Synthesizing Shortest Linear Straight-Line Programs over GF(2) Using SAT
نویسندگان
چکیده
Abstract. Non-trivial linear straight-line programs over the Galois field of two elements occur frequently in applications such as encryption or high-performance computing. Finding the shortest linear straight-line program for a given set of linear forms is known to be MaxSNP-complete, i.e., there is no ǫ-approximation for the problem unless P = NP . This paper presents a non-approximative approach for finding the shortest linear straight-line program. In other words, we show how to search for a circuit of XOR gates with the minimal number of such gates. The approach is based on a reduction of the associated decision problem (“Is there a program of length k?”) to satisfiability of propositional logic. Using modern SAT solvers, optimal solutions to interesting problem instances can be obtained.
منابع مشابه
Algorithms for Solving Linear and Polynomial Systems of Equations over Finite Fields with Applications to Cryptanalysis
Title of dissertation: ALGORITHMS FOR SOLVING LINEAR AND POLYNOMIAL SYSTEMS OF EQUATIONS OVER FINITE FIELDS WITH APPLICATIONS TO CRYPTANALYSIS Gregory Bard Doctor of Philosophy, 2007 Dissertation directed by: Professor Lawrence C. Washington Department of Mathematics This dissertation contains algorithms for solving linear and polynomial systems of equations over GF(2). The objective is to prov...
متن کاملImproved upper bounds for the expected circuit complexity of dense systems of linear equations over GF(2)
Minimizing the Boolean circuit implementation of a given cryptographic function is an important issue. A number of papers [12], [13], [11], [5] only consider cancellation-free straight-line programs for producing short circuits over GF(2) while [4] does not. Boyar-Peralta (BP ) heuristic [4] yields a valuable tool for practical applications such as building fast software and low-power circuits ...
متن کاملOptimizing the AES S-Box using SAT
In this paper we describe the implementation of a technique for minimizing XOR circuits used in cryptographic algorithms. More precisely, we present our work from [4] for encoding this synthesis problem to SAT with a focus on the case study of optimizing an important component of the Advanced Encryption Standard (AES) [8]. In addition to these previously published contributions, we report on no...
متن کاملAlgebraic Cryptanalysis of SMS4: Gröbner Basis Attack and SAT Attack Compared
The SMS4 block cipher is part of the Chinese WAPI wireless standard. This paper describes the specification and offers a specification for a toy version called simplified SMS4 (S-SMS4). We explore algebraic attacks on SMS4 and S-SMS4 using Gröbner basis attacks on equation systems over GF(2) and GF(2), as well as attacks using a SAT solver derived from the GF(2) model. A comparison of SAT and G...
متن کاملOptimal Linear Codes Over GF(7) and GF(11) with Dimension 3
Let $n_q(k,d)$ denote the smallest value of $n$ for which there exists a linear $[n,k,d]$-code over the Galois field $GF(q)$. An $[n,k,d]$-code whose length is equal to $n_q(k,d)$ is called {em optimal}. In this paper we present some matrix generators for the family of optimal $[n,3,d]$ codes over $GF(7)$ and $GF(11)$. Most of our given codes in $GF(7)$ are non-isomorphic with the codes pre...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010