Showing 1–31 of 31 results for author: Aragona, R

A classification of module braces over the ring of $\mathbf{p}$-adic integers

Authors: Riccardo Aragona, Norberto Gavioli, Giuseppe Nozzi

Abstract: In this paper we study the $R$-braces $(M,+,\circ)$ such that $M\cdot M$ is cyclic, where $R$ is the ring of $p$-adic and $\cdot$ is the product of the radical $R$-algebra associated to $M$. In particular, we give a classification up to isomorphism in the torsion-free case and up to isoclinism in the torsion case. More precisely, the isomorphism classes and the isoclinism classes of such radical a… ▽ More In this paper we study the $R$-braces $(M,+,\circ)$ such that $M\cdot M$ is cyclic, where $R$ is the ring of $p$-adic and $\cdot$ is the product of the radical $R$-algebra associated to $M$. In particular, we give a classification up to isomorphism in the torsion-free case and up to isoclinism in the torsion case. More precisely, the isomorphism classes and the isoclinism classes of such radical algebras are in correspondence with particular equivalence classes of the bilinear forms defined starting from the products of the algebras. △ Less

Submitted 7 June, 2024; originally announced June 2024.

MSC Class: 16N20; 20N99; 20B35; 20K30; 15A63; 11E08

A classification of $\mathbb{F}_{p^k}$-braces using bilinear forms

Authors: Riccardo Aragona, Giuseppe Nozzi

Abstract: Let $\mathbb{F}_{p^k}$ be a finite field of odd characteristic $p$. In this paper we give a classification, up to isomorphism, of the associative commutative $\mathbb{F}_{p^k}$-algebras, starting from the connection with their bi-brace structure. Such classification is the generalization in odd characteristic of the result proved by Civino at al. in characteristic $2$. Let $\mathbb{F}_{p^k}$ be a finite field of odd characteristic $p$. In this paper we give a classification, up to isomorphism, of the associative commutative $\mathbb{F}_{p^k}$-algebras, starting from the connection with their bi-brace structure. Such classification is the generalization in odd characteristic of the result proved by Civino at al. in characteristic $2$. △ Less

Submitted 12 June, 2024; v1 submitted 13 March, 2024; originally announced March 2024.

MSC Class: 20N99; 20B35; 20K30; 16N20; 15A63; 11E08

A definitely periodic chain in the integral Lie ring of partitions

Authors: Riccardo Aragona, Roberto Civino, Norberto Gavioli

Abstract: Given an integer $n$, we introduce the integral Lie ring of partitions with bounded maximal part, whose elements are in one-to-one correspondence to integer partitions with parts in $\{1,2,\dots, n-1\}$. Starting from an abelian subring, we recursively define a chain of idealizers and we prove that the sequence of ranks of consecutive terms in the chain is definitely periodic. Moreover, we show th… ▽ More Given an integer $n$, we introduce the integral Lie ring of partitions with bounded maximal part, whose elements are in one-to-one correspondence to integer partitions with parts in $\{1,2,\dots, n-1\}$. Starting from an abelian subring, we recursively define a chain of idealizers and we prove that the sequence of ranks of consecutive terms in the chain is definitely periodic. Moreover, we show that its growth depends of the partial sum of the partial sum of the sequence counting the number of partitions. This work generalizes our previous recent work on the same topic, devoted to the modular case where partitions were allowed to have a bounded number of repetitions of parts in a ring of coefficients of positive characteristic. △ Less

Submitted 9 March, 2023; originally announced March 2023.

MSC Class: 17B70; 17B60; 20D20; 05A17

A modular idealizer chain and unrefinability of partitions with repeated parts

Authors: Riccardo Aragona, Roberto Civino, Norberto Gavioli

Abstract: Recently Aragona et al. have introduced a chain of normalizers in a Sylow 2-subgroup of Sym(2^n), starting from an elementary abelian regular subgroup. They have shown that the indices of consecutive groups in the chain depend on the number of partitions into distinct parts and have given a description, by means of rigid commutators, of the first n-2 terms in the chain. Moreover, they proved that… ▽ More Recently Aragona et al. have introduced a chain of normalizers in a Sylow 2-subgroup of Sym(2^n), starting from an elementary abelian regular subgroup. They have shown that the indices of consecutive groups in the chain depend on the number of partitions into distinct parts and have given a description, by means of rigid commutators, of the first n-2 terms in the chain. Moreover, they proved that the (n-1)-th term of the chain is described by means of rigid commutators corresponding to unrefinable partitions into distinct parts. Although the mentioned chain can be defined in a Sylow p-subgroup of Sym(p^n), for p > 2 computing the chain of normalizers becomes a challenging task, in the absence of a suitable notion of rigid commutators. This problem is addressed here from an alternative point of view. We propose a more general framework for the normalizer chain, defining a chain of idealizers in a Lie ring over Z_m whose elements are represented by integer partitions. We show how the corresponding idealizers are generated by subsets of partitions into at most m-1 parts and we conjecture that the idealizer chain grows as the normalizer chain in the symmetric group. As an evidence of this, we establish a correspondence between the two constructions in the case m=2. △ Less

Submitted 4 August, 2023; v1 submitted 16 January, 2023; originally announced January 2023.

MSC Class: 17B70; 17B60; 20D20; 05A17

The number of maximal unrefinable partitions

Authors: Riccardo Aragona, Lorenzo Campioni, Roberto Civino

Abstract: This paper completes the classification of maximal unrefinable partitions, extending a previous work of Aragona et al. devoted only to the case of triangular numbers. We show that the number of maximal unrefinable partitions of an integer coincides with the number of suitable partitions into distinct parts, depending on the distance from the successive triangular number. This paper completes the classification of maximal unrefinable partitions, extending a previous work of Aragona et al. devoted only to the case of triangular numbers. We show that the number of maximal unrefinable partitions of an integer coincides with the number of suitable partitions into distinct parts, depending on the distance from the successive triangular number. △ Less

Submitted 9 June, 2022; originally announced June 2022.

Verification and generation of unrefinable partitions

Authors: Riccardo Aragona, Lorenzo Campioni, Roberto Civino, Massimo Lauria

Abstract: Unrefinable partitions are a subset of partitions into distinct parts which satisfy an additional unrefinability property. More precisely, being an unrefinable partition means that none of the parts can be written as the sum of smaller integers without introducing a repetition. We address the algorithmic aspects of unrefinable partitions, such as testing whether a given partition is unrefinable or… ▽ More Unrefinable partitions are a subset of partitions into distinct parts which satisfy an additional unrefinability property. More precisely, being an unrefinable partition means that none of the parts can be written as the sum of smaller integers without introducing a repetition. We address the algorithmic aspects of unrefinable partitions, such as testing whether a given partition is unrefinable or not and enumerating all the partitions whose sum is a given integer. We design two algorithms to solve the two mentioned problems and we discuss their complexity. △ Less

Submitted 10 January, 2023; v1 submitted 30 December, 2021; originally announced December 2021.

MSC Class: 11P81; 05A17; 05A19

On the maximal part in unrefinable partitions of triangular numbers

Authors: Riccardo Aragona, Lorenzo Campioni, Roberto Civino, Massimo Lauria

Abstract: A partition into distinct parts is refinable if one of its parts $a$ can be replaced by two different integers which do not belong to the partition and whose sum is $a$, and it is unrefinable otherwise. Clearly, the condition of being unrefinable imposes on the partition a non-trivial limitation on the size of the largest part and on the possible distributions of the parts. We prove a… ▽ More A partition into distinct parts is refinable if one of its parts $a$ can be replaced by two different integers which do not belong to the partition and whose sum is $a$, and it is unrefinable otherwise. Clearly, the condition of being unrefinable imposes on the partition a non-trivial limitation on the size of the largest part and on the possible distributions of the parts. We prove a $O(n^{1/2})$-upper bound for the largest part in an unrefinable partition of $n$, and we call maximal those which reach the bound. We show a complete classification of maximal unrefinable partitions for triangular numbers, proving that if $n$ is even there exists only one maximal unrefinable partition of $n(n+1)/2$, and that if $n$ is odd the number of such partitions equals the number of partitions of $\lceil n/2\rceil$ into distinct parts. In the second case, an explicit bijection is provided. △ Less

Submitted 23 May, 2022; v1 submitted 22 November, 2021; originally announced November 2021.

MSC Class: 11P81; 05A17; 05A19

Unrefinable partitions into distinct parts in a normalizer chain

Authors: Riccardo Aragona, Roberto Civino, Norberto Gavioli, Carlo Maria Scoppola

Abstract: In a recent paper on a study of the Sylow 2-subgroups of the symmetric group with 2^n elements it has been show that the growth of the first (n-2) consecutive indices of a certain normalizer chain is linked to the sequence of partitions of integers into distinct parts. Unrefinable partitions into distinct parts are those in which no part x can be replaced with integers whose sum is x obtaining a n… ▽ More In a recent paper on a study of the Sylow 2-subgroups of the symmetric group with 2^n elements it has been show that the growth of the first (n-2) consecutive indices of a certain normalizer chain is linked to the sequence of partitions of integers into distinct parts. Unrefinable partitions into distinct parts are those in which no part x can be replaced with integers whose sum is x obtaining a new partition into distinct parts. We prove here that the (n-1)-th index of the previously mentioned chain is related to the number of unrefinable partitions into distinct parts satisfying a condition on the minimal excludant. △ Less

Submitted 9 July, 2021; originally announced July 2021.

MSC Class: 20B30; 20B35; 20D20; 11P81; 05A17

Journal ref: Discrete Mathematics Letters, 2022, 8, pp. 72-77

On the primitivity of the AES-128 key-schedule

Authors: Riccardo Aragona, Roberto Civino, Francesca Dalla Volta

Abstract: The key-scheduling algorithm in the AES is the component responsible for selecting from the master key the sequence of round keys to be xor-ed to the partially encrypted state at each iteration. We consider here the group $Γ$ generated by the action of the AES-128 key-scheduling operation, and we prove that the smallest group containing $Γ$ and all the translations of the message space is primitiv… ▽ More The key-scheduling algorithm in the AES is the component responsible for selecting from the master key the sequence of round keys to be xor-ed to the partially encrypted state at each iteration. We consider here the group $Γ$ generated by the action of the AES-128 key-scheduling operation, and we prove that the smallest group containing $Γ$ and all the translations of the message space is primitive. As a consequence, we obtain that no proper and non-trivial subspace can be invariant under its action. △ Less

Submitted 15 February, 2022; v1 submitted 10 March, 2021; originally announced March 2021.

MSC Class: 20B15; 20B35; 94A60

On the primitivity of Lai-Massey schemes

Authors: Riccardo Aragona, Roberto Civino

Abstract: In symmetric cryptography, the round functions used as building blocks for iterated block ciphers are often obtained as the composition of different layers providing confusion and diffusion. The study of the conditions on such layers which make the group generated by the round functions of a block cipher a primitive group has been addressed in the past years, both in the case of Substitution Permu… ▽ More In symmetric cryptography, the round functions used as building blocks for iterated block ciphers are often obtained as the composition of different layers providing confusion and diffusion. The study of the conditions on such layers which make the group generated by the round functions of a block cipher a primitive group has been addressed in the past years, both in the case of Substitution Permutation Networks and Feistel Networks, giving to block cipher designers the receipt to avoid the imprimitivity attack. In this paper a similar study is proposed on the subject of the Lai-Massey scheme, a framework which combines both Substitution Permutation Network and Feistel Network features. Its resistance to the imprimitivity attack is obtained as a consequence of a more general result in which the problem of proving the primitivity of the Lai-Massey scheme is reduced to the simpler one of proving the primitivity of the group generated by the round functions of a strictly related Substitution Permutation Network. △ Less

Submitted 3 November, 2020; originally announced November 2020.

MSC Class: 20B15; 20B35; 94A60

Journal ref: Mediterranean Journal of Mathematics, 2021, 18(4), 165

Rigid commutators and a normalizer chain

Authors: Riccardo Aragona, Roberto Civino, Norberto Gavioli, Carlo Maria Scoppola

Abstract: The novel notion of rigid commutators is introduced to determine the sequence of the logarithms of the indices of a certain normalizer chain in the Sylow 2-subgroup of the symmetric group on 2^n letters. The terms of this sequence are proved to be those of the partial sums of the partitions of an integer into at least two distinct parts, that relates to a famous Euler's partition theorem. The novel notion of rigid commutators is introduced to determine the sequence of the logarithms of the indices of a certain normalizer chain in the Sylow 2-subgroup of the symmetric group on 2^n letters. The terms of this sequence are proved to be those of the partial sums of the partitions of an integer into at least two distinct parts, that relates to a famous Euler's partition theorem. △ Less

Submitted 3 October, 2020; v1 submitted 23 September, 2020; originally announced September 2020.

MSC Class: 20B30; 20B35; 20D20; 11P81; 05A17

Journal ref: Monatshefte fur Mathematik, 2021, 196(3), pp. 431-455

A Chain of Normalizers in the Sylow $2$-subgroups of the symmetric group on $2^n$ letters

Authors: Riccardo Aragona, Roberto Civino, Norberto Gavioli, Carlo Maria Scoppola

Abstract: On the basis of an initial interest in symmetric cryptography, in the present work we study a chain of subgroups. Starting from a Sylow $2$-subgroup of AGL(2,n), each term of the chain is defined as the normalizer of the previous one in the symmetric group on $2^n$ letters. Partial results and computational experiments lead us to conjecture that, for large values of $n$, the index of a normalizer… ▽ More On the basis of an initial interest in symmetric cryptography, in the present work we study a chain of subgroups. Starting from a Sylow $2$-subgroup of AGL(2,n), each term of the chain is defined as the normalizer of the previous one in the symmetric group on $2^n$ letters. Partial results and computational experiments lead us to conjecture that, for large values of $n$, the index of a normalizer in the consecutive one does not depend on $n$. Indeed, there is a strong evidence that the sequence of the logarithms of such indices is the one of the partial sums of the numbers of partitions into at least two distinct parts. △ Less

Submitted 31 August, 2020; originally announced August 2020.

MSC Class: 20B30; 20B35; 20D20

Journal ref: Indian Journal of Pure and Applied Mathematics, 2021, 52(3), pp. 735-746

An Authenticated Key Scheme over Elliptic Curves for Topological Networks

Authors: Riccardo Aragona, Roberto Civino, Norberto Gavioli, Marco Pugliese

Abstract: Nodes of sensor networks may be resource-constrained devices, often having a limited lifetime, making sensor networks remarkably dynamic environments. Managing a cryptographic protocol on such setups may require a disproportionate effort when it comes to update the secret parameters of new nodes that enter the network in place of dismantled sensors. For this reason, the designers of schemes for se… ▽ More Nodes of sensor networks may be resource-constrained devices, often having a limited lifetime, making sensor networks remarkably dynamic environments. Managing a cryptographic protocol on such setups may require a disproportionate effort when it comes to update the secret parameters of new nodes that enter the network in place of dismantled sensors. For this reason, the designers of schemes for sensor network are always concerned with the need of scalable and adaptable solutions. In this work, we present a novel elliptic-curve based solution, derived from the previously released cryptographic protocol TAKS, which addresses this issue. We give a formal description of the scheme, built on a two-dimensional vector space over a prime field and over elliptic curves, where node topology is more relevant than node identity, allowing a dynamic handling of the network and reducing the cost of network updates. We also study some security concerns and their relation to the related discrete logarithm problem over elliptic curves. △ Less

Submitted 12 June, 2020; v1 submitted 3 June, 2020; originally announced June 2020.

MSC Class: 94A60; 94A62; 94C15

Some group-theoretical results on Feistel Networks in a long-key scenario

Authors: Riccardo Aragona, Marco Calderini, Roberto Civino

Abstract: The study of the trapdoors that can be hidden in a block cipher is and has always been a high-interest topic in symmetric cryptography. In this paper we focus on Feistel-network-like ciphers in a classical long-key scenario and we investigate some conditions which make such a construction immune to the partition-based attack introduced recently by Bannier et al. The study of the trapdoors that can be hidden in a block cipher is and has always been a high-interest topic in symmetric cryptography. In this paper we focus on Feistel-network-like ciphers in a classical long-key scenario and we investigate some conditions which make such a construction immune to the partition-based attack introduced recently by Bannier et al. △ Less

Submitted 5 May, 2020; v1 submitted 13 December, 2019; originally announced December 2019.

Comments: Accepted for publication in Advances in Mathematics of Communications

MSC Class: Primary: 94A60; 20B05; Secondary: 20B35

Journal ref: Advances in Mathematics of Communications, 2020, 14(4), pp. 727-743

Entropy and Compression: A simple proof of an inequality of Khinchin-Ornstein-Shields

Authors: Riccardo Aragona, Francesca Marzi, Filippo Mignosi, Matteo Spezialetti

Abstract: This paper concerns the folklore statement that ``entropy is a lower bound for compression''. More precisely we derive from the entropy theorem a simple proof of a pointwise inequality firstly stated by Ornstein and Shields and which is the almost-sure version of an average inequality firstly stated by Khinchin in 1953. We further give an elementary proof of original Khinchin inequality that can b… ▽ More This paper concerns the folklore statement that ``entropy is a lower bound for compression''. More precisely we derive from the entropy theorem a simple proof of a pointwise inequality firstly stated by Ornstein and Shields and which is the almost-sure version of an average inequality firstly stated by Khinchin in 1953. We further give an elementary proof of original Khinchin inequality that can be used as an exercise for Information Theory students and we conclude by giving historical and technical notes of such inequality. △ Less

Submitted 22 April, 2020; v1 submitted 10 July, 2019; originally announced July 2019.

Comments: Compared to version 1, in version 2 we added a simpler proof than the one given by Shields of a more general theorem (Theorem 4, pg. 7) presented by Ornstein and Shields. Consequently we also modified the title of the paper. In version 3 we have reordered the sections of the paper, simplified the proof of Theorem 4 (now Theorem 3) and significantly reduced the proof of Theorem 3 (now Theorem 4)

MSC Class: 94A15; 94A17

Journal ref: Problems of Information Transmission, Vo.l 56 No. 1, 2020. A view-only published version here: https://rdcu.be/b3Cco

Normal form in Hecke-Kiselman monoids associated with simple oriented graphs

Authors: Riccardo Aragona, Alessandro D'Andrea

Abstract: We generalize Kudryavtseva and Mazorchuk's concept of canonical form of elements in Kiselman's semigroups to the setting of a Hecke-Kiselman monoid $\mathbf{HK}_Γ$ associated with a simple oriented graph $Γ$. We use confluence properties to associate with each element in $\mathbf{HK}_Γ$ a normal form; normal forms are not unique, and we show that they can be obtained from each other by a sequence… ▽ More We generalize Kudryavtseva and Mazorchuk's concept of canonical form of elements in Kiselman's semigroups to the setting of a Hecke-Kiselman monoid $\mathbf{HK}_Γ$ associated with a simple oriented graph $Γ$. We use confluence properties to associate with each element in $\mathbf{HK}_Γ$ a normal form; normal forms are not unique, and we show that they can be obtained from each other by a sequence of elementary commutations. We finally describe a general procedure to recover a (unique) lexicographically minimal normal form. △ Less

Submitted 24 April, 2019; originally announced April 2019.

Journal ref: Algebra and Discrete Mathematics, 2020, 30(2), pp. 161-171

Regular subgroups with large intersection

Authors: Riccardo Aragona, Roberto Civino, Norberto Gavioli, Carlo Maria Scoppola

Abstract: In this paper we study the relationships between the elementary abelian regular subgroups and the Sylow $2$-subgroups of their normalisers in the symmetric group $\mathrm{Sym}(\mathbb{F}_2^n)$, in view of the interest that they have recently raised for their applications in symmetric cryptography. In this paper we study the relationships between the elementary abelian regular subgroups and the Sylow $2$-subgroups of their normalisers in the symmetric group $\mathrm{Sym}(\mathbb{F}_2^n)$, in view of the interest that they have recently raised for their applications in symmetric cryptography. △ Less

Submitted 30 November, 2018; v1 submitted 14 November, 2018; originally announced November 2018.

MSC Class: 20B35; 20D20; 94A60

Journal ref: Annali di Matematica Pura ed Applicata (1923 -), Vol. 198 No. 6, 2019

Type-Preserving Matrices and Security of Block Ciphers

Authors: Riccardo Aragona, Alessio Meneghetti

Abstract: We provide a new property, called Non-Type-Preserving, for a mixing layer which guarantees protection against algebraic attacks based on the imprimitivity of the group generated by the round functions. Our main result is to present necessary and sufficient conditions on the structure of the binary matrix associated to the mixing layer, so that it has this property. Then we show how several familie… ▽ More We provide a new property, called Non-Type-Preserving, for a mixing layer which guarantees protection against algebraic attacks based on the imprimitivity of the group generated by the round functions. Our main result is to present necessary and sufficient conditions on the structure of the binary matrix associated to the mixing layer, so that it has this property. Then we show how several families of linear maps are Non-Type-Preserving, including the mixing layers of AES, GOST and PRESENT. Finally we prove that the group generated by the round functions of an SPN cipher with addition modulo a power of 2 as key mixing function is primitive if its mixing layer satisfies this property. Moreover we generalise the definition of a GOST-like cipher using a Non-Type-Preserving matrix as mixing layer and we show, under the only assumption of invertibility of the S-Boxes, that the corresponding group is primitive. △ Less

Submitted 30 November, 2018; v1 submitted 2 March, 2018; originally announced March 2018.

MSC Class: 20B15; 20B35; 94A60

Journal ref: Advances in Mathematics of Communications, Vol. 13 No. 2, May 2019

Wave-Shaped Round Functions and Primitive Groups

Authors: Riccardo Aragona, Marco Calderini, Roberto Civino, Massimiliano Sala, Ilaria Zappatore

Abstract: Round functions used as building blocks for iterated block ciphers, both in the case of Substitution-Permutation Networks and Feistel Networks, are often obtained as the composition of different layers which provide confusion and diffusion, and key additions. The bijectivity of any encryption function, crucial in order to make the decryption possible, is guaranteed by the use of invertible layers… ▽ More Round functions used as building blocks for iterated block ciphers, both in the case of Substitution-Permutation Networks and Feistel Networks, are often obtained as the composition of different layers which provide confusion and diffusion, and key additions. The bijectivity of any encryption function, crucial in order to make the decryption possible, is guaranteed by the use of invertible layers or by the Feistel structure. In this work a new family of ciphers, called wave ciphers, is introduced. In wave ciphers, round functions feature wave functions, which are vectorial Boolean functions obtained as the composition of non-invertible layers, where the confusion layer enlarges the message which returns to its original size after the diffusion layer is applied. This is motivated by the fact that relaxing the requirement that all the layers are invertible allows to consider more functions which are optimal with regard to non-linearity. In particular it allows to consider injective APN S-boxes. In order to guarantee efficient decryption we propose to use wave functions in Feistel Networks. With regard to security, the immunity from some group-theoretical attacks is investigated. In particular, it is shown how to avoid that the group generated by the round functions acts imprimitively, which represent a serious flaw for the cipher. △ Less

Submitted 21 September, 2018; v1 submitted 29 August, 2017; originally announced August 2017.

MSC Class: 20B15; 20B35; 94A60

Journal ref: Advances in Mathematics of Communications, Vol. 13 No. 1, February 2019

On the primitivity of PRESENT and other lightweight ciphers

Authors: Riccardo Aragona, Marco Calderini, Antonio Tortora, Maria Tota

Abstract: We provide two sufficient conditions to guarantee that the round functions of a translation based cipher generate a primitive group. Furthermore, under the same hypotheses, and assuming that a round of the cipher is strongly proper and consists of m-bit S-Boxes, with m = 3; 4 or 5, we prove that such a group is the alternating group. As an immediate consequence, we deduce that the round functions… ▽ More We provide two sufficient conditions to guarantee that the round functions of a translation based cipher generate a primitive group. Furthermore, under the same hypotheses, and assuming that a round of the cipher is strongly proper and consists of m-bit S-Boxes, with m = 3; 4 or 5, we prove that such a group is the alternating group. As an immediate consequence, we deduce that the round functions of some lightweight translation based ciphers, such as the PRESENT cipher, generate the alternating group. △ Less

Submitted 8 June, 2017; v1 submitted 4 November, 2016; originally announced November 2016.

Comments: to appear on Journal of Algebra and its Applications

MSC Class: 20B15; 20B35; 94A60

Journal ref: Journal of Algebra and its Applications, Vol. 17, No. 6, 2018

Several Proofs of Security for a Tokenization Algorithm

Authors: Riccardo Longo, Massimiliano Sala, Riccardo Aragona

Abstract: In this paper we propose a tokenization algorithm of Reversible Hybrid type, as defined in PCI DSS guidelines for designing a tokenization solution, based on a block cipher with a secret key and (possibly public) additional input. We provide some formal proofs of security for it, which imply our algorithm satisfies the most significant security requirements described in PCI DSS tokenization guidel… ▽ More In this paper we propose a tokenization algorithm of Reversible Hybrid type, as defined in PCI DSS guidelines for designing a tokenization solution, based on a block cipher with a secret key and (possibly public) additional input. We provide some formal proofs of security for it, which imply our algorithm satisfies the most significant security requirements described in PCI DSS tokenization guidelines. Finally, we give an instantiation with concrete cryptographic primitives and fixed length of the PAN, and we analyze its efficiency and security. △ Less

Submitted 1 February, 2017; v1 submitted 1 September, 2016; originally announced September 2016.

Comments: to appear in Applicable Algebra in Engineering, Communication and Computing

MSC Class: 94A60

Journal ref: Applicable Algebra in Engineering, Communication and Computing, Vol. 28, No. 5, 2017

A proof of security for a key-policy RS-ABE scheme

Authors: Federico Giacon, Riccardo Aragona, Massimiliano Sala

Abstract: A revocable-storage attribute-based encryption (RS-ABE) scheme is an encryption scheme which extends attribute-based encryption by intro- ducing user revocation. A key-policy RS-ABE scheme links each key to an access structure. We propose a new key-policy RS-ABE scheme whose security we prove in term of indistinguishability under a chosen-plaintext attack (IND-CPA). A revocable-storage attribute-based encryption (RS-ABE) scheme is an encryption scheme which extends attribute-based encryption by intro- ducing user revocation. A key-policy RS-ABE scheme links each key to an access structure. We propose a new key-policy RS-ABE scheme whose security we prove in term of indistinguishability under a chosen-plaintext attack (IND-CPA). △ Less

Submitted 21 March, 2016; originally announced March 2016.

MSC Class: 11T71

Journal ref: JP Journal of Algebra, Number Theory and Applications, Vol. 40, No. 1, 2018

A note on an infeasible linearization of some block ciphers

Authors: Riccardo Aragona, Anna Rimoldi, Massimiliano Sala

Abstract: A block cipher can be easily broken if its encryption functions can be seen as linear maps on a small vector space. Even more so, if its round functions can be seen as linear maps on a small vector space. We show that this cannot happen for the AES. More precisely, we prove that if the AES round transformations can be embedded into a linear cipher acting on a vector space, then this space is huge-… ▽ More A block cipher can be easily broken if its encryption functions can be seen as linear maps on a small vector space. Even more so, if its round functions can be seen as linear maps on a small vector space. We show that this cannot happen for the AES. More precisely, we prove that if the AES round transformations can be embedded into a linear cipher acting on a vector space, then this space is huge-dimensional and so this embedding is infeasible in practice. We present two elementary proofs. △ Less

Submitted 2 February, 2017; v1 submitted 7 November, 2015; originally announced November 2015.

Comments: to appear in Journal of Discrete Mathematical Sciences and Cryptography. arXiv admin note: substantial text overlap with arXiv:1006.5894

MSC Class: 20B35; 94A60

Journal ref: Journal of Discrete Mathematical Sciences and Cryptography, Vol. 21, No. 1, 2018

The group generated by the round functions of a GOST-like cipher

Authors: R. Aragona, A. Caranti, M. Sala

Abstract: We define a cipher that is an extension of GOST, and study the permutation group generated by its round functions. We show that, under minimal assumptions on the components of the cipher, this group is the alternating group on the plaintext space. This we do by first showing that the group is primitive, and then applying the O'Nan-Scott classification of primitive groups. We define a cipher that is an extension of GOST, and study the permutation group generated by its round functions. We show that, under minimal assumptions on the components of the cipher, this group is the alternating group on the plaintext space. This we do by first showing that the group is primitive, and then applying the O'Nan-Scott classification of primitive groups. △ Less

Submitted 28 July, 2015; v1 submitted 13 July, 2015; originally announced July 2015.

Comments: 20 pages. Fixed mistake with parity of permutations, shortened argument in final section

MSC Class: 20B15; 20B35; 94A60

Journal ref: Annali di Matematica Pura e Applicata 196(1), 1-17 (2017)

The role of Boolean functions in hiding sums as trapdoors for some block ciphers

Authors: Riccardo Aragona, Marco Calderini, Massimiliano Sala

Abstract: Most modern block ciphers are built using components whose cryptographic strength is evaluated in terms of their resistance to attacks on the whole cipher. In particular, differential properties of vectorial Boolean functions are studied for the S-Boxes to thwart differential cryptanalysis. Little is known on similar properties to avoid trapdoors in the design of the block cipher. In this paper we… ▽ More Most modern block ciphers are built using components whose cryptographic strength is evaluated in terms of their resistance to attacks on the whole cipher. In particular, differential properties of vectorial Boolean functions are studied for the S-Boxes to thwart differential cryptanalysis. Little is known on similar properties to avoid trapdoors in the design of the block cipher. In this paper we present a form of trapdoors coming from alternative vector space structures, which we call hidden sums, and give a characterization on the Boolean function S-Box to avoid any such hidden sum. We also study some properties of this new class of vectorial Boolean functions, which we call anti-crooked, and provide a toy cipher with a hidden sum trapdoor. △ Less

Submitted 16 January, 2015; v1 submitted 27 November, 2014; originally announced November 2014.

On weak differential uniformity of vectorial Boolean functions as a cryptographic criterion

Authors: R. Aragona, M. Calderini, D. Maccauro, M. Sala

Abstract: We study the relation among some security parameters for vectorial Boolean functions which prevent attacks on the related block cipher. We focus our study on a recently-introduced security criterion, called weak differential uniformity, which prevents the existence of an undetectable trapdoor based on imprimitive group action. We present some properties of functions with low weak differential unif… ▽ More We study the relation among some security parameters for vectorial Boolean functions which prevent attacks on the related block cipher. We focus our study on a recently-introduced security criterion, called weak differential uniformity, which prevents the existence of an undetectable trapdoor based on imprimitive group action. We present some properties of functions with low weak differential uniformity, especially for the case of power functions and 4-bit S-Boxes. △ Less

Submitted 15 January, 2016; v1 submitted 31 March, 2014; originally announced March 2014.

Comments: to appear in Applicable Algebra in Engineering, Communication and Computing

Journal ref: AAECC 27 (5), 359-372 (2016)

On the group generated by the round functions of translation based ciphers over arbitrary finite fields

Authors: R. Aragona, A. Caranti, F. Dalla Volta, M. Sala

Abstract: We define a translation based cipher over an arbitrary finite field, and study the permutation group generated by the round functions of such a cipher. We show that under certain cryptographic assumptions this group is primitive. Moreover, a minor strengthening of our assumptions allows us to prove that such a group is the symmetric or the alternating group; this improves upon a previous result fo… ▽ More We define a translation based cipher over an arbitrary finite field, and study the permutation group generated by the round functions of such a cipher. We show that under certain cryptographic assumptions this group is primitive. Moreover, a minor strengthening of our assumptions allows us to prove that such a group is the symmetric or the alternating group; this improves upon a previous result for the case of characteristic two. △ Less

Submitted 22 July, 2013; v1 submitted 8 May, 2013; originally announced May 2013.

Comments: Extensive revision, including fixing a mistake concerning the blocks of imprimitivity

MSC Class: 20B15; 94A60

Journal ref: Finite Fields Appl. 25 (2014), 293-305

Hecke-Kiselman Monoids of Small Cardinality

Authors: Riccardo Aragona, Alessandro D'Andrea

Abstract: In this paper, we give a characterization of digraphs $Q, |Q|\leq 4$ such that the associated Hecke-Kiselman monoid $H_Q$ is finite. In general, a necessary condition for $H_Q$ to be a finite monoid is that $Q$ is acyclic and its Coxeter components are Dynkin diagram. We show, by constructing examples, that such conditions are not sufficient. In this paper, we give a characterization of digraphs $Q, |Q|\leq 4$ such that the associated Hecke-Kiselman monoid $H_Q$ is finite. In general, a necessary condition for $H_Q$ to be a finite monoid is that $Q$ is acyclic and its Coxeter components are Dynkin diagram. We show, by constructing examples, that such conditions are not sufficient. △ Less

Submitted 22 June, 2012; originally announced June 2012.

Journal ref: Semigroup Forum 86 (1), 32-40 (2013)

Semi-invariants of symmetric quivers of tame type

Authors: Riccardo Aragona

Abstract: A symmetric quiver $(Q,σ)$ is a finite quiver without oriented cycles $Q=(Q_0,Q_1)$ equipped with a contravariant involution $σ$ on $Q_0\sqcup Q_1$. The involution allows us to define a nondegenerate bilinear form $<,>$ on a representation $V$ of $Q$. We shall say that $V$ is orthogonal if $<,>$ is symmetric and symplectic if $<,>$ is skew-symmetric. Moreover, we define an action of products of cl… ▽ More A symmetric quiver $(Q,σ)$ is a finite quiver without oriented cycles $Q=(Q_0,Q_1)$ equipped with a contravariant involution $σ$ on $Q_0\sqcup Q_1$. The involution allows us to define a nondegenerate bilinear form $<,>$ on a representation $V$ of $Q$. We shall say that $V$ is orthogonal if $<,>$ is symmetric and symplectic if $<,>$ is skew-symmetric. Moreover, we define an action of products of classical groups on the space of orthogonal representations and on the space of symplectic representations. So we prove that if $(Q,σ)$ is a symmetric quiver of tame type then the rings of semi-invariants for this action are spanned by the semi-invariants of determinantal type $c^V$ and, when matrix defining $c^V$ is skew-symmetric, by the Pfaffians $pf^V$. To prove it, moreover, we describe the symplectic and orthogonal generic decomposition of a symmetric dimension vector. △ Less

Submitted 6 July, 2010; originally announced July 2010.

MSC Class: 16G30

Journal ref: Algebras and Representation Theory 15 (6), 1215-1260 (2012)

Semi-invariants of Symmetric Quivers

Authors: Riccardo Aragona

Abstract: This is my PhD thesis supervised by Professor Jerzy Weyman. A symmetric quiver $(Q,σ)$ is a finite quiver without oriented cycles $Q=(Q_0,Q_1)$ equipped with a contravariant involution $σ$ on $Q_0\sqcup Q_1$. The involution allows us to define a nondegenerate bilinear form $<,>$ on a representation $V$ of $Q$. We shall say that $V$ is orthogonal if $<,>$ is symmetric and symplectic if $<,>$ is ske… ▽ More This is my PhD thesis supervised by Professor Jerzy Weyman. A symmetric quiver $(Q,σ)$ is a finite quiver without oriented cycles $Q=(Q_0,Q_1)$ equipped with a contravariant involution $σ$ on $Q_0\sqcup Q_1$. The involution allows us to define a nondegenerate bilinear form $<,>$ on a representation $V$ of $Q$. We shall say that $V$ is orthogonal if $<,>$ is symmetric and symplectic if $<,>$ is skew-symmetric. Moreover we define an action of products of classical groups on the space of orthogonal representations and on the space of symplectic representations. So we prove that if $(Q,σ)$ is a symmetric quiver of finite type or of tame type then the rings of semi-invariants for this action are spanned by the semi-invariants of determinantal type $c^V$ and, in the case when matrix defining $c^V$ is skew-symmetric, by the Pfaffians $pf^V$. △ Less

Submitted 22 June, 2010; originally announced June 2010.

Semi-invariants of symmetric quivers of finite type

Authors: Riccardo Aragona

Abstract: Let $(Q,σ)$ be a symmetric quiver, where $Q=(Q_0,Q_1)$ is a finite quiver without oriented cycles and $σ$ is a contravariant involution on $Q_0\sqcup Q_1$. The involution allows us to define a nondegenerate bilinear form $<,>$ on a representation $V$ of $Q$. We shall call the representation orthogonal if $<,>$ is symmetric and symplectic if $<,>$ is skew-symmetric. Moreover we can define an acti… ▽ More Let $(Q,σ)$ be a symmetric quiver, where $Q=(Q_0,Q_1)$ is a finite quiver without oriented cycles and $σ$ is a contravariant involution on $Q_0\sqcup Q_1$. The involution allows us to define a nondegenerate bilinear form $<,>$ on a representation $V$ of $Q$. We shall call the representation orthogonal if $<,>$ is symmetric and symplectic if $<,>$ is skew-symmetric. Moreover we can define an action of products of classical groups on the space of orthogonal representations and on the space of symplectic representations. For symmetric quivers of finite type, we prove that the rings of semi-invariants for this action are spanned by the semi-invariants of determinantal type $c^V$ and, in the case when matrix defining $c^V$ is skew-symmetric, by the Pfaffians $pf^V$. △ Less

Submitted 21 October, 2009; v1 submitted 6 October, 2009; originally announced October 2009.

Journal ref: Algebras and Representation Theory 16 (4), pp 1051-1083 (2013)