无单调性集值变分不等式的一种投影算法

本文给出了求解无单调性集值变分不等式的一个新的投影算法,该算法所产生的迭代序列在Minty变分不等式解集非空且映射满足一定的连续性条件下收敛到解.对比文献[10]中的算法,本文中的算法使用了不同的线性搜索和半空间,在计算本文所引的两个数值例子时,该算法比文献[10]中的算法所需迭代步更少.     

环Z2l上广义Bent函数的稳定性

文献「４」为研究密钥流序列的线性复杂度稳定性和使一些流密码能抗ＢＡＡ（最佳仿射逼近）攻击,提出Ｂｅｎｔ函数稳定性概念,文献「７」研究了素域Ｚｐ上广义Ｂｅｎｔ函数的稳定性及其构造,并指出当ｍ是合数时,ｍ值广义Ｂｅｎｔ函数并不都有稳定性,本文进一步在环Ｚ２＾ｌ（ｌ〉１）上提出了广义Ｂｅｎｔ函数稳定性的概念,综合应用谱、概率和代数数论的方法考察了稳定的概率意义,给出了稳定函数的概率判别条件,提供了构造稳     

字典序地生成有序森林的一个算法

本文给出有序森林的一种序列表示法,并描述了一个字典序地生成具有n个顶点的所有有序森林的一个算法.它是[1]中算法的推广.§1 有序森林的序列表示法文献[1]给出了有序根树的一种序列表示法.本文利用[1]中的表示法给出有序森林的一种序列表示法及生成它们的算法.本文中未加说明的术语皆见[1].若F的每一个连通     

字典序地生成有序根树的一个算法

§1.引言由于树的生成在计算机科学中有着重要应用,近年来许多文章研究了树的生成,其中大多数文章是讨论2分树及 k 分树的生成.研究一般有序根树的文章尚少.文献[1]给出了有序根树的一个序列表示法,并描述了一个生成有序根树的算法.文献[2]及[3]讨论了生成2分树及 k 分树的算法.本文用0,1序列表示有序根树,并给出了一个字典序地生成具有 n 个顶点的所有有序根树的算法.本文的表示法及算法与文献[1]中所提方法不同.本算法亦可用来生成具有 n 个叶子的所有2分树.它比[2]中的算法更简单.本文中未加说明的术语皆见[1].     

计算周期三对角矩阵行列式和逆矩阵的新算法

给出了一种计算周期三对角矩阵行列式和逆矩阵的新递推算法,它们的运算复杂度分别为O(n)和O(n2),该算法是文献[5]和[6]中相关算法的拓广.     

关于广义“缩减生成器”的概率模型

本文建立了以2值密钥流“缩减生成器”为特例的广义“缩减生成器”的概率模型,研究了它们的输出序列的概率性质,特别得到了其输出序列和原输入序列之间的符合率的表达式,据此可从概率论的角度对此类生成器的性能和得失进行分析.     

二阶矩阵快速乘法的一个新的算法集合

文献[1]—[4]从不同角度研究了二阶矩阵快速乘的各种问题,所有算法分属于以S算法与W算法为基础的两个算法集合.本文作者深入研究了算法的结构和性质,通过计算机检索,得到一个不属于上述两集合的算法和相应的包含有1048576个算法的封闭的算法集合.     

一类相依两险种风险模型的分类破产概率

本文考虑文[1]中引入的一类索赔达到计数过程相关的两险种风险模型.利用更新方法,获得了该风险模型的分类破产概率的渐进结果,并给出了指数索赔情形下分类破产概率的表达式,从而改进了文[1]中的相关结果.     

关于遍历拟不变测度

本文主要运用文献[1]的想法,讨论了遍历拟不变测度相应的0—1律,和遍历测度乘积的遍历性,证明了拟线性泛函序列必定以概率1收敛或以概率1发散.文中所得结果特别适用于抽象Wiener过程情形.作为应用,我们推广了Gaussian测度的Landau-Shepp定理和L.Schwartz关于Gaussian柱概率σ-可加性准则.     

一类用迭代方法生成的分片线性谱序列

本文引入了空间L2[0,1]的一种具有指数形式的正交基,其中对应的指数序列称为谱序列.文章得出了一系列理论上的刻画,但主要贡献在于给出迭代解法以生成多节点分片线性谱序列,并且对分片常数谱序列进行了研究.另外,本文还给出在离散情形计算分解系数的快速算法,并估计了算法复杂度.     

Improved distinguishers for HC-128

HC-128 is an eSTREAM final portfolio stream cipher. Several authors have investigated its security and, in particular, distinguishing attacks have been considered. Still, no one has been able to provide a distinguisher stronger than the one presented by Wu in the original HC-128 paper. In this paper we first argue that the keystream requirement in Wu’s original attack is underestimated by a factor of almost 2⁸. Our revised analysis shows that the keystream complexity of Wu’s original attack is 2^160.471 32-bit keystream blocks. We then go on to investigate two new types of distinguishers on HC-128. One of them, a distinguisher counting the number of zeros in created blocks of bits, gives a biased distribution that requires 2^143.537 such constructed block samples (2^152.537 32-bit keystream blocks). For fairness, the same metric is used to compare our attack to Wu’s, and our improvement is significant compared to Wu’s original result. Furthermore, the vector-based methodology used is general and can be applied to any cryptographic primitive that reveals a suitable probability distribution.     

Joint compression and encryption using chaotically mutated Huffman trees

This paper introduces a new scheme for joint compression and encryption using the Huffman codec. A basic tree is first generated for a given message and then based on a keystream generated from a chaotic map and depending from the input message, the basic tree is mutated without changing the statistical model. Hence a symbol can be coded by more than one codeword having the same length. The security of the scheme is tested against the known plaintext attack and the brute force attack. Performance analysis including encryption/decryption speed, additional computational complexity and compression ratio are given.     

Improving algebraic attacks on stream ciphers based on linear feedback shift register over $$\mathbb {F}_{2^k}$$

In this paper we investigate univariate algebraic attacks on filter generators over extension fields \(\mathbb {F}_q=\mathbb {F}_{2^n}\) with focus on the Welch–Gong (WG) family of stream ciphers. Our main contribution is to reduce the general algebraic attack complexity on such cipher by proving new and lower bounds for the spectral immunity of such ciphers. The spectral immunity is the univariate analog of algebraic immunity and instead of measuring degree of multiples of a multivariate polynomial, it measures the minimum number of nonzero coefficients of a multiple of a univariate polynomial. In particular, there is an algebraic degeneracy in these constructions, which, when combined with attacks based on low-weight multiples over \(\mathbb {F}_q\), provides much more efficient attacks than over \(\mathbb {F}_2\). With negligible computational complexity, our best attack breaks the primitive WG-5 if given access to 4 kilobytes of keystream, break WG-7 if given access to 16 kilobytes of keystream and break WG-8 if given access to half a megabyte of keystream. Our best attack on WG-16 targeted at 4G-LTE is less practical, and requires \(2^{103}\) computational complexity and \(2^{61}\) bits of keystream. In all instances, we significantly lower both keystream and computational complexity in comparison to previous estimates. On a side note, we resolve an open problem regarding the rank of a type of equation systems used in algebraic attacks.     

Finite Subsequences of Shift Register Sequences

In a stream cipher a cryptogram is produced from a binary datastream by modulo-2-adding it to a keystream sequence. The securityof the system relies on the inability of an interceptor to determinethis keystream sequence. One obvious requirement for such asystem is that there should be sufficiently many possibilitiesfor the keystream sequence that the interceptor cannot possiblytry them all. In this paper we consider the likelihood of an interceptor beingable to decipher the cryptogram correctly even though he maybe trying the wrong keystream sequence. This possibility arisesbecause the length of any particular message is likely to beconsiderably shorter than the period of the keystream sequence,and thus only a comparatively small section of the keystreamsequence is used. Hence, if the interceptor tries a sequencewhich intersects (i.e. agrees) with the keystream sequence inthe appropriate positions, he will deduce the message correctly. A number of the standard methods for generating keystream sequencesuse shift registers as ‘building blocks’. So welook in considerable detail at the number of intersections (ofvarious lengths) for sequences generated by two different shiftregisters. We also show that if a keystream sequence has linearequivalence n, then the local linear equivalence of any subsequenceof length at least 2n is n. This means that if the message haslength at least 2n and the keystream sequence has linear equivalencen, then there is no other sequence of linear equivalence lessthan n+1 which can be used to decipher correctly.     

Correlation Analysis of the Alternating Step Generator

The alternating step generator is a well-known keystream generator consisting of two stop/go clocked LFSRs, LFSR₁ and LFSR₂, whose clocks are controlled by another LFSR, LFSR₃, which is clocked regularly. A probabilistic analysis of this generator is conducted which shows that the posterior probabilites of individual bits of the first derivatives of the regularly clocked LFSR₁ and LFSR₂ sequences, when conditioned on a given segment of the first derivative of the keystream sequence, can be computed efficiently in a number of probabilistic models of interest. The expected values of these probabilities, for a random keystream sequence, are derived by an approximate theoretical analysis and are also verified by systematic computer experiments. It is pointed out that these posterior probabilities can be enhanced in a resynchronization scenario and thus used for a low-complexity fast correlation attack on the two LFSRs. More generally, it is argued that even without resynchronization these probabilities may be significantly different from one half for fast correlation attacks based on iterative decoding algorithms to be successful, although with incresead complexity. A related method for computing the posterior probabilities of individual bits of the LFSR₃ sequence, when conditioned on both the keystream sequence and the LFSR₁ and LFSR₂ sequences, is also developed. As these posterior probabilities are much more different from one half, they can be used for a low-complexity fast correlation attack on LFSR₃, provided that the initial states of LFSR₁ and LFSR₂ are previously reconstructed.     

An efficient self-adaptive model for chaotic image encryption algorithm

In this paper, an efficient self-adaptive model for chaotic image encryption algorithm is proposed. With the help of the classical structure of permutation-diffusion and double simple two-dimensional chaotic systems, an efficient and fast encryption algorithm is designed. However, different from most of the existing methods which are found insecure upon chosen-plaintext or known-plaintext attack in the process of permutation or diffusion, the keystream generated in both operations of our method is dependent on the plain-image. Therefore, different plain-images will have different keystreams in both processes even just only a bit is changed in the plain-image. This design can solve the problem of fixed chaotic sequence produced by the same initial conditions but for different images. Moreover, the operation speed is high because complex mathematical methods, such as Runge–Kutta method, of solving the high-dimensional partial differential equations are avoided. Numerical experiments show that the proposed self-adaptive method can well resist against chosen-plaintext and known-plaintext attacks, and has high security and efficiency.     

Low-density attack revisited

The low-density attack proposed by Lagarias and Odlyzko is a powerful algorithm against the subset sum problem. The improvement algorithm due to Coster et al. would solve almost all the problems of density <0.9408... in the asymptotical sense. On the other hand, the subset sum problem itself is known as an NP-hard problem, and a lot of efforts have been paid to establish public-key cryptosystems based on the problem. In these cryptosystems, densities of the subset sum problems should be higher than 0.9408... in order to avoid the low-density attack. For example, the Chor-Rivest cryptosystem adopted subset sum problems with relatively high densities. In this paper, we further improve the low-density attack by incorporating an idea that integral lattice points can be covered with polynomially many spheres of shorter radius and of lower dimension. As a result, the success probability of our attack can be higher than that of Coster et al.’s attack for fixed dimensions. The density bound is also improved for fixed dimensions. Moreover, we numerically show that our improved low-density attack makes the success probability higher in case of low Hamming weight solution, such as the Chor-Rivest cryptosystem, if we assume SVP oracle calls.      

Probabilistic qualification of attack in abstract argumentation

An argument graph is a graph where each node denotes an argument, and each arc denotes an attack by one argument on another. It offers a valuable starting point for theoretical analysis of argumentation following the proposals by Dung. However, the definition of an argument graph does not take into account the belief in the attacks. In particular, when constructing an argument graph from informal arguments, where each argument is described in free text, it is often evident that there is uncertainty about whether some of the attacks hold. This might be because there is some expressed doubt that an attack holds or because there is some imprecision in the language used in the arguments. In this paper, we use the set of spanning subgraphs of an argument graph as a sample space. A spanning subgraph contains all the arguments, and a subset of the attacks, of the argument graph. We assign a probability value to each spanning subgraph such that the sum of the assignments is 1. This means we can reflect the uncertainty over which is the actual subgraph using this probability distribution. Using the probability distribution over subgraphs, we can then determine the probability that a set of arguments is admissible or an extension. We can also obtain the probability of an attack relationship in the original argument graph as a marginal distribution (i.e. it is the sum of the probability assigned to each subgraph containing that attack relationship). We investigate some of the features of this proposal, and we consider the utility of our framework for capturing some practical argumentation scenarios.     

Image encryption using chaotic coupled map lattices with time-varying delays

In this paper, a novel image encryption scheme using coupled map lattices (CML) with time delay is proposed. By employing discretized tent map to shuffle the positions of image pixels and then using delayed coupled map lattices (DCML) to confuse the relationship between the plain-image and the cipher-image, image encryption algorithms with permutation-diffusion structure are introduced in detail. In the process of generating keystream, the time-varying delay is also embedded in our proposed scheme to enhance the security. Theoretical analysis and computer experiments confirm that the new algorithm possesses high security for practical image encryption.