Reversible logic is gaining interest in the recent past due to its less heat dissipating characteristics. It has been proved that any Boolean function can be implemented using reversible gates. In this paper we propose a set of basic sequential elements that could be used for building large reversible sequential circuits leading to logic and garbage reduction by a factor of 2 to 6 when compared to existing reversible designs reported in the literature.

Abstract: Since the introduction of the notions of nonlinearity in the mid-70's (the term has been in fact introduced later), of correlation immunity and resiliency in the mid-80's, and of algebraic immunity recently, the problem of efficiently constructing Boolean functions satisfying, at high levels, one or several of these criteria has received much attention. Only few primary constructions are known, and secondary constructions are also necessary to obtain functions achieving or approaching the best possible cryptographic characteristics. After recalling the background on cryptographic criteria and making some general observations, we try to give a survey of all these constructions and their properties. We then show that a nice and simple property of Boolean functions leads to a general secondary construction building an n-variable function from three known n-variable functions. This construction generalizes secondary constructions recently obtained for Boolean bent functions and also leads to secondary constructions of highly nonlinear balanced or resilient functions, with potentially better algebraic immunities than the three functions used as building blocks.

Abstract: This paper focuses on the study of certain classes of Boolean functions that have appeared in several different contexts. Nested canalyzing functions have been studied recently in the context of Boolean network models of gene regulatory networks. In the same context, polynomial functions over finite fields have been used to develop network inference methods for gene regulatory networks. Finally, unate cascade functions have been studied in the design of logic circuits and binary decision diagrams. This paper shows that the class of nested canalyzing functions is equal to that of unate cascade functions. Furthermore, it provides a description of nested canalyzing functions as a certain type of Boolean polynomial function. Using the polynomial framework one can show that the class of nested canalyzing functions, or, equivalently, the class of unate cascade functions, forms an algebraic variety which makes their analysis amenable to the use of techniques from algebraic geometry and computational algebra. As a corollary of the functional equivalence derived here, a formula in the literature for the number of unate cascade functions provides such a formula for the number of nested canalyzing functions.

Abstract: Since the introduction of the notions of nonlinearity in the mid-70’s (the term has been in fact introduced later), of correlation immunity and resiliency in the mid-80’s, and of algebraic immunity recently, the problem of efficiently constructing Boolean functions satisfying, at high levels, one or several of these criteria has received much attention. Only few primary constructions are known, and secondary constructions are also necessary to obtain functions achieving or approaching the best possible cryptographic characteristics. After recalling the background on cryptographic criteria and making some general observations, we try to give a survey of all these constructions and their properties. We then show that a nice and simple property of Boolean functions leads to a general secondary construction building an n-variable function from three known n-variable functions. This construction generalizes secondary constructions recently obtained for Boolean bent functions and also leads to secondary constructions of highly nonlinear balanced or resilient functions, with potentially better algebraic immunities than the three functions used as building blocks.

Abstract: Grain [11] is a lightweight stream cipher proposed by M. Hell, T. Johansson, and W. Meier to the eSTREAM call for stream cipher proposals of the European project ECRYPT [5]. Its 160-bit internal state is divided into a LFSR and an NFSR of length 80 bits each. A filtering boolean function is used to derive each keystream bit from the internal state. By combining linear approximations of the feedback function of the NFSR and of the filtering function, it is possible to derive linear approximation equations involving the keystream and the LFSR initial state. We present a key recovery attack against Grain which requires 2 43 computations and 2 38 keystream bits to determine the 80-bit key.

Abstract: One of the most basic requirements concerning Boolean functions used in cryptosystems is that they must have high algebraic degrees. This simple criterion is not always well adapted to the concrete situation in which Boolean functions are used in symmetric cryptography, since changing one or several output bits of a Boolean function considerably changes its algebraic degree while it may not change its robustness. The proper characteristic is the r-th order nonlinearity profile (which includes the first-order nonlinearity). However, studying it is difficult and almost no paper, in the literature, has ever been able to give general effective results on it. The values of the nonlinearity profile are known for very few functions and these functions have little cryptographic interest. A recent paper has given a lower bound on the nonlinearity profile of functions, given their algebraic immunity. We improve upon it, and we deduce that it is enough, for a Boolean function, to have high algebraic immunity, for having non-weak low order nonlinearity profile (even when it cannot be evaluated), except maybe for the first order.

Abstract: Boolean matching is a powerful technique that has been used in technology mapping to overcome the limitations of structural pattern matching. The current basis for performing Boolean matching is the computation of a canonical form to represent functions that are equivalent under negation and permutation of inputs and outputs. In this paper, we first present a detailed analysis of previous techniques for Boolean matching. We then describe a novel combination of existing methods and new ideas that results in a matcher which is dramatically faster than previous work. We point out that the presented algorithm is equally relevant for detecting generalized functional symmetries, which has broad applications in logic optimization and verifi cation.

Abstract: Testing a processor in native mode by executing instructions from cache has been shown to be very effective in discovering defective chips. In previous work, we showed an efficient technique for generating instruction sequences targeting specific faults. We generated tests using traditional techniques at the module level and then mapped them to instruction sequences using novel methods. However, in that technique, the propagation of module test responses to primary outputs was not automated. In this paper, we present the algorithm and experimental results for a technique which automates the functional propagation of module level test responses. This technique models the propagation requirement as a Boolean difference problem and uses a bounded model checking engine to perform the instruction mapping. We use a register transfer level (RT-Level) abstraction which makes it possible to express Boolean difference as a succinct linear time logic (LTL) formula that can be passed to a bounded model checking engine. This technique fully automates the process of mapping module level test sequences to instruction sequences.

Abstract: We introduce two new complexity measures for Boolean functions, which we name sumPI and maxPI . The quantity sumPI has been emerging through a line of research on quantum query complexity lower bounds via the so-called quantum adversary method (Ambainis 2002, 2003; Barnum et al. 2003; Laplante & Magniez 2004; Zhang 2005), culminating in ?palek & Szegedy (2005) with the realization that these many different formulations are in fact equivalent. Given that sumPI turns out to be such a robust invariant of a function, we begin to investigate this quantity in its own right and see that it also has applications to classical complexity theory. As a surprising application we show that sumPI 2(f) is a lower bound on the formula size, and even, up to a constant multiplicative factor, the probabilistic formula size of f. We show that several formula size lower bounds in the literature, specifically Khrapchenko and its extensions (Khrapchenko 1971; Koutsoupias 1993), including a key lemma of Hastad (1998), are in fact special cases of our method. The second quantity we introduce, maxPI (f), is always at least as large as sumPI(f) , and is derived from sumPI in such a way that maxPI 2(f) remains a lower bound on formula size. Our main result is proven via a combinatorial lemma which relates the square of the spectral norm of a matrix to the squares of the spectral norms of its submatrices. The generality of this lemma implies that our methods can also be used to lower-bound the communication complexity of relations, and a related combinatorial quantity, the rectangle partition number. To exhibit the strengths and weaknesses of our methods, we look at the sumPI and maxPI complexity of a few examples, including the recursive majority of three function, a function defined by Ambainis (2003), and the collision problem.

Abstract: In this study, eight image tasks: connected component detection (CCD) with down, right, +45° and −45° directions, edge detection, shadow projection with left and right directions and point removal are analyzed. These tasks are solved using the binary input and binary output discrete-time cellular neural networks (DTCNNs) associated with suitable templates. Furthermore, the behavior of the DTCNNs can be realized using Boolean functions, and the corresponding equivalent logic circuits are derived. An 8 × 8 DTCNNs-based image-processing chip is implemented by the FPGA technology. A simulation of the chip developed for the CCD task is also presented.

Abstract: A frame definition for use by dialog system during an interaction with a user, the frame definition includes at least one data field and at least one goal comprising a Boolean function of one or more filled predicates, each of which takes a reference to a field of the frame as its argument. A goal is satisfied during a dialog if the Boolean function evaluates to true. A goal may be used to control the focus of the interaction.

Abstract: Randomly connecting networks have proven to be universal computing machines. By interconnecting a set of nodes in a random way one can model very complicated non-linear dynamic systems. Although random Boolean networks (RBN) use Boolean functions as their basic component, there are not hardware implementations of such systems. The absence of implementations is mainly due to the arbitrary connectionism exhibited by the network, and connection flexibility use to be very expensive in terms of hardware resources. In this paper we present an on-chip self-reconfigurable approach for providing a flexible connectionism at very low resource cost by partially reconfiguring Virtex II FPGAs