We develop a duality theory of locally recoverable codes (LRCs) and apply it to establish a series of new bounds on their parameters. We introduce and study a refined notion of weight distribution that captures the code's locality. Using a duality result analogous to a MacWilliams identity, we then derive an LP-type bound that improves on the best known bounds in several instances. Using a dual distance bound and the theory of generalized weights, we obtain non-existence results for optimal LRCs over small fields. In particular, we show that an optimal LRC must have both minimum distance and block length relatively small compared to the field size.

This paper builds a novel bridge between algebraic coding theory and mathematical knot theory, with applications in both directions. We give methods to construct error-correcting codes starting from the colorings of a knot, describing through a series of results how the properties of the knot translate into code parameters. We show that knots can be used to obtain error-correcting codes with prescribed parameters and an efficient decoding algorithm.

In this paper, we present a framework for generic decoding of convolutional codes, which allows us to do cryptanalysis of code-based systems that use convolutional codes as public keys. We then apply this framework to information set decoding, study success probabilities and give tools to choose variables. Finally, we use this to attack two cryptosystems based on convolutional codes. In the case of Bolkema et al. (Variations of the McEliece cryptosystem. In: Algebraic geometry for coding theory and cryptography: IPAM, Los Angeles, CA, Feb 2016. Springer, Cham, pp 129-150, 2017. https://doi.org/10.1007/978-3-319-63931-4_5), our code recovered about 74% of errors in less than 10 h each, and in the case of Almeida et al. (Smaller keys for code-based cryptography: McEliece cryptosystems with convolutional encoders. CoRR abs/2104.06809, 2021. arXiv: https://arxiv.org/abs/2104.06809v1), we give experimental evidence that 80% of the errors can be recovered in times corresponding to about 70 bits of operational security, with some instances being significantly lower.

We introduce a formal framework to study the multiple unicast problem for a coded network in which the network code is linear over a finite field and fixed. We show that the problem corresponds to an interference alignment problem over a finite field. In this context, we establish an outer bound for the achievable rate region and provide examples of networks where the bound is sharp. We finally give evidence of the crucial role played by the field characteristic in the problem.

The Boolean map defined by (where ) is used in various permutations that are part of cryptographic schemes, e.g., Keccak-f (the SHA-3-permutation), ASCON (the winner of the NIST Lightweight competition), Xoodoo, Rasta and Subterranean (2.0). In this paper, we study various algebraic properties of this map. We consider (through vectorial isomorphism) as a univariate polynomial. We show that it is a power function if and only if . We furthermore compute bounds on the sparsity and degree of these univariate polynomials, and the number of different univariate representations. Secondly, we compute the number of monomials of given degree in the inverse of (if it exists). This number coincides with binomial coefficients. Lastly, we consider as a polynomial map, to study whether the same rule ( ) gives a bijection on field extensions of . We show that this is not the case for extensions whose degree is divisible by two or three. Based on these results, we conjecture that this rule does not give a bijection on any extension field of .

For integers m and n, we study the problem of finding good lower bounds for the size of progression-free sets in (mathbb {Z}_{m}^{n},+). Let r_{k}(mathbb {Z}_{m}^{n}) denote the maximal size of a subset of mathbb {Z}_{m}^{n} without arithmetic progressions of length k and let P^{-}(m) denote the least prime factor of m. We construct explicit progression-free sets and obtain the following improved lower bounds for r_{k}(mathbb {Z}_{m}^{n}):If kge 5 is odd and P^{-}(m)ge (k+2)/2, then rk(Zmn)≫m,k⌊k-1k+1m+1⌋nn⌊k-1k+1m⌋/2.\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$$\\begin{aligned} r_k(\\mathbb {Z}_m^n) \\gg _{m,k} \\frac{\\bigl \\lfloor \\frac{k-1}{k+1}m +1\\bigr \\rfloor ^{n}}{n^{\\lfloor \\frac{k-1}{k+1}m \\rfloor /2}}. \\end{aligned}$$\\end{document}If kge 4 is even, P^{-}(m) ge k and m equiv -1 bmod k, then rk(Zmn)≫m,k⌊k-2km+2⌋nn⌊k-2km+1⌋/2.\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$$\\begin{aligned} r_{k}(\\mathbb {Z}_{m}^{n}) \\gg _{m,k} \\frac{\\bigl \\lfloor \\frac{k-2}{k}m + 2\\bigr \\rfloor ^{n}}{n^{\\lfloor \\frac{k-2}{k}m + 1\\rfloor /2}}. \\end{aligned}$$\\end{document} Moreover, we give some further improved lower bounds on r_k(mathbb {Z}_p^n) for primes p le 31 and progression lengths 4 le k le 8.

New constructions for moderate-density parity-check (MDPC) codes using finite geometry are proposed. We design a parity-check matrix for the main family of binary codes as the concatenation of two matrices: the incidence matrix between points and lines of the Desarguesian projective plane and the incidence matrix between points and ovals of a projective bundle. A projective bundle is a special collection of ovals which pairwise meet in a unique point. We determine the minimum distance and the dimension of these codes, and we show that they have a natural quasi-cyclic structure. We consider alternative constructions based on an incidence matrix of a Desarguesian projective plane and compare their error-correction performance with regards to a modification of Gallager’s bit-flipping decoding algorithm. In this setting, our codes have the best possible error-correction performance after one round of bit-flipping decoding given the parameters of the code’s parity-check matrix.

ARX algorithms are a class of symmetric-key algorithms constructed by Addition, Rotation, and XOR. To evaluate the resistance of an ARX cipher against differential and impossible-differential cryptanalysis, the recent automated methods employ constraint satisfaction solvers to search for optimal characteristics or impossible differentials. The main difficulty in formulating this search is finding the differential models of the non-linear operations. While an efficient bit-vector differential model was obtained for the modular addition with two variable inputs, no differential model for the modular addition by a constant has been proposed so far, preventing ARX ciphers including this operation from being evaluated with automated methods. In this paper, we present the first bit-vector differential model for the n-bit modular addition by a constant input. Our model contains O(log _2(n)) basic bit-vector constraints and describes the binary logarithm of the differential probability. We describe an SMT-based automated method that includes our model to search for differential characteristics of ARX ciphers including constant additions. We also introduce a new automated method for obtaining impossible differentials where we do not search over a small pre-defined set of differences, such as low-weight differences, but let the SMT solver search through the space of differences. Moreover, we implement both methods in our open-source tool ArxPy to find characteristics and impossible differentials of ARX ciphers with constant additions in a fully automated way. As some examples, we provide related-key impossible differentials and differential characteristics of TEA, XTEA, HIGHT, LEA, SHACAL-1, and SHACAL-2, which achieve better results compared to previous works.

Functional encryption for set intersection (FE-SI) in the multi-client environment is that each client i encrypts a set X_i associated with time T by using its own encryption key and uploads it to a cloud server, and then the cloud server which receives a function key of the client indexes i, j from a trusted center can compute the intersection X_i cap X_j of the two client ciphertexts. In this paper, we first newly define the concept of FE-SI suitable for the multi-client setting. Then, we propose an efficient FE-SI scheme in asymmetric bilinear groups and prove the static security of our scheme under newly introduced assumptions. In our FE-SI scheme, a ciphertext consists of O(ell ) group elements, a function key consists of a single group element, and the decryption algorithm has O(ell ^2) complexity where ell is the size of a set in the ciphertext. Next, we propose another FE-SI scheme with time-constrained keys that limits the ability of function keys to be valid only for a specified time period T, and proves the static security of our scheme. Finally, we prove that the two assumptions hold in the general group model to provide confidence in the two newly introduced assumptions.

In this paper, a construction of (n,k,delta ) LDPC convolutional codes over arbitrary finite fields, which generalizes the work of Robinson and Bernstein and the later work of Tong is provided. The sets of integers forming a (k, w)-(weak) difference triangle set are used as supports of some columns of the sliding parity-check matrix of an (n,k,delta ) convolutional code, where nin {mathbb {N}}, n>k. The parameters of the convolutional code are related to the parameters of the underlying difference triangle set. In particular, a relation between the free distance of the code and w is established as well as a relation between the degree of the code and the scope of the difference triangle set. Moreover, we show that some conditions on the weak difference triangle set ensure that the Tanner graph associated to the sliding parity-check matrix of the convolutional code is free from 2ell -cycles not satisfying the full rank condition over any finite field. Finally, we relax these conditions and provide a lower bound on the field size, depending on the parity of ell , that is sufficient to still avoid 2ell -cycles. This is important for improving the performance of a code and avoiding the presence of low-weight codewords and absorbing sets.