Home Research Teaching Other activities

Research areas and topics

Disciplines

Overview of my current and future research

Modern society is critically dependent on the ability to secure, store, and transmit large amounts of digital information at high speed. Satellite communications, on-demand media, portable storage, and mobile devices all rely on mathematical coding theory to ensure that content can be recovered perfectly, even in the presence of errors. Cryptography is likewise ubiquitous—every time we use the Internet or make a payment. Mathematics is at the core of these capabilities. New applications continually raise new problems in coding and cryptography; conversely, theoretical advances fuel new applications. My current and future research aims to provide such advances through the resolution of mathematical problems in coding theory and (symmetric) cryptography.

Two main directions in my current research

I am also interested in algorithmic aspects of these topics in the context of computer algebra.

Awards and Fellowships

Publications

HDR (Habilitation to Direct Research) in Mathematics

PhD thesis in Mathematics

    International journals (in reverse chronological order)

    (dans l’ordre chronologique inverse)
  1. S. Mesnager, R. Raja. On order ideals in orbit codes of finite Abelian groups: results and impacts. Discrete Mathematics, 349(2): 114727, 2026.
  2. R. Chen and S. Mesnager. On a class of permutation polynomials and their inverses. Journal Finite Fields and Their Applications. To appear
  3. C. Gan, C. Li, S. Mesnager, C. Xie, and H. Zhou. Improved lower bounds on the minimum distances of the dual codes of primitive narrow-sense BCH codes. Journal IEEE Transactions on Information Theory. To appear.
  4. H. Kim, S. Mesnager, and K. I. Pak. Montgomery curve arithmetic revisited. Journal of Cryptographic Engineering. To appear.
  5. S. Mesnager, R. Raja, and S. A. Wagay. On the computation of Seidel Laplacian eigenvalues for graph-based binary codes. Journal Discrete Mathematics. To appear.
  6. S. Eddahmani and S. Mesnager. $C$-Differential-Linear Connectivity Table of Vectorial Boolean Functions. Journal Entropy, Special Issue "Discrete Mathematics in Coding Theory". To appear.
  7. R. Chen and S. Mesnager. Characterizations of a class of planar functions over finite fields. Journal Finite Fields and Their Applications. À paraître.
  8. R. Chen and S. Mesnager. Permutation rational functions over quadratic extensions of finite fields. Journal Finite Fields and Their Applications. To appear.
  9. R. Chen and S. Mesnager. On a class of permutation rational functions involving trace maps. Journal Designs, Codes and Cryptography. To appear.
  10. Y. Li, H. Liu, and S. Mesnager. New constructions of constant dimension subspace codes with large sizes. Journal Designs, Codes and Cryptography. To appear.
  11. H. Yan, S. Mesnager, and X. Tan. On a class of APN power functions over odd characteristic finite fields: their differential spectrum and $c$-differential properties. Journal Discrete Mathematics. To appear.
  12. S. Mesnager and R. Raja. Orbit codes of finite Abelian groups and lattices. Journal Discrete Mathematics. To appear.
  13. C. Gan, C. Li, S. Mesnager, C. Xie, H. Zhou. Improved lower bounds on the minimum distances of the dual codes of primitive narrow-sense BCH codes. IEEE Transactions on Information Theory, 71(1): 330-347, 2025.
  14. Y. Li, H. Kan, S. Mesnager, J. Peng, L. Zheng. Direct approaches for generic constructions of plateaued functions and bent functions outside $\mathcal{M}^{\#}$. IEEE Transactions on Information Theory, 71(2): 1400-1418, 2025.
  15. A.-R. Adhikary, H. Zhang, Z. Zhou, Q. Wang, S. Mesnager. Quasi Complementary Sequence Sets: New Bounds and Optimal Constructions via Quasi-Florentine Rectangles. IEEE Transactions on Information Theory, 71(3): 2271-2291, 2025.
  16. S. Mesnager, H. Wu. On the differential and Walsh spectra of $x^{2q+1}$ over $\mathbb{F}_{q^2}$. Finite Fields and Their Applications, 103: 102576, 2025.
  17. S. Eddahmani, S. Mesnager. Determination of Cryptographic Tables and Properties related to the revised boomerang and its application to a Fundamental S-box. Cryptography and Communications (CCDS), 17(2): 465-492, 2025.
  18. V. Jarali, S. Mesnager, P. Poojary, V. Bhatta, G.R. On Generalisations of Differential Uniform Permutations over Finite Fields Based on 2-to-1 Mappings. Applicable Algebra in Engineering, Communication and Computing (AAECC), To appear, 2025.
  19. Y. Lu, S. Mesnager, N. Li, L. Wang, X. Zeng. A New Class of S-Boxes with Optimal Feistel Boomerang Uniformity. Cryptography and Communications (CCDS), 17(4): 999-1011, 2025.
  20. S. Mesnager, H. Wu. The Differential and Boomerang Properties of a Class of Binomials. IEEE Transactions on Information Theory, 71(6): 4854-4871, 2025.
  21. M. Maji, S. Mesnager, S. Sarkar, K. Hansda. Characterizations for minimal codes: graph theory approach and algebraic approach over finite chain rings. Designs, Codes and Cryptography, To appear, 2025.
  22. C. Xie, H. Chen, C. Li, S. Mesnager. Constructions of self-orthogonal linear codes and dual-containing BCH codes. IEEE Transactions on Information Theory, 71(7): 5049-5062, 2025.
  23. S. K. Debnath, S. Mukhopadhyay, D. Roy, S. Sarkar, S. Mesnager, T. Mohanty. Quantum-Secure Protocols for Privacy-Preserving Location. Journal of Optical Switching and Networking, To appear, 2025.
  24. S. Mesnager, A. Sınak. Further designs for self-orthogonal and LCD codes developed from functions over finite fields. Computational and Applied Mathematics (COAM), 44(7): 341, 2025.
  25. R. Chen, S. Mesnager. Permutation Polynomials of Finite Fields of Even Characteristic From Character Sums. Finite Fields and Their Applications, 108: 102684, 2025.
  26. S. Mesnager, M. Shi, H. Zhu. Study of cyclic codes from low differentially uniform functions and their consequences. Discrete Mathematics, 347(7): 114033, 2024.
  27. R. Chen, S. Mesnager. Characterizations of a Class of Planar Functions over Finite Fields. Finite Fields and Their Applications (FFA), 95: 102382, 2024.
  28. Y. Man, S. Mesnager, N. Li, X. Zeng, X. Tang. In-depth analysis of S-boxes over binary finite fields concerning their differential and Feistel boomerang differential uniformities. Discrete Mathematics, 347(12): 114185, 2024.
  29. D.-M. Xu, G. Wang, S. Mesnager, Y. Gao, F.-W. Fu. Jacobi sums over Galois rings of arbitrary characters and their applications in constructing asymptotically optimal codebooks. Designs, Codes and Cryptography, 92(4): 1051-1073, 2024.
  30. L. Xu, C. Fan, S. Mesnager, R. Luo, H. Yan. Subfield codes of several few-weight linear codes parameterized by functions and their consequences. IEEE Transactions on Information Theory, 70(6): 3941-3964, 2024.
  31. Y. Li, H. Liu, S. Mesnager. New constructions of constant dimension subspace codes with large sizes. Designs, Codes and Cryptography, 92(5): 1423-1437, 2024.
  32. R. Chen, S. Mesnager. On a class of permutation rational functions involving trace maps. Designs, Codes and Cryptography, 92(5): 1327-1339, 2024.
  33. H. Yan, S. Mesnager, X. Tan. On a class of APN power functions over odd characteristic finite fields: their differential spectrum and $c$-differential properties. Discrete Mathematics, 347(4): 113881, 2024.
  34. S. Mesnager, R. Raja. Orbit codes of finite Abelian groups and lattices. Discrete Mathematics, 347(5): 113900, 2024.
  35. R. Chen, S. Mesnager. Permutation rational functions over quadratic extensions of finite fields. Finite Fields and Their Applications (FFA), 95: 102365, 2024.
  36. S. Eddahmani, S. Mesnager. $C$-Differential-Linear Connectivity Table of Vectorial Boolean Functions. Entropy, 26(3): 188, 2024.
  37. S. Mesnager, R. Raja, S. A. Wagay. On the computation of Seidel Laplacian eigenvalues for graph-based binary codes. Discrete Mathematics, 347(7): 113986, 2024.
  38. R. Chen, S. Mesnager. On a class of permutation polynomials and their inverses. Finite Fields and Their Applications (FFA), 96: 102403, 2024.
  39. H. Kim, S. Mesnager, K. I. Pak. Montgomery curve arithmetic revisited. Journal of Cryptographic Engineering, 14(2): 343-362, 2024.
  40. S. Mesnager, A. Sınak. Minimal linear codes derived from weakly regular bent and plateaued functions. Journal of Algebra and its Applications, 23(7): 2550077, 2024.
  41. R. Chen, S. Mesnager. The Structure of Abelian Number Fields with Dirichlet Characters. Journal of Algebra and Its Applications, 23(10): 2450150, 2024.
  42. S. Dong, C. Li, S. Mesnager, H. Qian. On the squares of LCD cyclic codes and their complements: study of several families and analyzing their parameters. IEEE Transactions on Information Theory, 70(12): 8614-8627, 2024.
  43. S. Bhowmick, D. K. Dalai, S. Mesnager. On linear complementary pairs of algebraic geometry codes over finite fields. Discrete Mathematics, 347(12): 114193, 2024.
  44. R. Chen, S. Mesnager. Involutions of finite Abelian groups with explicit constructions on finite fields. Designs, Codes and Cryptography, To appear, 2024.
  45. S. Sarkar, V. Srivastava, T. Mohanty, S. K. Debnath, S. Mesnager. An Efficient Quantum Oblivious Transfer Protocol. Cluster Computing, 27(10): 14037-14048, 2024.
  46. Y. He, S. Mesnager, N. Li, L. Wang, and X. Zeng. Several classes of linear codes with few weights over finite fields. Journal Finite Fields and Their Applications, Volume 92, 102304, 2023.
  47. L. Xu, C. Fan, S. Mesnager, R. Luo and, H. Yan. Subfield codes of several few-weight linear codes parameterized by functions and their consequences. Journal IEEE Transactions Information Theory. A paraître.
  48. D-M. Xu, G.Wang, S.Mesnager, Y. Gaon and, F-W Fu. Jacobi sums over Galois rings of arbitrary characters and their applications in constructing asymptotically optimal codebooks. Journal Designs, Codes and Cryptography. A paraître.
  49. H. Yan, S. Mesnager and X. Tan. The complete differential spectrum of a class of power permutations over odd characteristic finite fields. Journal IEEE Transactions Information Theory, Volume 69, Issue 11, pages 7426-7438, 2023.
  50. S. Mesnager and A. Sinak. Minimal linear codes derived from weakly regular bent and plateaued functions. Journal of Algebra and its Applications. A paraître.
  51. B. Shen, Y. Yang, Z. Zhou, and S. Mesnager. Constructions of Spectrally Null Constrained Complete Complementary Codes Via the Graph of Extended Boolean Functions. Journal IEEE Transactions Information Theory, Vol. 69, No. 9, 2023.
  52. S. Mesnager, L. Qian, and X. Cao. Two families of few-weight codes over a finite chain ring. Journal of Discrete Mathematics, Vol. 346, Issue 7, 113464, 2023.
  53. R. Chen and S. Mesnager. The Structure of Abelian Number Fields with Dirichlet Characters. Journal of Algebra and Its Applications (JAA). A paraître.
  54. S. Mesnager and F. Ozbudak. Boomerang uniformity of power permutations and algebraic curves over $GF(2^{n})$. Journal Advances in Geometry.vol. 23, no. 1, pages 107-134, 2023.
  55. S. Dong, C. Li, S. Mesnager and, H. Qian Parameters of squares of primitive narrow-sense BCH codes and their complements. Journal IEEE Transactions Information Theory. Volume 69, Issue 8, pages 5017-5031, 2023.
  56. X. Du, W. Jin, and S. Mesnager. Several classes of new weakly regular bent functions outside RF, their duals and some related (minimal) codes with few weights. Journal Designs, Codes and Cryptography, 91(6), pages 2273-2307, 2023.
  57. R. Chen and S. Mesnager. Evaluation of Weil sums for some polynomials and associated quadratic forms. Journal Cryptography and Communications- Discrete Structures, Boolean Functions, and Sequences (CCDS), 15, pages 661-673, 2023.
  58. X. Xie, S. Mesnager, N. Li, D. He, and X. Zeng. On the Niho type locally-APN power functions and their boomerang spectrum. Journal of IEEE Transactions Information Theory, Volume: 69, Issue: 6, pages 4056-4064, 2023.
  59. S. K. Debnath, S. Mesnager, V. Srivastava, S. K. Pal, and N. Kundu. Mul-IBS: A Multivariate Identity-Based Signature Scheme Compatible with IoT-based NDN Architecture. Journal of Cryptographic Engineering, Springer, 13(2): pages 187-199, 2023.
  60. L. Xu, Z. Zhou, J. Zhang, and S. Mesnager. Optimal Quaternary $(r, delta)$-Locally Recoverable Codes: Their Structures and Complete Classification. Journal Designs, Codes and Cryptography 91, pages 149-1526, 2023.
  61. S. Mesnager, L. Qian, X. Cao, and M. Yuan. Several families of binary minimal linear codes from two-to-one functions. Journal of IEEE Transactions Information Theory, Vol 69, Issue 5, pages 3285-3301, 2023.
  62. K. H. Kim, S. Mesnager, and C. H. Kim. On the inverses and their Hamming weights of known APN, 4-differentially uniform and CPP exponents over $GF(2^n)$. Journal IEEE Transactions Information Theory}, Vol 69, Issue 5, pages 3316-3329, 2023.
  63. K. H. Kim, S. Mesnager, C. H. Kim, and M. C. Jo. Completely Characterizing a Class of Permutation Quadrinomials. Journal Finite Fields and Their Applications 87, pp. 102155, 2023.
  64. S. Mesnager, L. Qian, and X. Cao. Further projective binary linear codes derived from two-to-one functions and their duals. Journal Designs, Codes and Cryptography 91(3), pp. 719-746, 2023.
  65. S. Mesnager, M. Yuan, and D. Zheng. More about the corpus of involutions from two-to-one mappings and related cryptographic S-boxes}. Journal IEEE Transactions Information Theory 69, 2, 1315-1327, 2023.
  66. H. Zhang, C. Fan, Y. Yang, and S. Mesnager. New binary cross Z-complementary pairs with large CZC ratio. Journal IEEE Transactions Information Theory} 69(2), pages 1328-1336, 2023.
  67. K. H. Kim and S. Mesnager. Correction to ``Solving $X^{2^{3n}+2^{2n}+2^{n}-1}+(X+1)^{2^{3n}+2^{2n}+2^{n}-1}=b$ in $GF(2^{4n})$ and an alternative proof of a conjecture on the differential spectrum of the related monomial functions. Journal Finite Fields and their Applications (FFA), 87, 102148, 2023.
  68. S. Mesnager, M. Yuan, and D. Zheng. More about the corpus of involutions from two-to-one mappings and related cryptographic S-boxes. Journal IEEE Transactions Information Theory, 69, 2, 1557-9654, 2023.
  69. C. Carlet, P. Han, S. Mesnager, and C. Tang. Mobius Transformations and Characterizations of Hyper-Bent Functions from Dillon-like Exponents with Coefficients in Extension Fields. Special Issue ``Cryptography and coding theory (in honour (of the 60th anniversary) of Cunsheng Ding". Journal Advances in Mathematics of Communications, Volume 16, Issue 4, pp. 709-720, 2022.
  70. S. Eddahmani and S. Mesnager Explicit Values of the DDT, the BCT, the FBCT, and the FBDT of the Inverse, the Gold, and the Bracken-Leander S-boxes. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS), 14(6), pages 1301-1344, 2022.
  71. H. Zhang, C. Fan, Y. Yang, and S. Mesnager. New binary cross Z-complementary pairs with large CZC ratio. Journal Designs, Codes and Cryptography, 90(5), pages 1221-1239, 2022.
  72. P. Tan, C. Fan, S. Mesnager, and W. Guo. Linear codes from support designs of ternary cyclic codes. Journal Designs, Codes and Cryptography (DCC), 90(3), pages 681-693, 2022.
  73. S. Mesnager, S. Su, J. Li, and L. Zhu. Concrete constructions of weightwise perfectly balanced (2-rotation symmetric) functions with optimal algebraic immunity and high weightwise nonlinearity. Journal Cryptography and Communications- Discrete Structures, Boolean Functions, and Sequences (CCDS),14(6), pages 1371-1389, 2022.
  74. K.H. Kim and S. Mesnager. Solving $X^{2^{3n}+2^{2n}+2^{n}-1}+(X+1)^{2^{3n}+2^{2n}+2^{n}-1}=b$ in $GF({2^{4n}})$ and an alternative proof of a conjecture on the differential spectrum of the related monomial functions. Journal Finite Fields and their Applications (FFA)}, 83, 102086, 2022.
  75. K.H. Kim, S. Mesnager, J.H. Choe, D.N. Lee, S. Lee, and M.C. Jo On permutation quadrinomials with boomerang uniformity $4$ and the best-known nonlinearity. Journal Designs, Codes and Cryptography (DCC), 90(6), pages 1437-1461, 2022.
  76. R. Chen and S. Mesnager. A function field approach toward good polynomials for further results on optimal LRC codes. Journal Finite Fields and their Applications (FFA), 81, 102028, 2022.
  77. Z. Lu, S. Mesnager, T. Cui, Y. Fan, and M. Wang. An STP-based model toward designing S-boxes with good cryptographic properties. Journal Designs, Codes and Cryptography, Vol. 90, pages 1179-1202, 2022.
  78. H. Zhang, C. Fan, and S. Mesnager. Constructions of Two-Dimensional Z-Complementary Array Pairs With Large ZCZ Ratio. Journal Designs, Codes and Cryptography, Vol. 90, pages 1221-1239, 2022.
  79. S. Mesnager, B. Mandal, and M. Msahli. Survey on recent trends towards generalized differential and boomerang uniformities. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS), Vol. 14, pages 691-735, 2022.
  80. H. Liang, S. Mesnager, and M. Wang. Cryptanalysis of the AEAD and hash algorithm DryGASCON. Journal Cryptography and Communications-Discrete Structures, Boolean Functions and Sequences (CCDS), Vol. 14, pages 597-625, 2022.
  81. Q. Liu, C. Ding, S. Mesnager, C. Tang, and V. D. Tonchev. On infinite families of Narrow-Sense Antiprimitive BCH Codes Admitting $3$-Transitive Automorphism Groups and their Consequences. Journal IEEE Transactions Information Theory, 68 (5), pages 3096-3107, 2022.
  82. M. Maji, S. Mesnager, S. Sarkar, and K. Hansda. On one-dimensional linear minimal codes over finite (commutative) rings}. Journal IEEE Transactions Information Theory, 68 (5), pages 2990-2998, 2022.
  83. P. Tan, C. Fan, S. Mesnager, and W. Guo. Linear codes from support designs of ternary cyclic codes}. Journal Design, Codes, and Cryptography, 90(3), pages 681-693, 2022.
  84. Y. Li, H. Kan, S. Mesnager, J. Peng, C-H. Tan, and L. Zheng. Generic constructions of (Boolean and vectorial) bent functions and their consequences. Journal IEEE Transactions Information Theory, 68(4), pages 2735-2751, 2022.
  85. Z. Gu, Z. Zhou, S. Mesnager, and U. Parampalli. A new family of polyphase sequences with low correlation}. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS)}, Volume 14, pages 135-144, 2022.
  86. S. Mesnager and A. Oblaukhov. Classification of the codewords of weights $16$ and $18$ of the Reed-Muller code $RM(n-3,n)$}. Journal IEEE Transactions Information Theory, Volume: 68, Issue 2, pages 940-952, 2022.
  88. K. H. Kim, S . Mesnager, J. H. Choe, and D. N. Lee. Preimages of $p-$Linearized Polynomials over $GF(p)$. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS)}, Volume 14, pages 75-86, 2022.
  89. P. Li, C. Fan, S. Mesnager, Y. Yang, and Z. Zhou. Constructions of Optimal Uniform Wide-gap Frequency-hopping Sequences. Journal IEEE Transactions Information Theory, Volume 68, Issue 1, Jan, pages 692-700, 2022.
  90. T. Yu, M. Yang, S. Mesnager, and Y. Yang. Constructions of Z-Optimal Type-II Quadriphase Z-Complementary Pairs}. Journal Discrete Mathematics, Volume 345, Issue 2, 112685, 2022.
  91. Investigation for 8-bit SKINNY-like S-boxes, analysis and applications. Y. Fan, S. Mesnager, W. Wang, Y. Li, T. Cui et M. Wang. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS), Volume 13, pages 617--636, 2021.
    Abstract :
    Nowadays, ciphers have been widely used in high-end platforms, resource-constrained, and side-channel attacks in vulnerable environments. This motivates various S-boxes aimed at providing a good trade-off between security and efficiency. For small S-boxes, the most natural approach to constructing such S-boxes is a comprehensive search in the space of permutations, which inevitably becomes more challenging when the size grows. For large S-boxes (e.g., 8-bit), previous works concentrated on creations from finite fields or smaller ones (e.g., 4-bit). This paper proposes a new algorithm with a layered structure to search for 8-bit {\SKINNY}-like S-boxes. We compare our new S-box with the original 8-bit {\SKINNY} S-box by analyzing its security properties. Besides, due to our searching algorithm's rules and constraints, {\SKINNY}-like S-boxes have other features of lightweight implementation, low multiplicative complexity, low AND depth, and an effective inverse. Eventually, the searching algorithm outputs $224\,000$ 8-bit {\SKINNY}-like S-boxes. The cipher designers can use these new S-boxes to construct lightweight block ciphers with easy-to-mask properties and efficient implementation performance.
  92. On constructions of weightwise perfectly balanced Boolean functions. S. Mesnager et S. Su. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS). Volume 13, pages 951--979, 2021.
    Abstract :
    The recent FLIP cipher is an encryption scheme described by M\'eaux et al. at the conference EUROCRYPT 2016. It is based on a new stream cipher model called the filter permutator and tries to minimize some parameters (including the multiplicative depth). In the filter permutator, the input to the Boolean function has constant Hamming weight equal to the weight of the secret key. As a consequence, Boolean functions satisfying good cryptographic criteria when restricted to the set of vectors with constant Hamming weight play an important role in the FLIP stream cipher. Carlet et al. have shown that for Boolean functions with restricted input, balancedness and nonlinearity parameters continue to play an important role with respect to the corresponding attacks on the framework of FLIP ciphers. In particular, Boolean functions which are uniformly distributed over $\F_2$ on $E_{n,k}=\{x\in\F_2^n\mid \mathrm{wt}(x)=k\}$ for every integer $k$ from $1$ to $n-1$ are called weightwise perfectly balanced (WPB) functions, where $\mathrm{wt}(x)$ denotes the Hamming weight of $x$. In this paper, we firstly propose two methods of constructing weightwise perfectly balanced Boolean functions in $2^k$ variables (where $k$ is a positive integer) by modifying the support of linear and quadratic functions. Furthermore, we derive a construction of $n$-variable weightwise almost perfectly balanced Boolean functions for any positive integer $n$.
  93. Information Leakages in Code-based Masking: A Unified Quantification Approach. W. Cheng, S. Guilley, C. Carlet, J-L Danger, et S. Mesnager. The Transactions on Cryptographic Hardware and Embedded Sytems, volume 2021, issue 3 (TCHES 2021, issue 3), 2021.
    Abstract :
    In this paper, we present a unified approach to quantifying the information leakages in the most general code-based masking schemes. Specifically, by utilizing a uniform representation, we highlight first that the side-channel resistance of all code-based masking schemes can be quantified by an all-in-one framework consisting of two easy-to-compute parameters (the dual distance and the number of conditioned codewords) from a coding-theoretic perspective. In particular, we use a signal-to-noise ratio (SNR) and mutual information (MI) as two complementary metrics, where a closed-form expression of SNR and an approximation of MI is proposed by connecting both metrics to the two coding-theoretic parameters. Second, taking the connection between Reed-Solomon code and SSS (Shamir’s Secret Sharing) the scheme, the SSS-based masking is viewed as a special case of generalized code-based masking. Hence as a straightforward application, we evaluate the impact of public points on the side-channel security of SSS-based masking schemes, namely polynomial masking, and enhance the SSS-based masking by choosing optimal public points for it. Interestingly, we show that given a specific security order, more shares in SSS-based masking leak more information on secrets in an information-theoretic sense. Finally, our approach provides a systematic method for optimizing the side-channel resistance of every code-based masking. More precisely, this approach enables us to select optimal linear codes (parameters) for the generalized code-based masking by choosing appropriate codes according to the two coding-theoretic parameters. Summing up, we provide a best-practice guideline for the application of code-based masking to protect cryptographic implementations.
  94. More permutations and involutions for constructing bent functions. Y. Li, K. Li, S. Mesnager et L. Qu. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS), Volume 13 (3), pages 459--473, 2021.
    Abstract :
    Bent functions are extremal combinatorial objects with several applications, such as coding theory, the maximum length sequences, cryptography, the theory of difference sets, etc. Based on C. Carlet's secondary construction, S. Mesnager proposed in 2014 an effective method to construct bent functions in their bivariate representation by employing three permutations of the finite field $\F_{2^m}$ satisfying an algebraic property $(\mathcal{A}_{m})$. This paper is devoted to constructing permutations that satisfy the property $(\mathcal{A}_{m})$ and then obtaining some explicit bent functions. Firstly, we construct one class of involutions from vectorial functions and further obtain some explicit bent functions by choosing some triples of these involutions satisfying the property $(\mathcal{A}_{m})$. We then investigate some bent functions by involutions from trace functions and linearized polynomials. Furthermore, based on several triples of permutations (not all involutions) that satisfy the property $(\mathcal{A}_{m})$ constructed by D. Bartoli et al., we give some more general results and extend most of their work. Then we also find several general triples of permutations that can also satisfy the property $(\mathcal{A}_{m})$.
  95. Fast algebraic immunity of Boolean functions and LCD codes. S. Mesnager et C. Tang. Journal IEEE transactions Information Theory, Volume 67 (7), pages 4828--4837, 2021.
    Abstract :
    Nowadays, the resistance against algebraic attacks and fast algebraic attacks is considered as an important cryptographic property for Boolean functions used in stream ciphers. Both attacks are very powerful analysis concepts and can be applied to symmetric cryptographic algorithms used in stream ciphers. The notion of algebraic immunity has received wide attention since it is a powerful tool to measure the resistance of a Boolean function to standard algebraic attacks. Nevertheless, an algebraic tool to handle the resistance to fast algebraic attacks is not clearly identified in the literature. In the current paper, we propose a new parameter to measure the resistance of a Boolean function to fast algebraic attack. We also introduce the notion of fast immunity profile and show that it informs both on the resistance to standard and fast algebraic attacks. Further, we evaluate our parameter for two secondary constructions of Boolean functions. Moreover, A coding-theory approach to the characterization of perfect algebraic immune functions is presented. Via this characterization, infinite families of binary linear complementary dual codes (or LCD codes for short) are obtained from perfect algebraic immune functions. Some of the binary LCD codes presented in this paper are optimal. These binary LCD codes have applications in armoring implementations against so-called side-channel attacks (SCA) and fault non-invasive attacks, in addition to their applications in communication and data storage systems.
  96. Post-Quantum Secure Inner Product Functional Encryption Using Multivariate Public Key Cryptography. S. K. Debnath, S. Mesnager, K. Dey et N. Kundu. Journal Mediterranean Journal of Mathematics. Volume 18, 2021.
    Abstract :
    Functional encryption (FE) is an exciting new public key paradigm that provides solutions to most of the security challenges of cloud computing in a non-interactive manner. In the context of FE, inner product functional encryption (IPFE) is a widely useful cryptographic primitive. It enables a user with secret key $usk_\mathbf{y}$ associated to a vector $\mathbf{y}$ to retrieve only $\langle\mathbf{x},\mathbf{y}\rangle$ from a ciphertext encrypting a vector $\mathbf{x}$, not beyond that. In the last few decades, several constructions of IPFE have been designed based on traditional classical cryptosystems, which are vulnerable to large enough quantum computers. However, there are few quantum computer resistants i.e., post-quantum IPFE. Multivariate cryptography is one of the promising candidates of post-quantum cryptography. In this paper, we propose for the {\em first-time multivariate cryptography-based} IPFE. Our work achieves non-adaptive simulation-based security under the hardness of the MQ problem.
  97. Cyclic bent functions and their applications in sequences. K. Abdukhalikov, C. Ding, S. Mesnager, C. Tang, et M. Xiong. Journal IEEE Transactions Information Theory, Volume 67 (6), pages 3473--3485, 2021.
    Abstract :
    Let $m$ be an even positive integer. A Boolean bent function $f$ on $\GF{m-1} \times \GF {}$ is called a \emph{cyclic bent function} if for any $a\neq b\in \GF {m-1}$ and $\epsilon \in \GF{}$, $f(ax_1,x_2)+f(bx_1,x_2+\epsilon)$ is always bent, where $x_1\in \GF {m-1}, x_2 \in \GF {}$. Cyclic bent functions look extremely rare. This paper focuses on cyclic bent functions on $\GF {m-1} \times \GF {}$ and their applications. The first objective of this paper is to establish a link between quadratic cyclic bent functions and a special type of prequasifields and construct a class of quadratic cyclic bent functions from the Kantor-Williams prequasifields. The second objective is to use cyclic bent functions to construct families of optimal sequences. The results of this paper show that cyclic bent functions have nice applications in several fields, such as coding theory, symmetric cryptography, and CDMA communication.
  98. Solving $X^{q+1}+X+a=0$ over Finite Fields. K. H. Kim, J. Choe et S. Mesnager. Journal Finite Fields and Their Applications, Volume 70, 2021.
    Abstract :
    Solving the equation $P_a(X):=X^{q+1}+X+a=0$ over the finite field $\GF{Q}$, where $Q=p^n, q=p^k$ and $p$ is a prime, arises in many different contexts, including finite geometry, the inverse Galois problem [2], the construction of difference sets with Singer parameters [8], determining cross-correlation between m-sequences [9,15] and the construction of error-correcting codes [5], as well as speeding up the index calculus method for computing discrete logarithms on finite fields [11, 12] and on algebraic curves [18]. Subsequently, in [3, 13, 14, 6, 4, 16, 7, 19], the $\GF{Q}$-zeros of $P_a(X)$ have been studied. It was shown in [3] that their number is $0$, $1$, $2$ or $p^{\gcd(n, k)}+1$. Some criteria for the number of the $\GF{Q}$-zeros of $P_a(x)$ were found in [13,14,6,16,19]. However, while the ultimate goal is to identify all the $\GF{Q}$-zeros, even in the case $p=2$, it was solved only under the condition $\gcd(n, k)=1$ [16]. We discuss this equation without any restriction on p and gcd(n,k). Criteria for the number of the FQ-zeros of Pa(x) are proved by a new methodology. For the cases of one or two FQ-zeros, we provide explicit expressions for these rational zeros in terms of a. For the case of pgcd(n,k) +1 rational zeros, we provide a parametrization of such a’s and express the pgcd(n,k) + 1 rational zeros by using that parametrization.
  99. Further study of $2$-to-$1$ mappings over $F_{2^n}$. K. Li, S. Mesnager et L. Qu. Journal IEEE Transactions Information Theory, Volume 67 (6), pages 3486--3496, 2021.
    Abstract :
    $2$-to-$1$ mappings over finite fields play an important role in symmetric cryptography, in particular in the constructions of APN functions, bent functions, semi-bent functions. Very recently, Mesnager and Qu [IEEE Trans. Inf. Theory 65 (12): 7884-7895] provided a systematic study of $2$-to-$1$ mappings over finite fields. In particular, they determined all $2$-to-$1$ mappings of degree at most 4 over any finite field. In addition, another research direction is to consider $2$-to-$1$ polynomials with few terms. Some results about $2$-to-$1$ monomials and binomials have been obtained in [IEEE Trans. Inf. Theory 65 (12): 7884-7895]. Motivated by their work, in this present paper, we push further the study of $2$-to-$1$ mappings, particularly over finite fields with characteristic $2$ (binary case being the most interesting for applications). Firstly, we completely determine $2$-to-$1$ polynomials with degree $5$ over $\gf_{2^n}$ using the well known Hasse-Weil bound. Besides, we consider $2$-to-$1$ mappings with few terms, mainly trinomials and quadrinomials. Using the multivariate method and the resultant of two polynomials, we present two classes of $2$-to-$1$ trinomials, which explain all the examples of $2$-to-$1$ trinomials of the form $x^k+\beta x^{\ell} + \alpha x\in\gf_{{2^n}}[x]$ with $n\le 7$, and derive twelve classes of $2$-to-$1$ quadrinomials with trivial coefficients over $\gf_{2^n}$.
  100. A direct proof of APN-ness of the Kasami functions. C. Carlet, K. H. Kim et S. Mesnager. Journal Design Codes and Cryptography, 89(3), pages 441-446, 2021.
    Abstract :
    Using recent results on solving the equation $X^{2^k+1}+X+a=0$ over a finite field $\GF{2^n}$ provided by the second and the third authors, we address an open question raised by the first author in WAIFI 2014 concerning the APN-ness of the Kasami functions $x\mapsto x^{2^{2k}-2^k+1}$ with $\gcd(k,n)=1$.
  101. A construction method of balanced rotation symmetric Boolean functions on arbitrary even number of variables with optimal algebraic immunity., S. Mesnager, S. Su et H. Zhang. Journal Design Codes and Cryptography, 89(1), pp. 1-17, 2021.
    Abstract :
    Rotation symmetric Boolean functions incorporate a super-class of symmetric functions which represent an attractive corpus for computer investigation. These functions have been investigated from the viewpoints of bentness and correlation immunity and have also played a role in the study of nonlinearity. In the literature, many constructions of balanced odd-variable rotation symmetric Boolean functions with optimal algebraic immunity have been derived. While the construction of balanced even-variable rotation symmetric Boolean functions with optimal algebraic immunity is very hard work to break through. In this paper, we present for the first time a construction of balanced rotation symmetric Boolean functions on an arbitrary even number of variables with optimal algebraic immunity by modifying the support of the majority function. The nonlinearity of the newly constructed rotation symmetric Boolean functions is also derived.
  102. Linear codes with one-dimensional hull associated with Gaussian sums., L. Qian, X. Cao et S. Mesnager. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS), Volume 13, pages 225--243, 2021.
    Abstract :
    The hull of a linear code over finite fields, the intersection of the code and its dual has been of interest and extensively studied due to its wide applications. For example, it plays a vital role in determining the complexity of algorithms for checking the permutation equivalence of two linear codes and computing a linear code's automorphism group. People are interested in pursuing linear codes with small hulls since, for such codes, the aforementioned algorithms are very efficient. In this field, Carlet, Mesnager, Tang and Qi gave a systematic characterization of LCD codes, i.e., linear codes with the null hull. In 2019, Carlet, Li and Mesnager presented some constructions of linear codes with small hulls. In the same year, Li and Zeng derived some linear code constructions with one-dimensional hulls using specific Gaussian sums. In this paper, we use general Gaussian sums to construct linear codes with one-dimensional hull by utilizing number fields, which generalizes some results of Li and Zeng [Constructions of linear codes with the one-dimensional hull, IEEE Trans. Inf. Theory, vol. 65, no. 3, 2019] and also of those presented by Carlet, Li and Mesnager [Linear codes with small hulls in semi-primitive case, Des. Codes Cryptogr., Des. Codes Cryptogr., vol. 87, no. 12, 2019]. We give sufficient conditions to obtain such codes. Notably, some codes we obtained are optimal or almost optimal according to the Database. This is the first attempt on constructing linear codes by general Gaussian sums which have one-dimensional hull and are optimal. Moreover, we also develop a bound of on the minimum distances of linear codes we constructed.
  103. Optimizing Inner Product Masking Scheme by A Coding Theory Approach., W. Cheng, S. Guilley, C. Carlet, S. Mesnager et J-L. Danger, IEEE Transactions on Information Forensics and Security, 16, pages 220-235, 2021.
    Abstract :
    Masking is one of the most popular countermeasures to protect cryptographic implementations against side-channel analysis since it is provably secure and can be deployed at the algorithm level. To strengthen the original Boolean masking scheme, several works have suggested using schemes with high algebraic complexity. The Inner Product Masking (IPM) is one of those. In this paper, we propose a unified framework to quantitatively assess the side-channel security of the IPM in a coding-theoretic approach. Specifically, starting from the expression of IPM in a coded form, we use two defining parameters of the code to characterize its side-channel resistance. In order to validate the framework, we then connect it to two leakage metrics (namely signal-to-noise ratio and mutual information, from an information-theoretic aspect) and one typical attack metric (success rate, from a practical aspect) to build a firm foundation for our framework. As an application, our results provide ultimate explanations on the observations made by Balasch et al. at EUROCRYPT’15 and at ASIACRYPT’17, Wang et al. at CARDIS’16 and Poussier et al. at CARDIS’17 regarding the parameter effects in IPM, like higher security order in bounded moment model. Furthermore, we show how to systematically choose optimal codes (in the sense of a concrete security level) to optimize IPM by using this framework. Eventually, we present a simple but effective algorithm for choosing optimal codes for IPM, which is of special interest for designers when selecting optimal parameters for IPM.
  104. On those multiplicative subgroups of $F_{2^n}^*$., C. Carlet et S. Mesnager. Journal of Algebraic combinatorics, 2020
    Abstract :
    We study those multiplicative subgroups of $F_{2^n}^*$, which are Sidon sets and/or sum-free sets in the group $( F_{2^n},+)$. These Sidon and sum-free sets play an important role relative to the exponents of APN power functions, as shown by a paper co-authored by the first author.
  105. Linear codes from vectorial Boolean functions in the context of algebraic attacks., M. Boumezbeur, S. Mesnager et K. Guenda, Journal Discrete Mathematics, Algorithms and Applications (DMAA), Volume 13 (3), 2021
    Abstract :
    In this paper, we study the relationship between vectorial (Boolean) functions and cyclic codes in the context of algebraic attacks. We first derive a direct link between the annihilators of a vectorial function (in univariate form) and certain $2^{n}$-ary cyclic codes (which we show that they are LCD codes). We also present some properties of those cyclic codes as well as their weight enumerator. In addition we generalize the so-called algebraic complement and study its properties.
  106. Letters for post-quantum cryptography standard evaluation., J. Ding, S. Mesnager et L-C. Wang. Journal Adv. Math. Commun. 14(1), 2020.
  107. Threshold-based post-quantum secure verifiable multi-secret sharing for distributed storage blockchain. S. Mesnager, A. Sinak et O. Yayla. Journal Mathematics-MDPI journals, Special Issue Mathematics, MDPI Journals, Special Issue "The Cryptography of Cryptocurrency", 2020.
    Abstract :
    Blockchain systems store transaction data in the form of a distributed ledger where each node stores a copy of all data, which gives rise to storage issues. It is well known that the tremendous storage and distribution of the block data are common problems in blockchain systems. In the literature, some types of secret sharing schemes are employed to overcome these problems. The secret sharing method is one of the most significant cryptographic protocols used to ensure the privacy of the data. The main purpose of this paper is to improve the recent distributed storage blockchain systems by proposing an alternative secret sharing method. We first propose a secure threshold verifiable multi-secret sharing scheme that has the verification and private communication steps based on post-quantum lattice-based hard problems. We then apply the proposed threshold scheme to the distributed storage blockchain (DSB) system in order to share transaction data at each block. In the proposed DSB system, we encrypt the data block with the AES-$256$ encryption algorithm before distributing it among nodes at each block, and both its secret key and the hash value of the block are privately shared among nodes simultaneously by the proposed scheme. Thereafter, in the DSB system, the encrypted data block is encoded by the Reed-Solomon code, and it is shared among nodes. We finally analyze the storage and recovery communication costs and the robustness of the proposed DSB system. We observe that our approach improves effectively the recovery communication cost and makes it more robust compared to the previous DSB systems. It also improves extremely the storage cost of the traditional blockchain systems. Furthermore, the proposed scheme brings to the DSB system the desirable properties such as verification process and secret communication without private channels in addition to the known properties of the schemes used in the previous DSB systems. Because of the flexibility on the threshold parameter of the scheme, a diverse range of qualified subsets of nodes in the DSB system can privately recover the secret values.
  108. New characterizations and construction methods of bent and hyper-bent Boolean functions., S. Mesnager, B. Mandal et C. Tang. Journal Discrete Mathematics, 343 (11), 112081, 2020.
    Abstract :
    In this paper, we first derive a necessary and sufficient condition for a bent Boolean function by analyzing their support set. Next, using this condition and the Pless power moment identities, we propose a construction method of bent functions of $2k$ variables by a suitable choice of $2k$-dimension subspace of $\mathbb F_2^{2^{2k-1}-2^{k-1}}$. Further, we extend our results to the so-called hyper-bent functions.
  109. Solving some affine equations over finite fields., S. Mesnager, K. H. Kim, J. H. Choe et D. N. Lee. Journal Finite Fields and their Applications, 68, 101746, 2020.
    Abstract :
    Let $l$ and $k$ be two integers such that $l | k$. Define $T_l^k(X):=X+X^{p^l}+\cdots+X^{p^{k-2l}}+X^{p^{k-l}}$ and $S_l^k(X):=X-X^{p^l}+\cdots+(-1)^{(k/l-1)}X^{p^{k-l}}$, where $p$ is any prime. This paper gives explicit representations of all solutions in $\GF{p^n}$ to the affine equations $T_l^{k}(X)=a$ and $S_l^{k}(X)=a$, $a\in \GF{p^n}$. The case $p=2$ was solved very recently in \cite{MKCL2019}. The results of this paper reveal another solution.
  110. On the boomerang uniformity of quadratic permutations., S. Mesnager, C. Tang et M. Xiong. Journal Design Codes and Cryptography 88(10), pages 2233-2246, 2020.
    Abstract :
    At Eurocrypt'18, Cid, Huang, Peyrin, Sasaki, and Song introduced a new tool called Boomerang Connectivity Table (BCT) for measuring the resistance of a block cipher against the boomerang attack which is an important cryptanalysis technique introduced by Wagner in 1999 against block ciphers. Next, Boura and Canteaut introduced an important parameter related to the BCT for cryptographic S-boxes called boomerang uniformity. The purpose of this paper is to present a brief state-of-the-art on the notion of boomerang uniformity of vectorial Boolean functions (or S-boxes) and provide new results. More specifically, we present a slightly different but more convenient formulation of the boomerang uniformity and prove some new identities. Moreover, we focus on quadratic permutations in even dimension and obtain general criteria by which they have optimal BCT. {As a consequence of the new criteria}, two previously known results can be derived, and many new quadratic permutations with optimal BCT (optimal means that the maximal value in the Boomerang Connectivity Table equals the lowest known differential uniformity) can be found. In particular, we show that the boomerang uniformity of the binomial differentially $4$-uniform permutations presented by Bracken, Tan, and Tan equals $4$. Furthermore, we show a link between the boomerang uniformity and the nonlinearity for some special quadratic permutations. Finally, we present a characterization of quadratic permutations with boomerang uniformity $4$. With this characterization, we show that the boomerang uniformity of a quadratic permutation with boomerang uniformity $4$ is preserved by the extended affine (EA) equivalence.
  111. Constructions of self-orthogonal codes from hulls of BCH codes and their parameters., Z. Du, C. Li, et S. Mesnager. Journal IEEE transactions Information Theory 66(11), pages 6774-6785, 2020.
    Abstract :
    Self-orthogonal codes are an interesting type of linear codes due to their wide applications in communication and cryptography. It is known that self-orthogonal codes are often used to construct quantum error-correcting codes, which can protect quantum information in quantum computations and quantum communications. Let $\mathcal C$ be an $[n, k]$ cyclic code over $\Bbb F_q$, where $\Bbb F_q$ is the finite field of order $q$. The hull of $\mathcal C$ is defined to be the intersection of the code and its dual. In this paper, we will employ the defining sets of cyclic codes to present two general characterizations of the hulls that have dimension $k-1$ or $k^\perp-1$, where $k^\perp$ is the dimension of the dual code $\mathcal C^\perp$. Several sufficient and necessary conditions for primitive and projective BCH codes to have $(k-1)$-dimensional (or $(k^\perp-1)$-dimensional) hulls are also developed by presenting lower and upper bounds on their designed distances. Furthermore, several classes of self-orthogonal codes are proposed via the hulls of BCH codes and their parameters are also investigated. The dimensions and minimum distances of some self-orthogonal codes are determined explicitly. In addition, several optimal codes are obtained.
  112. Recent results and problems on constructions of linear codes from cryptographic functions, N. Li et S. Mesnager, Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS) 12(5), pages 965-986, 2020.
    Abstract :
    Linear codes have a wide range of applications in the data storage systems, communication systems, consumer electronics products since their algebraic structure can be analyzed and they are easy to implement in hardware. How to construct linear codes with excellent properties to meet the demands of practical systems becomes a research topic, and it is an efficient way to construct linear codes from cryptographic functions. In this paper, we will introduce some methods to construct linear codes by using cryptographic functions over finite fields and present some recent results and problems in this area.
  113. Solving $x^{2^k+1}+x+a=0$ in $\GF{n}$ with $\gcd(n,k)=1$, K. H. Kim et S. Mesnager, Journal Finite Fields and Their Applications (FFA) 63: 101630, 2020.
    Abstract :
    Let $N_a$ be the number of solutions to the equation $x^{2^k+1}+x+a=0$ in $\GF {n}$ where $\gcd(k,n)=1$. In 2004, by Bluher \cite{BLUHER2004} it was known that possible values of $N_a$ are only 0, 1 and 3. In 2008, Helleseth and Kholosha \cite{HELLESETH2008} found criteria for $N_a=1$ and an explicit expression of the unique solution when $\gcd(k,n)=1$. In 2010 \cite{HELLESETH2010}, the extended version of \cite{HELLESETH2008}, they also got criteria for $N_a=0,3$. In 2014, Bracken, Tan and Tan \cite{BRACKEN2014} presented another criterion for $N_a=0$ when $n$ is even and $\gcd(k,n)=1$. This paper completely solves this equation $x^{2^k+1}+x+a=0$ with only the condition $\gcd(n,k)=1$. We explicitly calculate all possible zeros in $\GF{n}$ of $P_a(x)$. New criteria for which $a$, $N_a$ is equal to $0$, $1$ or $3$ are by-products of our result.
  114. Minimal linear codes from characteristic functions, S. Mesnager, Y. Qi, H. Ru et C. Tang, Journal IEEE Transactions on Information Thepry 66(9), pages 5404-5413, 2020.
    Abstract :
    Minimal linear codes have interesting applications in secret sharing schemes and secure two-party computation. This paper uses characteristic functions of some subsets of $\mathbb{F}_q$ to construct minimal linear codes. By properties of characteristic functions, we can obtain more minimal binary linear codes from known minimal binary linear codes, which generalizes results of Ding et al. [IEEE Trans. Inf. Theory, vol. 64, no. 10, pp. 6536-6545, 2018]. By characteristic functions corresponding to some subspaces of $\mathbb{F}_q$, we obtain many minimal linear codes, which generalizes results of [IEEE Trans. Inf. Theory, vol. 64, no. 10, pp. 6536-6545, 2018] and [IEEE Trans. Inf. Theory, vol. 65, no. 11, pp. 7067-7078, 2019]. Finally, we use characteristic functions to present a characterization of minimal linear codes from the defining set method and present a class of minimal linear codes.
  115. Constructions of optimal locally recoverable codes via Dickson polynomials, J. Liu, S. Mesnager et D. Tang. Journal Design Codes and Cryptography (DCC) 88(9), pages 1759-1780, 2020
    Abstract :
    In 2014, Tamo and Barg have presented in a very remarkable paper a family of optimal linear locally recoverable codes (LRC codes) that attain the maximum possible distance (given code length, cardinality, and locality). The key ingredients for constructing such optimal linear LRC codes are the so-called $r$-good polynomials, where $r$ is equal to the locality of the LRC code. In 2018, Liu et al. presented two general methods of designing $r$-good polynomials by using function composition, which led to three new constructions of $r$-good polynomials. Next, Micheli provided a Galois theoretical framework which allows to construct $r$-good polynomials. The well-known Dickson polynomials form an important class of polynomials which have been extensively investigated in recent years in different contexts. In this paper, we provide new methods of designing $r$-good polynomials based on Dickson polynomials. Such $r$-good polynomials provide new constructions of optimal LRC codes.
  116. Solving $x+x^{2^l}+\cdots+x^{2^{ml}}=a$ over $\GF{2^n}$, S. Mesnager, K. H. Kim, J. H. Choe, D. N. Lee et D. S. Go. Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS) 12(4), pages 809-817, 2020.
    Abstract :
    This paper presents an explicit representation for the solutions of the equation $\sum_{i=0}^{\frac kl-1}x^{2^{li}} = a \in \GF{2^n}$ for any given positive integers $k,l$ with $l|k$ and $n$, in the closed field ${\overline{\GF{2}}}$ and in the finite field $\GF{2^n}$. As a by-product of our study, we are able to completely characterize the $a$'s for which this equation has solutions in $\GF{2^n}$.
  117. On the number of the rational zeros of linearized polynomials and the second-order nonlinearity of cubic Boolean functions, S. Mesnager, K. H. Kim et M. S. Jo, Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS) 12(4), pages 659-674, 2020
    Abstract :
    Determine the number of rational zeros of any given linearized polynomial is one of the vital problems in finite field theory, with applications in modern symmetric cryptosystems. But, the known general theory for this task is much far from giving the exact number when applied to a specific linearized polynomial. The first contribution of this paper is a better general method to get a more precise upper bound on the number of rational zeros of any given linearized polynomial over an arbitrary finite field. We anticipate this method would be applied as a useful tool in many research branches of finite field and cryptography. We apply this result to get tighter estimations of the lower bounds on the second-order nonlinearities of general cubic Boolean functions, which has been an active research problem during the past decade. Furthermore, this paper shows that by studying the distribution of radicals of derivatives of a given Boolean function one can get a better lower bound of the second-order nonlinearity, through an example of the monomial Boolean functions $g_{\mu}=Tr(\mu x^{2^{2r}+2^r+1})$ defined over the finite field $\GF{n}$.
  118. On the Menezes-Teske-Weng conjecture, S. Mesnager, K. H. Kim, J. Choe et C. Tang, Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS) 12 (1), pages 19-27, 2020.
    Abstract :
    In 2003, Alfred Menezes, Edlyn Teske and Annegret Weng presented a conjecture on properties of the solutions of a type of quadratic equations over the binary extension fields, which had been confirmed by extensive experiments but the proof was unknown until now. We prove that this conjecture is correct. Furthermore, using this proved conjecture, we have completely determined the null space of a class of linearized polynomials.
  119. Several classes of minimal linear codes with few weights from weakly regular plateaued function , S. Mesnager et A. Sinak, Journal IEEE Transactions Information Theory, vol. 66, no. 4, pp. 2296-2310, 2020.
    Abstract :
    Minimal linear codes have significant applications in secret-sharing schemes and secure two-party computation. There are several methods to construct linear codes, one of which is based on functions over finite fields. Recently, many construction methods for linear codes from functions have been proposed in the literature. In this paper, we generalize the recent construction methods given by Tang et al.~in [IEEE Transactions on Information Theory, 62(3), 1166-1176, 2016] to weakly regular plateaued functions over finite fields of odd characteristics. We first construct three-weight linear codes from weakly regular plateaued functions based on the second generic construction and then determine their weight distributions. We also give a punctured version and subcode of each constructed code. We note that they may be (almost) optimal codes and can be directly employed to obtain (democratic) secret-sharing schemes, which have diverse applications in the industry. We next observe that the constructed codes are minimal for almost all cases and finally describe the access structures of the secret-sharing schemes based on their dual codes.
  120. Codebooks from generalized bent $\mathbb{Z}_4$-valued quadratic forms , Y. Qi, S. Mesnager et C. Tang, Journal Discrete Mathematics, 343(3), 111736, 2020.
    Abstract :
    Codebooks with small inner-product correlations have applications in unitary space-time modulations, multiple description coding over erasure channels, direct spread code division multiple access communications, compressed sensing, and coding theory. It is interesting to construct codebooks (asymptotically) achieving the Levenshtein bound. This paper presents a class of generalized bent $\mathbb{Z}_4$-valued quadratic forms, which contain functions proposed by Heng and Yue (Optimal codebooks achieving the Levenshtein bound from generalized bent functions over $\mathbb{Z}_4$. Cryptogr. Commun. 9(1), 41-53, 2017). Using these generalized bent $\mathbb{Z}_4$-valued quadratic forms, we construct optimal codebooks achieving the Levenshtein bound. These codebooks have parameters $(2^{2m}+2^m,2^m)$ and alphabet size $6$.
  121. A class of narrow-sense BCH codes over $\mathbb{F}_q$ of length $\frac{q^m-1}{2}$ , X. Lin, S. Mesnager, Y. Qi et C. Tang, Journal Design Codes and Cryptography (DCC) 88(2), pages 413-427, 2020.
    Abstract :
    BCH codes with efficient encoding and decoding algorithms have many applications in communications, cryptography and combinatorial design. This paper studies a class of linear codes of length $ \frac{q^m-1}{2}$ over $\mathbb{F}_q$ with special trace representation, where $q$ is an odd prime power. With the help of the inner distributions of some subsets of association schemes of quadratic forms, we determine the weight enumerators of these codes. From determining some cyclotomic coset leaders $\delta_i$ of cyclotomic cosets modulo $ \frac{q^m-1}{2}$, we prove that narrow-sense BCH codes of length $ \frac{q^m-1}{2}$ with designed distance $\delta_i=\frac{q^m-q^{m-1}}{2}-1-\frac{q^{ \lfloor \frac{m-3}{2} \rfloor+i}-1}{2}$ have the corresponding trace representation, and have the minimal distance $d=\delta_i$ and the Bose distance $d_B=\delta_i$, where $1\leq i\leq \lfloor \frac{m+11}{6} \rfloor$.
  122. A Proof of the Beierle-Kranz-Leander Conjecture related to Lightweight Multiplication in $\mathbb{F}_{2^n}$, S. Mesnager, K. H. Kim, D. Jo, J. Choe, M. Han et D. N, Lee, Journal Design Codes and Cryptography (DCC), 88(1), pages 51-62, 2020.
    Abstract :
    Lightweight cryptography is an important tool for building strong security solutions for pervasive devices with limited resources. Due to the stringent cost constraints inherent in extremely large applications, the efficient implementation of cryptographic hardware and software algorithms is of utmost importance to realize the vision of generalized computing. In CRYPTO 2016, Beierle, Kranz and Leander have considered lightweight multiplication in $\mathds{F}_{2^n}$. Specifically, they have considered the fundamental question of optimizing finite field multiplications with one fixed element and investigated which field representation, that is which choice of basis, allows for an optimal implementation. They have left open a conjecture related to an XOR count of two. Using the linear algebra theory, we prove in the present paper that their conjecture is correct. Consequently, this proven conjecture can be used as a reference for further developing and implementing cryptography algorithms in lightweight devices.
  123. On generalized hyper-bent functions, S. Mesnager, Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS)12(3), pages 455-468, 2020.
    Abstract :
    Hyper-bent Boolean functions were introduced in 2001 by Youssef and Gong (initially proposed by Golomb and Gong in 1999 as a component of S-boxes) to ensure the security of symmetric cryptosystems, but no cryptographic attack has been identified until the one on the filtered LFSRs made by Canteaut and Rotella in 2016. Hyper-bent functions have properties still stronger than the well-known bent functions which were introduced by Rothaus and already studied by Dillon and next by several researchers in more than four decades. Hyper-bent functions are very rare, and whose classification is still elusive. Therefore, not only their characterization, but also their generation is challenging problems. Recently, an important direction in the theory of hyper-bent functions were the extension of Boolean hyper-bent functions to whose codomain is the ring of integers modulo a power of a prime, that is, generalized hyper-bent functions. In this paper, we synthesize previous studies on generalized hyper-bent functions in a unified framework. We provide two characterizations of generalized hyper-bent functions in terms of their digits. We establish a complete characterization of a family of generalized hyper-bent functions defined over spreads and establish a link between vectorial hyper-bent functions found recently and that family.
  124. On two-to-one mappings over finite fields, S. Mesnager et L. Qu, Journal IEEE Transactions Information Theory, 65(12), pages 7884-7895, 2019.
    Abstract :
    Two-to-one ($2$-to-$1$) mappings over finite fields play an an important role in symmetric cryptography. In particular they allow designing APN functions, bent functions and semi-bent functions. In this paper, we provide a systematic study of two-to-one mappings that are defined over finite fields. We characterize such mappings by means of the Walsh transforms. We also present several constructions, including an AGW-like criterion, constructions with the form of $x^rh(x^{(q-1)/d})$, those from permutation polynomials, from linear translators and APN functions. Then we present $2$-to-$1$ polynomial mappings in classical classes of polynomials: linearized polynomials and monomials, low degree polynomials, Dickson polynomials and Muller-Cohen-Matthews polynomials, etc. Lastly, we show applications of $2$-to-$1$ mappings over finite fields for constructions of bent Boolean and vectorial bent functions, semi-bent functions, planar functions and permutation polynomials. In all those respects, we shall review what is known and provide several new results.
  125. Multiple characters transforms and generalized Boolean functions, S. Mesnager, C. Riera et P. Stanica, Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS) 11(6), pages 1247-1260, 2019.
    Abstract :
    In this paper we investigate generalized Boolean functions whose spectrum is flat with respect to a set of Walsh-Hadamard transforms are defined using various complex primitive roots of $1$. We also study some differential properties of the generalized Boolean functions in even dimension defined in terms of these different characters. We show that those functions have similar properties to the vectorial bent functions. We next clarify the case of Gbent functions in odd dimension. As a by-product of our proofs, more generally, we also provide several results about plateaued functions. Furthermore, we find characterizations of plateaued functions with respect to different characters in terms of second derivatives and fourth moments.
  126. Several new classes of self-dual bent functions derived from involutions, G. Luo, X. Cao et S. Mesnager, Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS), 1(6), pages 1261-1273, 2019.
    Abstract :
    Bent functions are a kind of Boolean function which have the maximum Hamming distance to linear and affine functions, they have some interesting applications in combinatorics, coding theory, cryptography and sequences. However, generally speaking, how to find new bent functions is a hard work and is a hot research project during the past decades. A subclass of bent functions that have received attention since Dillon's seminal thesis (1974) is the subclass of those Boolean functions that are equal to their dual (or Fourier transform in Dillon's terminology): the so-called self-dual bent functions. In this paper, we propose a construction of involutions from linear translators and provide two methods for constructing new involutions by utilizing some given involutions. With the involutions presented in this paper, several new classes of self-dual bent functions are produced.
  127. Minimal Linear Codes with Few Weights and Their Secret Sharing, S. Mesnager, A. Sinak, O. Yayla, International Journal of Information Security Science, Vol.8, No.3, pages 44-52, 2019.
    Abstract :
    Minimal linear codes with few weights have significant applications in secure two-party computation and secret-sharing schemes. In this paper, we construct two-weight and three-weight minimal linear codes using weakly regular plateaued functions in the well-known construction method based on the second generic construction. We also give punctured codes and subcodes for some constructed minimal codes. We finally obtain secret sharing schemes with high democracy from the dual codes of our minimal codes.
  128. Linear codes with small hulls in semi-primitive case, C. Carlet, C. Li et S. Mesnager, Journal Design Codes and Cryptography (DCC), 87(12), pages 2813-2834, 2019.
    Abstract :
    The hull of a linear code is defined to be the intersection of the code and its dual and was originally introduced to classify finite projective planes. The hull plays an important role in determining the complexity of algorithms for checking the permutation equivalence of two linear codes and computing the automorphism group of a linear code. It has been shown that these algorithms are very effective in general if the hull size is small. It is clear that the linear codes with the smallest hull are LCD codes, and with the second smallest hull are those with one-dimensional hull. In this paper, we employ character sums in semi-primitive cases to construct LCD and linear codes with a one-dimensional hull from cyclotomic fields and multiplicative subgroups of finite fields. Some sufficient and necessary conditions for these codes are obtained, where prime ideal decompositions of prime $p$ in cyclotomic fields play a key role. In addition, we show the non-existence of these codes in some cases.
  129. Further study on the maximum number of bent components of vectorial functions, S. Mesnager, F. Zhang, C. Tang et Y. Zhou, Journal Design Codes and Cryptography (DCC), 87(11): 2597-2610, 2019.
    Abstract :
    In 2018, Pott et al. have studied in [IEEE Transactions on Information Theory. Volume: 64, Issue: 1, 2018] the maximum number of bent components of vectorial functions. They have presented many nice results and suggested several open problems in this context. This paper is in the continuation of their study in which we solve two open problems raised by Pott et al. and partially solve an open problem raised by the same authors. Firstly, we prove that for a vectorial function, the property of having the maximum number of bent components is invariant under the so-called CCZ equivalence. Secondly, we prove the non-existence of APN plateaued functions having the maximum number of bent components. In particular, quadratic APN functions cannot have the maximum number of bent components. Finally, we present some sufficient conditions that the vectorial function defined from $\mathbb{F}_{2^{2k}}$ to $\mathbb{F}_{2^{2k}}$ by its univariate representation: $$ \alpha x^{2^i}\left(x+x^{2^k}+\sum\limits_{j=1}^{\rho}\gamma^{(j)}x^{2^{t_j}} +\sum\limits_{j=1}^{\rho}\gamma^{(j)}x^{2^{t_j+k}}\right)$$ has the maximum number of { bent components, where $\rho\leq k$}. Further, we show that the differential spectrum of the function $ x^{2^i}(x+x^{2^k}+x^{2^{t_1}}+x^{2^{t_1+k}}+x^{2^{t_2}}+x^{2^{t_2+k}})$ (where $i,t_1,t_2$ satisfy some conditions) is different from the binomial function $F^i(x)= x^{2^i}(x+x^{2^k})$ presented in the article of Pott et al.
  130. Some (almost) optimally extendable linear codes, C. Carlet, C. Li et S. Mesnager, Journal Design Codes and Cryptography, 87(12), pages 2813-2834, 2019
    Abstract :
    Side-channel attacks (SCA) and fault injection attacks (FIA) are nowadays important cryptanalysis methods on the implementations of block ciphers, which represent hugely threats. Direct sum masking (DSM) has been proposed to protect the sensitive data stored in registers against both SCA and FIA. It uses two linear codes $\mathcal C$ and $\mathcal D$ whose sum is direct and equals $\Bbb F_q^n$. The resulting security parameter is the pair $(d(\mathcal C)-1,d({\mathcal D}^\perp)-1)$. For being able to protect not only the sensitive input data stored in registers against SCA and FIA but the whole algorithm (which is required at least in software applications), it is necessary to change $\mathcal C$ and $\mathcal D$ into $\mathcal C^\prime$, which has the same minimum distance as $\mathcal C$, and $\mathcal D^\prime$, which may have smaller dual distance than $\mathcal D$. Precisely, $\mathcal D^\prime$ is the linear code obtained by appending on the right of its generator matrix, the identity matrix with the same number of rows. It is then highly desired to construct linear codes $\mathcal D$ such that $d({\mathcal D^\prime}^\perp)$ is very close to $d({\mathcal D}^\perp)$. In such case, we say that $\mathcal D$ is almost optimally extendable (and is optimally extendable if $d({\mathcal D^\prime}^\perp)= d(\mathcal D^\perp)$). In general, it is notoriously difficult to determine the minimum distances of the codes $\mathcal D^\perp$ and ${\mathcal D^\prime}^\perp$ simultaneously.
  131. Weightwise perfectly balanced functions with high weightwise nonlinearity profil, J. Liu et S. Mesnager, Journal Designs, Codes and Cryptography (DCC) 87(8), pages 1797-1813, 2019.
    Abstract :
    Boolean functions satisfying good cryptographic criteria when restricted to the set of vectors with constant Hamming weight play an important role in the recent FLIP stream cipher~\cite{Meaux2016}. In this paper, we propose a large class of weightwise perfectly balanced (WPB) functions, which is $2$-rotation symmetric. This new class of WPB functions is not extended affinely equivalent to the known constructions. We also discuss the weightwise nonlinearity profile of these functions, and present general lower bounds on $k$-weightwise nonlinearity, where $k$ is a power of $2$. Moreover, we exhibit a subclass of the family. By a recursive lower bound, we show that these subclass of WPB functions have very high weightwise nonlinearity profile
  132. On q-ary plateaued functions over $F_q$ and their explicit characterizations, S. Mesnager, F. Ozbudak, A. Sinak et G. Cohen, European Journal of Combinatorics 80, pages 71-81, 2019
    Abstract :
    Plateaued and bent functions play a significant role in cryptography, sequence theory, coding theory and combinatorics. In 1997, Coulter and Matthews redefined bent functions over any finite field $\F_q$ where $q$ is a prime power, and established their properties. The objective of this work is to redefine the notion of plateaued functions over $\F_q$, and to present several explicit characterizations of those functions. We first give, over $\F_q$, the notion of $q$-ary plateaued functions, which relies on the concept of the Walsh-Hadamard transform in terms of canonical additive character of $\F_q$. We then give a concrete example of $q$-ary plateaued function, that is not vectorial $p$-ary plateaued function. This suggests that the study of plateaued-ness is also significant for $q$-ary functions over $\F_q$. We finally characterize $q$-ary plateaued functions in terms of derivatives, Walsh power moments and autocorrelation functions.
  133. On the nonlinearity of Boolean functions with restricted input, S. Mesnager, Z. Zhou et C. Ding, Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS), 11(1) pages 63-76, 2019.
    Abstract :
    Very recently, Carlet, M\'eaux and Rotella have studied the main cryptographic features of Boolean functions when, for a given number $n$ of variables, the input to these functions is restricted to some subset $E$ of $\F^n$. Their study includes the particular case when $E$ equals the set of vectors of fixed Hamming weight, which is important in the robustness of the Boolean function involved in the FLIP stream cipher. In this paper we focus on the nonlinearity of Boolean functions with restricted input and present new results related to the analysis of this nonlinearity improving the upper bound given by Carlet et al.
  134. Linear codes from weakly regular plateaued functions and their secret sharing schemes, S. Mesnager, F. Ozbudak et A. Sinak, Journal Designs, Codes and Cryptography (DCC), Volume 87, Issue 2–3, pages 463–480, 2019.
    Abstract :
    Linear codes, the most significant class of codes in coding theory, have diverse applications in secret-sharing schemes, authentication codes, communication, data storage devices and consumer electronics. The main objectives of this paper are twofold: to construct three-weight linear codes from plateaued functions over finite fields and to analyze the constructed linear codes for secret sharing schemes. To do the first one, we generalize the recent contribution of Mesnager given in [Cryptography and Communications 9(1), 71-84, 2017]. We first introduce the notion of (non)-weakly regular plateaued functions over $\F_p$, with $p$ an odd prime. We next construct a three-weight linear $p$-ary (resp. binary) codes from weakly regular $p$-ary plateaued (resp. Boolean plateaued) functions and determine their weight distributions. We finally show that the constructed linear codes can be used to construct secret-sharing schemes with ``nice'' access structures. To the best of our knowledge, the construction of linear codes from plateaued functions over $\F_p$, with $p$ an odd prime, is studied in this paper for the first time in the literature.
  135. New characterization and parametrization of LCD codes, C. Carlet, S. Mesnager, C. Tang et Y. Qi, Journal IEEE Transactions on Information Theory-IT, 65(1) pages 39-49, 2019.
    Abstract :
    Linear complementary dual (LCD) cyclic codes were referred historically to as reversible cyclic codes, which had applications in data storage. Due to a newly discovered application in cryptography, there has been renewed interest in LCD codes. In particular, it has been shown that binary LCD codes play an important role in implementations against side-channel attacks and fault injection attacks. In this paper, we first present a new characterization of binary LCD codes in terms of their orthogonal or symplectic basis. Using such a characterization, we solve a conjecture proposed by Galvez et al. on the minimum distance of binary LCD codes. Next, we consider the action of the orthogonal group on the set of all LCD codes, determine all possible orbits of this action derive simple closed formulas of the size of the orbits, and present some asymptotic results on the size of the corresponding orbits. Our results show that almost all binary LCD codes are odd-like codes with odd-like duals, and about half of $q$-ary LCD codes have orthonormal basis, where $q$ is a power of an odd prime.
  136. On $sigma$-LCD codes, C. Carlet, S. Mesnager, C. Tang et Y. Qi, Journal IEEE Transactions on Information Theory-IT. Volume 65, Issue 3, pages 1694-1704, 2019.
    Abstract :
    Linear complementary pairs (LCP) of codes play an important role in armoring implementations against side-channel attacks and fault injection attacks. One of the most common ways to construct LCP of codes is to use Euclidean linear complementary dual (LCD) codes. In this paper, we first introduce the concept of linear codes with $\sigma$ complementary dual ($\sigma$-LCD), which includes known Euclidean LCD codes, Hermitian LCD codes, and Galois LCD codes. Like Euclidean LCD codes, $\sigma$-LCD codes can also be used to construct LCP codes. We show that for $q > 2$, all $q$-ary linear codes are $\sigma$-LCD and that, for every binary linear code $\mathcal C$, the code $\{0\}\times \mathcal C$ is $\sigma$-LCD. Further, we study deeply $\sigma$-LCD generalized quasi-cyclic (GQC) codes. In particular, we provide characterizations of $\sigma$-LCD GQC codes, self-orthogonal GQC codes and self-dual GQC codes, respectively. Moreover, we provide constructions of asymptotically good $\sigma$-LCD GQC codes. Finally, we focus on $\sigma$-LCD abelian codes and prove that all abelian codes in a semi-simple group algebra are $\sigma$-LCD. The results derived in this paper extend those on the classical LCD codes and show that $\sigma$-LCD codes allow the construction of LCP codes more easily and with more flexibility.
  137. Linear codes over $F_q$ are equivalent to LCD codes for $q>3$, C. Carlet, S. Mesnager, C. Tang, Y. Qi et R. Pellikaan, Journal IEEE Transactions on Information Theory-IT, Volume 64, Issue 4, pages 3010-3017, 2018.
    Abstract :
    Linear codes with complementary duals (abbreviated LCD) are linear codes whose intersections with their duals are trivial. When they are binary, they play an important role in armoring implementations against side-channel attacks and fault injection attacks. Non-binary LCD codes in characteristic two can be transformed into binary LCD codes by expansion. In this paper, we introduce a general construction of LCD codes from any linear codes. Further, we show that any linear code over $\mathbb F_{q} (q>3)$ is equivalent to a Euclidean LCD code and any linear code over $\mathbb F_{q^2} (q>2)$ is equivalent to a Hermitian LCD code. Consequently an $[n,k,d]$-linear Euclidean LCD code over $\mathbb F_q$ with $q>3$ exists if there is an $[n,k,d]$-linear code over $\mathbb F_q$ and an $[n,k,d]$-linear Hermitian LCD code over $\mathbb F_{q^2}$ with $q>2$ exists if there is an $[n,k,d]$-linear code over $\mathbb F_{q^2}$. Hence, when $q>3$ (resp. $q>2$) $q$-ary Euclidean (resp. $q^2$-ary Hermitian) LCD codes possess the same asymptotical bound as $q$-ary linear codes (resp. $q^2$-ary linear codes). This gives a direct proof that every triple of parameters $[n,k,d]$ which is attainable by linear codes over $\mathbb F_{q}$ with $q>3$ (resp. over $\mathbb F_{q^2}$ with $q>2$) is attainable by Euclidean LCD codes (resp. by Hermitian LCD codes). In particular, there exist, families of $q$-ary, Euclidean LCD codes ($q>3$) and $q^2$-ary Hermitian LCD codes ($q>2$) exceeding the asymptotical Gilbert-Varshamov bound. Further, we give a second proof of these results using the theory of Grobner bases. Finally, we present a new approach of constructing LCD codes by extending linear codes.
  138. $2$-correcting Lee Codes: (Quasi)-Perfect Spectral Conditions and Some Constructions, S. Mesnager, C. Tang et Y. Qi, Journal IEEE Transactions on Information Theory-IT, Volume 64, Issue 4, pages 3031-3041, 2018.
    Abstract :
    Let $p$ be an odd prime. Recently, Camarero and Mart\'{\i}nez (in ``Quasi-perfect Lee codes of radius $2$ and arbitrarily large dimension", IEEE Trans. Inform. Theory, vol. 62, no. 3, 2016) constructed some $p$-ary $2$-quasi-perfect Lee codes for $p\equiv \pm 5 \pmod{12}$. In this paper, some infinite classes of $p$-ary $2$-quasi-perfect Lee codes for any odd prime $p$ with flexible length and dimension are presented. More specifically, we provide a new method for constructing quasi-perfect Lee codes. Our approach uses subsets derived from some quadratic curves over finite fields (in odd characteristic) to obtain two classes of $2$-quasi-perfect Lee codes defined in the space $\mathbb{Z}_p^n$ for $n=\frac{p^k+1}{2}$ $(\text{with} ~p\equiv 1, -5 \pmod{12} \text{ and } k \text{ is any integer}, \text{ or } p\equiv -1, 5 \pmod{12} \text{ and } k \text{ is an even integer})$ and $n=\frac{p^k-1}{2}$ $(\text{with }p\equiv -1, 5 \pmod{12}, k \text{ is an odd integer} \text{ and } p^k 12)$. Our codes encompass the $p$-ary ($p\equiv \pm 5 \pmod{12}$) $2$-quasi-perfect Lee codes constructed by Camarero and Mart\'{\i}nez. Furthermore, using Kloosterman sums, we prove that the related Cayley graphs are Ramanujan or almost Ramanujan . This generalizes the work of Bibak, Kapron and Srinivasan (in ``The Cayley graphs associated with some quasi-perfect Lee codes are Ramanujan graphs", IEEE Trans. Inform. Theory, vol. 62, no. 11, 2016) from the case $p\equiv 3 \pmod{4}$ and $k=1$ to the case of any odd prime $p$ and positive integer $k$. Finally, we derive some necessary conditions with the exponential sums of all $2$-perfect codes and $2$-quasi-perfect codes, and present a heuristic algorithm for constructing $2$-perfect codes and $2$-quasi-perfect codes. Our results show that, in general, the Cayley graphs associated with $2$-perfect codes are Ramanujan. The algorithm gives some new 2-quasi-perfect Lee codes different from those constructed from quadratic curves . The Lee codes presented in this paper have applications in constrained and partial-response channels, flash memories, and decision diagrams.
  139. Further results on generalized bent functions and their complete characterization, S. Mesnager, C. Tang, Y. Qi, L. Wang, B. Wu et K. Feng, Journal IEEE Transactions on Information Theory-IT. 64(7): 5441-5452, 2018.
    Abstract :
    This paper contributes to increasing our knowledge of generalized bent functions (including generalized bent Boolean functions and generalized $p$-ary bent functions with odd prime $p$) by bringing new results on their characterization and construction in arbitrary characteristics. More specifically, we first investigate relations between generalized bent functions and bent functions by the decomposition of generalized bent functions. This enables us to completely characterize generalized bent functions and $\mathbb Z_{p^k}$-bent functions by some affine space associated with the generalized bent functions. We also present the relationship between generalized bent Boolean functions with odd variables and generalized bent Boolean functions with even variables. We present some infinite classes of generalized bent Boolean functions based on the well-known Maiorana-McFarland class of Boolean functions. In addition, we introduce a class of generalized hyper-bent functions that can be seen as generalized Dillon's $PS$ functions. Finally, we solve an open problem related to describing the dual function of a weakly regular generalized Boolean function with odd variables via the Walsh-Hadamard transform of their component functions. We generalize these results to the case of odd prime.
  140. Euclidean and Hermitian LCD MDS codes, C. Carlet, S. Mesnager, C. Tang et Y. Qi, Journal Des. Codes Cryptography 86(11), pages 2605-2618, 2018.
    Abstract :
    Linear codes with complementary duals (abbreviated LCD) are linear codes whose intersection with their dual is trivial. When they are binary, they play an important role in armoring implementations against side-channel attacks and fault injection attacks. Non-binary LCD codes in characteristic two can be transformed into binary LCD codes by expansion. On the other hand, being optimal codes, maximum distance separable codes (abbreviated MDS) are of much interest from many viewpoints due to their theoretical and practical properties. However, little work has been done on LCD MDS codes. In particular, determining the existence of $q$-ary $[n,k]$ LCD MDS codes for various lengths $n$ and dimensions $k$ is a basic and interesting problem. In this paper, we first study the problem of the existence of $q$-ary $[n,k]$ LCD MDS codes and solve it for the Euclidean case. More specifically, we show that for $q$ greater than 3, there exists a $q$-ary $[n,k]$ Euclidean LCD MDS code, where $0\le k \le n\le q+1$, or, $q=2^{m}$, $n=q+2$ and $k= 3 \text{ or } q-1$. Secondly, we investigate several constructions of new Euclidean and Hermitian LCD MDS codes. Our main techniques in constructing Euclidean and Hermitian LCD MDS codes use some linear codes with small dimensions or codimension, self-orthogonal codes and generalized Reed-Solomon codes.
  141. New constructions of optimal locally recoverable codes via good polynomials, J. Liu, S. Mesnager et L. Chen, Journal IEEE Transactions on Information Theory-IT, 64(2), pages 889-899, 2018.
    Abstract :
    In recent literature, a family of optimal linear locally recoverable codes (LRC codes) that attain the maximum possible distance (given code length, cardinality, and locality) is presented. The key ingredient for constructing such optimal linear LRC codes are the so-called r-good polynomials, where r is equal to the locality of the LRC code. However, given a prime p, known constructions of r-good polynomials over some extension field of Fp exist only for some special integers r, and the problem of constructing optimal LRC codes over the small field for any given locality is still open. In this paper, by using function composition, we present two general methods of designing good polynomials, which lead to three new constructions of r-good polynomials. Such polynomials bring new constructions of optimal LRC codes. In particular, our constructed polynomials, as well as the power functions yield optimal (n; k; r) LRC codes over Fq for all positive integers r as localities, where q is near the code length n.
  142. Complementary dual algebraic geometry codes, S. Mesnager, C. Tang et Y. Qi, Journal IEEE Transactions on Information Theory-IT 64(4), pages 2390-2397, 2018.
    Abstract :
    Linear complementary dual (LCD) codes are a class of linear codes introduced by Massey in 1964. LCD codes have been extensively studied in the literature recently. In addition to their applications in data storage, communications systems, and consumer electronics, LCD codes have been employed in cryptography. More specifically, it has been shown that LCD codes can also help improve the security of the information processed by sensitive devices, especially against so-called side-channel attacks (SCA) and fault non-invasive attacks. In this paper, we are interested in constructing particular algebraic geometry (AG) LCD codes which could be good candidates to be resistant against SCA. We first provide a construction scheme for obtaining LCD codes from any algebraic curve. Then, some explicit LCD codes from elliptic curves are presented. MDS codes are most important in coding theory due to their theoretical significance and practical interests. In this paper, all the constructed LCD codes from elliptic curves are MDS or almost MDS. Some infinite classes of LCD codes from elliptic curves are optimal due to the Griesmer bound. Finally, we also derive some explicit LCD codes from hyperelliptic curves and Hermitian curves.
  143. Bent functions from involutions over $F_2^n$, R. Coulter et S. Mesnager, Journal IEEE Transactions on Information Theory-IT, Volume 64, Issue 4, pages 2979-2986, 2018.
    Abstract :
    Bent functions are maximally nonlinear Boolean functions. Introduced by Rothaus and examined by Dillon, these important functions have been studied by many researchers over the last four decades. Since a complete classification of bent functions appears elusive, many researchers concentrate on methods for constructing bent functions. This paper investigates constructions of bent functions from involutions over finite fields in even characteristics. We present a generic construction technique, study its equivalence issues and show that linear involutions (which are an important class of permutations) over finite fields give rise to bent functions in bivariate representations. In particular, we exhibit new constructions of bent functions involving binomial linear involutions whose dual functions are directly obtained without computation. The existence of bent functions from involutions relies heavily on solving systems of equations over finite fields.
  144. On the $p$-ary (Cubic)Bent and Plateaued (Vectorial) Functions, S. Mesnager, F. Ozbudak et A. Sinak, Journal Des. Codes Cryptography 86(8), pages 1865-1892, 2018.
    Abstract :
    Plateaued functions play a significant role in cryptography, sequences for communications, and related combinatorics and designs. Compared to their importance, those functions have not been studied in detail in a general framework. Our motivation is to bring further results on the characterizations of bent and plateaued functions, and to introduce new tools which allow us firstly a better understanding of their structure and secondly to get methods for handling and designing such functions. We first characterize bent functions in terms of all even moments of the Walsh transform and then plateaued (vectorial) functions in terms of the value distribution of the second-order derivatives. Moreover, we devote to cubic functions the characterization of plateaued functions in terms of the value distribution of the second-order derivatives, which reveals the non-existence of homogeneous cubic bent (and also (homogeneous) cubic plateaued for some cases) functions in odd characteristics. We use a rank notion that generalizes the rank notion of quadratic functions. This rank notion reveals new results about (homogeneous) cubic plateaued functions. Furthermore, we observe the non-existence of a function whose absolute Walsh transform takes exactly $3$ distinct values (one being zero). We finally provide a new class of functions whose absolute Walsh transform takes exactly $4$ distinct values (one being zero).
  145. Statistical integral distinguisher with multi-structure and its application on AES-like ciphers, T. Cui, H. Chen, S. Mesnager, L. Sun et M. Wang. Journal Cryptography and Communications 10(5), pages 755-776, 2018.
    Abstract :
    The integral attack is one of the most powerful tools in symmetric ciphers. In order to reduce the time the complexity of the original integral one, Wang et al. firstly proposed a statistical integral distinguisher at FSE'16. However, they don't consider the cases that there are several integral properties on output and multiple structures of data should be used at the same time. In terms of such case, we put forward a new statistical integral distinguisher, which enables us to reduce the data complexity compared to the traditional integral ones under multiple structures. As illustrations, we use it into the known-key distinguishers on AES-like ciphers, including AES and the permutations of Whirlpool, PHOTON and Gr\o stl-256 hash functions based on Gilbert's work at ASIACRYPT'14. These new distinguishers are the best compared to previous ones under the known-key setting. Moreover, we propose a secret-key distinguisher on 5-round AES under chosen-ciphertext mode. Its data, time and memory complexities are $2^{114.32}$ chosen ciphertexts, $2^{110}$ encryptions and $2^{33.32}$ blocks. This is the best integral distinguisher on AES with a secret S-box under a secret-key setting.
  146. Classification of bent monomials, constructions of bent multinomials and upper bounds on the nonlinearity of vectorial functions, Y. Xu, C. Carlet, S. Mesnager et C. Wu, Journal IEEE Transactions on Information Theory-IT, Vol. 64, Issue 1, pages 367-383, 2018.
    Abstract :
    The paper comprises two main parts related to the nonlinearity of vectorial functions. The first part is devoted to maximally nonlinear $(n,m)$-functions (the so-called bent vectorial functions) that contribute to optimal resistance to linear and differential attacks on symmetric cryptosystems. They can be used in block ciphers at the cost of additional diffusion/compression/expansion layers, or as building blocks for the construction of substitution boxes (S-boxes) and they are also useful for constructing robust codes and algebraic manipulation detection codes. The main issue with bent vectorial functions is to characterize bent monomial functions $Tr_{m}^n (\lambda x^d)$ from $\mathbb{F}_{2^n}$ to $\mathbb{F}_{2^m}$ (where $m$ is a divisor of $n$) leading to a classification of those bent monomials. We also treat the case of functions with multiple trace terms involving general results and explicit constructions. Furthermore, we investigate some open problems raised by Pasalic et al. and Muratovi\'c-Ribi\'c et al. in a series of papers on vectorial functions. The second part is devoted to the nonlinearity of $(n,m)$-functions. No tight upper bound is known when $m$ is between $frac n2$ and $n$. The covering radius bound is the only known upper bound in this range (the Sidelnikov-Chabaud-Vaudenay bound coincides with it when $m=n-1$ and it has no sense when $m$ is less than $n-1$). Finding better bounds is an open problem since the The 90s. Moreover, no bound has been found during the last 23 years which improve upon the covering radius bound for a large part of $(n,m)$-functions. We derive such upper bounds for functions which are sufficiently unbalanced or which satisfy some conditions. These upper bounds imply some necessary conditions for vectorial functions to have large nonlinearity.
  147. Generalized plateaued functions and admissible (plateaued) functions, S. Mesnager, C. Tang et Y. Qi, Journal IEEE Transactions on Information Theory-IT, Vol. 61, Issue 10, pages 6139-6148, 2017.
    Abstract :
    Plateaued functions are very important cryptographic functions due to their various desirable cryptographic characteristics. We point out that plateaued functions are more general than bent functions (that is, functions with maximum nonlinearity). Some Boolean plateaued functions have large nonlinearity, which provides protection against fast correlation attacks when they are used as combiners or filters in stream ciphers, and contributes, when they are the component functions of the substitution boxes in block ciphers, to protection against linear cryptanalysis. P-ary plateaued functions have recently attracted some attention in the literature, and many activities on generalized p-ary functions have been carried out. This paper increases our knowledge of plateaued functions in the general context of generalized p-ary functions. We first introduce two new versions of plateaued functions, which we shall call generalized plateaued functions and admissible plateaued functions. The generalized plateaued functions extends the standard notion of plateaued p-ary functions to those whose outputs are in the ring Zpk . Next, we study the generalized plateaued functions and use admissible plateaued functions to characterize the generalized plateaued functions by means of their components. Finally, we provide for the first time two constructions of generalized plateaued functions. In particular, we generalize a known secondary construction of binary generalized bent functions and derive constructions of binary generalized plateaued functions with different amplitude.
  148. Decomposing generalized bent and hyperbent functions,T. Martinsen, W. Meidl, S. Mesnager et P. Stanica, Journal IEEE Transactions on Information Theory-IT, Vol 63, Issue 12, pages 7804-7812, 2017.
    Abstract :
    In this paper we introduce generalized hyperbent functions from $\F_{2^n}$ to $\Z_{2^k}$, and investigate decompositions of generalized (hyper)bent functions. We show that generalized (hyper)bent functions $f$ from $\F_{2^n}$ to $\Z_{2^k}$ consist of components which are generalized (hyper)bent functions from $\F_{2^n}$ to $\Z_{2^{k^\prime}}$ for some $k^\prime less than k$. For even $n$, most notably we show that the g-hyperbentness of $f$ is equivalent to the hyperbentness of the components of $f$ with some conditions on the Walsh-Hadamard coefficients. For odd $n$, we show that the Boolean functions associated to a generalized bent function form an affine space of semibent functions. This complements a recent result for even $n$, where the associated Boolean functions are bent.
  149. Fast algebraic immunity of Boolean functions, S. Mesnager et G. Cohen, Journal Advances in Mathematics of Communications (AMC), Vol 11, No. 2, pages 373-377, 2017.
    Abstract :
    Since 1970, Boolean functions have been the focus of a lot of at- tention in cryptography. An important topic in symmetric ciphers concerns the cryptographic properties of Boolean functions and constructions of Boolean functions with good cryptographic properties, that is, good resistance to known attacks. An important progress in cryptanalysis areas made in 2003 was the introduction by Courtois and Meier of algebraic attacks and fast algebraic at- tacks which are very powerful analysis concepts and can be applied to almost all cryptographic algorithms. To study the resistance against algebraic attacks, the notion of algebraic immunity has been introduced. In this paper, we use a parameter introduced by Liu and al., called fast algebraic immunity, as a tool to measure the resistance of a cryptosystem (involving Boolean functions) to fast algebraic attacks. We prove an upper bound on the fast algebraic im- munity. Using our upper bound, we establish the weakness of trace inverse functions against fast algebraic attacks confiming a recent result of Feng and Gong.
  150. On constructions of bent, semi-bent and five valued spectrum functions from old bent functions, S. Mesnager et F. Zhang, Journal Advances in Mathematics of Communications (AMC), Vol 11, No. 2, pages 339-345, 2017.
    Abstract :
    The paper presents methods for designing functions having many applications in particular to construct linear codes with few weights. The former codes have several applications in secret sharing, authentication codes, association schemes and strongly regular graphs. We firstly provide new secondary constructions of bent functions generalizing the well-known Rothaus' constructions as well as their dual functions. From our generalization, we show that we are able to compute the dual function of a bent function built from Rothaus' construction. Next we present a result leading to a new method for constructing semi-bent functions and few Walsh transform values functions built from bent functions.
  151. On construction of bent functions involving symmetric functions and their duals, S. Mesnager, F. Zhang et Y. Zhou, Journal Advances in Mathematics of Communications (AMC), Vol 11, No. 2, pages 347-352, 2017.
    Abstract :
    In this paper, we firstly compute the dual functions of elemen- tary symmetric bent functions. Next, we derive a new secondary construction of bent functions (given with their dual functions) involving symmetric bent functions, leading to a generalization of the well-know Rothaus' construction.
  152. Explicit constructions of bent functions from pseudo-planar functions, K. Abdukhalikov et S. Mesnager, Journal Advances in Mathematics of Communications (AMC), Vol 11, No. 2, pages 293-299, 2017.
    Abstract :
    We investigate explicit constructions of bent functions which are linear on elements of spreads. Our constructions are obtained from symplectic presemifields which are associated to pseudo-planar functions. The following diagram gives an indication of the main interconnections arising in this paper: pseudo-planar functions - commutaive presemifields - bent functions
  153. Linear codes with few weights from weakly regular bent functions based on a generic construction, S. Mesnager. International Journal Cryptography and Communications (CCDS), 9(1) pages 71-84, Springer, 2017
    Abstract :
    We contribute to the knowledge of linear codes with few weights from special polyno- mials and functions. Substantial efforts (especially due to C. Ding) have been directed towards their study in the past few years. Such codes have several applications in secret sharing, authentication codes, association schemes and strongly regular graphs. Based on a generic construction of linear codes from mappings and by employing weakly reg- ular bent functions, we provide a new class of linear p-ary codes with three weights given with its weight distribution. The class of codes presented in this paper is different from those known in literature.
  154. A comparison of Carlet's second order nonlinearity bounds, S. Mesnager, G. McGrew, J. Davis, D. Steele et K. Marsten. Journal of Computer Mathematics, 94(3) pages 427-436, 2017.
    Abstract :
    Carlet provides two bounds on the second order nonlinearity of Boolean functions. We construct a family of Boolean functions where the first bound (the presumed weaker bound) is tight and the second bound is strictly worse than the first bound. We show that the difference between the two bounds can be made arbitrarily large.
  155. Bent functions linear on elements of some classical spreads and presemifields spreads, K. Abdukhalikov et S. Mesnager. International Journal Cryptography and Communications (CCDS), 9(1) pages 3-21, Springer, 2017.
    Abstract :
    Bent functions are maximally nonlinear Boolean functions with an even number of variables. They have attracted a lot of research for four decades because of their own sake as interesting combinatorial objects, and also because of their relations to coding theory, sequences and their applications in cryptography and other domains such as design theory. In this paper we investigate explicit constructions of bent functions which are linear on elements of spreads. After presenting an overview on this topic, we study bent functions which are linear on elements of presemifield spreads and give explicit descriptions of such functions for known commutative presemifields. A direct connection between bent functions which are linear on elements of the Desarguesian spread and oval polynomials over finite fields was proved by Carlet and the second author. Very recently, further nice extensions have been made by Carlet in another context. We introduce oval polynomials for semifields which are dual to symplectic semifields. In particular, it is shown that from a linear oval polynomial for a semifield one can get an oval polynomial for transposed semifield.
  156. On the nonlinearity of S-boxes and linear codes, J. Liu, S. Mesnager et L. Chen, Journal Cryptography and Communications- Discrete Structures, Boolean Functions and Sequences (CCDS), 9(3) pages 345-361, Springer, 2017.
    Abstract :
    For multi-output Boolean functions (also called S-boxes), various measures of nonlinearity have been widely discussed in the literature but many problems are left open in this topic. The purpose of this paper is to present a new approach to estimating the nonlinearity of S-boxes. A more fine-grained view on the notion of nonlinearity of S-boxes is presented and new connections to some linear codes are established. More precisely, we mainly study the nonlinearity indicator (denoted by $\mathcal{N}_\mathrm{v}$) for S-boxes from a coding theory point of view. Such a cryptographic parameter $\mathcal{N}_\mathrm{v}$ is more related to best affine approximation attacks on stream ciphers. We establish a direct link between $\mathcal{N}_\mathrm{v}$ and the minimum distance of the corresponding linear code. We exploit that connection to derive the first general lower bounds on $\mathcal{N}_\mathrm{v}$ of non-affine functions from $\F_{2^n}$ to $\F_{2^m}$ for m dividing n. Furthermore, we show that $\mathcal{N}_\mathrm{v}$ can be determined directly by the weight distribution of the corresponding linear code.
  157. DNA cyclic codes over rings, N. Bennenni, K. Guenda et S. Mesnager, Journal Advances in Mathematics of Communications (AMC), Vol 11, No. 1, pages 83-98, 2017.
    Abstract :
    In this paper we construct new DNA cyclic codes over rings. Firstly, we introduce a new family of DNA cyclic codes over the ring $R=F_2[u]/(u^6)$. A direct link between the elements of such a ring and the $64$ codons used in the amino acids of the living organisms is established. Using this correspondence we study the reverse-complement properties of our codes. We use the edit distance between the codewords which is an important combinatorial notion for the DNA strands. Next, we define the Lee weight, the Gray map over the ring $R$ as well as the binary image of the DNA cyclic codes allowing the transfer of studying DNA codes into studying binary codes. Secondly, we introduce another new family of DNA skew cyclic codes constructed over the ring $\tilde {R}=F_2+vF_2={0,1,v,v+1\},$ where $v^2=v$. The codes obtained are cyclic reverse-complement over the ring $\tilde {R}$. Further we find their binary images and construct some explicit examples of such codes.
  158. Involutions over the Galois field $F_2^n$, P. Charpin, S. Mesnager et S. Sarkar. Journal IEEE Transactions on Information Theory-IT, Volume 62, Issue 4, pages 1-11, 2016.
    Abstract :
    An involution is a permutation such that its inverse is itself (i.e., cycle length 2). Due to this property involutions have been used in many applications including cryptography and coding theory. In this paper we provide a systematic study of involutions that are defined over finite field of characteristic 2. We characterize the invo- lution property of several classes of polynomials and propose several constructions. Further we study the number of fixed points of involu- tions which is a pertinent question related to permutations with short cycle. In this paper we mostly have used combinatorial techniques.
  159. Dickson polynomials that are involutions, P. Charpin, S. Mesnager et S. Sarkar. Journal Contemporary Developments in Finite Fields and Their Applications, pages 22-45, World Scientific Press, 2016.
    Abstract :
    Dickson polynomials which are permutations are interesting combinatorial objects and well studied. In this paper, we describe Dickson polynomials of the first kind in $F_{2^n}[x]$ that are involutions over finite fields of characteristic $2$. Such description is obtained using modular arithmetic's tools. We give results related to the cardinality and the number of fixed points (in the context of cryptographic application) of this corpus. We also present infinite classes of Dickson involutions. We study Dickson involutions which have a minimal set of fixed points.
  160. Further constructions of infinite families of bent functions from new permutations and their duals, S. Mesnager. International journal Cryptography and Communications (CCDS), 8(2), pages 229-246, Springer 2016.
    Abstract :
    A Boolean function with an even number of variables is called bent if it is maximally nonlinear. This paper extends the recent work of the author on bent functions ("Several new infinite families of bent functions and their duals", IEEE-IT, 60(7), pp 4397-4407, 2014). We exhibit several new infinite families of bent functions with their dual (bent) functions. Some of them are obtained via new infinite families of permutations that we provide with their compositional inverses. We introduce secondary-like constructions of permutations leading to the construction of several families of bent functions.
  161. Yet another variation on minimal linear codes, G. Cohen, S. Mesnager et H. Randriam. Journal Advances in Mathematics of Communications (AMC), Volume 10, No. 1, pages 53-61, 2016.
    Abstract :
    Minimal linear codes are linear codes such that the support of every codeword does not contain the support of another linearly independent codeword. Such codes have applications in cryptography, e.g. to secret sharing. We pursue here their study and construct improved asymptotically good families of minimal linear codes. We also consider quasi-minimal, $t$-minimal, and $t$-quasi-minimal linear codes, which are new variations on this notion.
  162. Further results on semi-bent functions in polynomial form, X. Cao, H. Chen et S. Mesnager, Journal Advances in Mathematics of Communications (AMC), 10(4) pages 725-741, 2016.
    Abstract :
    Plateaued functions have been introduced by Zheng and Zhang in 1999 as good candidates for designing cryptographic functions since they possess many desirable cryptographic characteristics. Plateaued functions bring together various nonlinear characteristics and include two important classes of Boolean functions defined in even dimension: the well-known bent functions ($0$-plateaued functions) and the semi-bent functions ($2$-plateaued functions). Bent functions have been extensively investigated since 1976. Very recently, the study of semi-bent functions has attracted a lot of attention in symmetric cryptography. Many intensive progresses in the design of such functions have been made especially in recent years. The paper is devoted to the construction of semi-bent functions on the finite field $\mathbb{F}_{2^n}$ ($n=2m$) in the line of a recent work of S. Mesnager [IEEE Transactions on Information Theory, Vol 57, No 11, 2011]. We extend Mesnager's results and present a new construction of infinite classes of binary semi-bent functions in polynomial trace. The extension is achieved by inserting mappings $h$ on $\mathbb{F}_{2^n}$ which can be expressed as $h(0) = 0$ and $h(uy) = h_1(u)h_2(y)$ with $u$ ranging over the circle $U$ of unity of $\mathbb{F}_{2^n}$, $y \in \mathbb{F}_{2^m}^{*}$ and $uy \in \mathbb{F}_{2^n}^{*}$, where $h_1$ is a isomorphism on $U$ and $h_2$ is an arbitrary mapping on $\mathbb{F}_{2^m}^{*}$. We then characterize the semi-bentness property of the extended family in terms of classical binary exponential sums and binary polynomials.
  163. Four decades of research on bent functions, C. Carlet et S. Mesnager. International Journal Designs, Codes and Cryptography (DCC), Vol. 78, No. 1, pages 5-50, Springer 2016.
    Abstract :
    In this survey, we revisit the Rothaus paper and the chapter of Dillon's thesis dedicated to bent functions, and we describe the main results obtained on these functions during the last 40 years. We also briefly cover super-classes of Boolean functions, vectorial bent functions and bent functions in odd characteristics.
  164. Variation on correlation immune Boolean and vectorial functions, J. Liu, S. Mesnager et L. Chen. International Journal Advances in Mathematics of Communications (AMC), 10(4) pages 895-919, 2016.
    Abstract :
    Correlation immune functions were introduced to protect some shift register-based stream ciphers against correlation attacks. Mathematically, the correlation immunity of a Boolean function is a measure of the degree to which its outputs are uncorrelated with some subset of its inputs. For cryptographic applications, relaxing the concept of correlation immunity has been highlighted and proven to be more appropriate in several cryptographic situations. Various weakened notions of correlation immunity and resiliency have been widely introduced for cryptographic functions, but those notions are difficult to handle. As a variation, we focus on the notion of $\varphi$-correlation immunity which is closely related to (fast) correlation attacks on stream ciphers based on nonlinear combiner model. In particular, we exhibit new connections between $\varphi$-correlation immunity and $\epsilon$-almost resiliency, which are two distinct approaches for characterizing relaxed resiliency. We also extend the concept of $\varphi$-correlation immunity introduced by Carlet et al. in 2006 for Boolean functions to vectorial functions and study the main cryptographic parameters of $\varphi$-correlation immune functions. Moreover, we provide new primary constructions of $\varphi$-resilient functions with good designed immunity profile. Specially, we propose a new recursive method to construct $\varphi$-resilient functions with high nonlinearity, high algebraic degree, and monotone increasing immunity profile.
  165. Optimal codebooks from binary codes meeting the Levenshtein bound, C. Xiang, C. Ding et S. Mesnager. International Journal IEEE Transactions on Information Theory-IT 61(12), pages 6526-6535, 2015.
    Abstract :
    In this paper, a generic construction of codebooks based on binary codes is introduced. With this generic construction, a few previous constructions of optimal codebooks are extended, and a new class of codebooks almost meets the Levenshtein bound is presented. Exponentially many codebooks meeting or almost meeting the Levenshtein bound from binary codes are obtained in this paper. The codebooks constructed in this paper have alphabet size 4. As a byproduct, three bounds on the parameters of binary codes are derived.
  166. Bent vectorial functions and linear codes from o-polynomials, S. Mesnager. International Journal Designs, Codes and Cryptography (DCC) 77(1), pages 99-116, 2015.
    Abstract :
    The main topics and interconnections arising in this paper are symmetric cryptography (S-boxes), coding theory (linear codes) and finite projective geometry (hyperovals). The paper describes connections between the two main areas of information theory on the one side and finite geometry on the other side. Bent vectorial functions are maximally nonlinear multi-output Boolean functions. They contribute to an optimal resistance to both linear and differential attacks of those symmetric cryptosystems in which they are involved as substitution boxes (S-boxes). We firstly exhibit new connections between bent vectorial functions and the hyperovals of the projective plane, extending the recent link between bent Boolean functions and the hyperovals. Such a link provides several new classes of optimal vectorial bent functions. Secondly, we exhibit surprisingly a connection between the hyperovals of the projective plane in even characteristic and q-ary simplex codes. To this end, we present a general construction of classes of linear codes from o-polynomials and study their weight distribution proving that all of them are constant weight codes. We show that the hyperovals of $PG_{2}(2^m)$ from finite projective geometry provide new minimal codes (used in particular in secret sharing schemes, to model the access structures) and give rise to multiples of $2^r$-ary ($r$ being a divisor of m) simplex linear codes (whose duals are the perfect $2^r$-ary Hamming codes) over an extension field $GF 2^r$ of $\GF 2$.
  167. Bent functions from spreads, S. Mesnager, Journal of the American Mathematical Society (AMS), Contemporary Mathematics (Proceedings of the 11th International conference on Finite Fields and their Applications Fq11), Volume 632, pages 295-316, 2015.
    Abstract :
    Bent functions are optimal combinatorics objects. Since the introduction of these functions, substantial efforts have been directed towards their study in the last three decades. In this paper, we are interested firstly in bent functions on $\GF n$ whose restriction to $\frac{n}2$-spreads are constant. The study of such bent functions motivates the clarification of connections between various subclasses of the class of partial bent functions and relations to the class of hyper-bent functions. We investigate their logic relations and state results giving more insight. We also draw a Venn diagram which explains the relations between these classes. Secondly, we present synthetically the most important progress obtained about the bent functions on $\GF n$ whose restrictions to $\frac{n}2$-spreads are linear. Finally, we present our advances obtained about the bent functions on $\GF n$ whose restrictions to $\frac{n}2$-spreads are affine.
  168. Several new infinite families of bent functions and their duals, S. Mesnager, IEEE Transactions on Information Theory-IT, Vol. 60, No. 7, pages 4397-4407, 2014
    Abstract :
    Bent functions are optimal combinatorial objects. Since the introduction of these functions, substantial efforts have been directed towards their study in the last three decades. A complete classification of bent functions is elusive and looks hopeless today. Therefore, not only their characterization but also their generation are challenging problems. The paper is devoted to the construction of bent functions. Firstly we provide several new effective constructions of bent functions, self-dual bent functions and anti-self-dual bent functions. Secondly, we provide seven new infinite families of bent functions by explicitly calculating their dual functions.
  169. Sphere coverings and Identifying Codes, D. Auger, G. Cohen et S. Mesnager, Journal Designs, Codes and Cryptography, Volume 70, Issues 1-2, pages 3-7, 2014.
    Abstract :
    In any connected, undirected graph $G=(V,E)$, the {\it distance} $d(x,y)$ between two vertices $x$ and $y$ of $G$ is the minimum number of edges in a path linking $x$ to $y$ in $G$. A {\it sphere} in $G$ is a set of the form $S_r(x) = \{ y \in V : d(x,y)=r \},$ where $x$ is a vertex and $r$ is a nonnegative integer called the {\it radius} of the sphere. We first address in this paper the following question: What is the minimum number of spheres with fixed radius $r \geq 0$ required to cover all the vertices of a finite, connected, undirected graph $G$? We then turn our attention to the Hamming Hypercube of dimension $n$, showing that the minimum number of spheres {\it with any radii} required to cover this graph is either $n$ or $n+1$, depending on the parity of $n$. We also relate the two above problems to other questions in combinatorics, in particular, to identifying codes.
  170. On constructions of semi-bent functions from bent functions, G. Cohen et S. Mesnager, Journal Contemporary Mathematics 625, Discrete Geometry and Algebraic Combinatorics, American Mathematical Society, Pages 141-154, 2014.
    Abstract :
    Plateaued functions are significant in cryptography as they possess various desirable cryptographic properties. Two important classes of plateaued functions are of bent functions and semi-bent functions due to their combinatorial and algebraic properties. Constructions of bent functions have been extensively investigated. However, only a few constructions of semi-bent functions have been proposed in the literature. Finding new constructions of bent and semi-bent functions is not a simple task. The paper is devoted to constructing semi-bent functions with an even number of variables. We show that bent functions give rise to primary and secondary-like constructions of semi-bent functions.
  171. An efficient characterization of a family of hyper-bent functions with multiple trace terms, J. P. Flori et S. Mesnager, Journal of Mathematical Cryptology. Vol 7 (1), pages 43-68, 2013.
    Abstract :
    The connection between exponential sums and algebraic varieties has been known for at least six decades. Recently, Lisonek exploited it to reformulate the Charpin--Gong characterization of a large class of hyper-bent functions in terms of the number of points on hyperelliptic curves. As a consequence, he obtained a polynomial time and space algorithm for certain subclasses of functions in the Charpin--Gong family. In this paper, we settle a more general framework, together with detailed proofs, for such an approach and show that it applies naturally to a distinct family of functions proposed by Mesnager. Doing so, a polynomial time and space test for the hyper-bentness of functions in this family is obtained as well. Nonetheless, a straightforward application of such results does not provide a satisfactory criterion for the explicit generation of functions in the Mesnager family. To address this issue, we show how to obtain a more efficient test leading to a substantial practical gain. We finally elaborate on an open problem about hyperelliptic curves related to a family of Boolean functions studied by Charpin and Gong.
  172. Hyper-bent functions via Dillon-like exponents, S. Mesnager et J. P. Flori, IEEE Transactions on Information Theory-IT. Vol. 59 No. 5, pages 3215- 3232, 2013.
    Abstract :
    This paper is devoted to hyper-bent functions with multiple trace terms (including binomial functions) via Dillon-like exponents. We show how the approach developed by Mesnager to extend the Charpin--Gong family, which was also used by Wang \etal to obtain another similar extension, fits in a much more general setting.To this end, we first explain how the original restriction for Charpin--Gong criterion can be weakened before generalizing the Mesnager approach to arbitrary Dillon-like exponents. Afterwards, we tackle the problem of devising infinite families of extension degrees for which a given exponent is valid and apply these results not only to reprove the results of straightforwardly Mesnager and Wang et al., but also to characterize the hyper-bentness of several new infinite classes of Boolean functions. We go into full details only for a few of them, but provide an algorithm (and the corresponding software) to apply this approach to an infinity of other new families. Finally, we propose a reformulation of such characterizations in terms of hyperelliptic curves and use it to actually build hyper-bent functions in cases which could not be attained through naive computations of exponential sums.
  173. Further results on Niho bent functions, L. Budaghyan, C. Carlet, T. Helleseth, A. Kholosha et S. Mesnager, IEEE Transactions on Information Theory-IT. Vol 58, No 11, pages 6979-6985, 2012.
    Abstract :
    Computed is the dual of the Niho bent function consisting of $2^r$ exponents that were found by Leander and Kholosha. The algebraic degree of the dual is calculated, showing that this new bent function is not of the Niho type. Finally, three infinite classes of Niho bent functions are analyzed for their relation to the completed Maiorana-McFarland class. This is done using the criterion based on second-order derivatives of a function.
  174. On Semi-bent Boolean Functions, C. Carlet et S. Mesnager, IEEE Transactions on Information Theory, Vol 58, No 5, pages: 3287-3292, 2012.
    Abstract :
    We show that any Boolean function, in even dimension, equal to the sum of a Boolean function g$ which is constant on each element of a spread and of a Boolean function $h$ whose restrictions to these elements are all linear, is semi-bent if and only if g and h are both bent. We deduce a large number of infinite classes of semi-bent functions in explicit bivariate (resp. univariate) polynomial form.
  175. Semi-bent functions from Dillon and Niho exponents, Kloosterman sums and Dickson polynomials. S. Mesnager, IEEE Transactions on Information Theory, Vol 57, No 11, pages 7443-7458, 2011.
    Abstract :
    Kloosterman sums have recently become the focus of much research, most notably due to their applications in cryptography and coding theory. In this paper, we extensively investigate the link between the semi-bentness property of functions in univariate forms obtained via Dillon and Niho functions and Kloosterman sums. In particular, we show that zeros and the value four of binary Kloosterman sums give rise to semi-bent functions in even dimension with maximum degree. Moreover, we study the semi-bentness property of functions in polynomial forms with multiple trace terms and exhibit criteria involving Dickson polynomials.
  176. On Dillon's class H of bent functions, Niho bent functions and o-polynomials, C. Carlet et S. Mesnager, Journal of Combinatorial Theory-JCT-Serie A 118, pages 2392–2410, 2011.
    Abstract :
    One of the classes of bent Boolean functions introduced by John Dillon, in his thesis, is family $H$. While this class corresponds to a nice original construction of bent functions in bivariate form, Dillon could exhibit in it only functions which already belonged to the well-known Maiorana-McFarland class. We first notice that $H$ can be extended to a slightly larger class that we denote by ${\cal H}$. We observe that the bent functions constructed via Niho power functions, for which four examples are known due to Dobbertin et al. and to Leander-Kholosha, are the univariate form of the functions of class ${\cal H}$. Their restrictions to the vector spaces $\omega\GF {n/2}$, $\omega\in \GF n^\star$, are linear. We also characterize the bent functions whose restrictions to the $\omega\GF {n/2}$ s are affine. We answer the open question raised by Dobbertin et al. in JCT A 2006 on whether the duals of the Niho bent functions introduced in the paper are affinely equivalent to them by explicitly calculating the dual of one of these functions. We observe that this Niho function also belongs to the Maiorana-McFarland class, which brings us back to the problem of knowing whether $H$ (or ${\cal H}$) is a subclass of the Maiorana-McFarland completed class. We then show that the condition for a function in bivariate form to belong to class ${\cal H}$ is equivalent to the fact that a polynomial directly related to its definition is an o-polynomial (also called an oval polynomial, a notion from finite geometry). Thanks to the existence in the literature of 8 classes of nonlinear o-polynomials, we deduce a large number of new cases of bent functions in ${\cal H}$, which are potentially affinely inequivalent to known bent functions (in particular, to Maiorana-McFarland's functions).
  177. Bent and Hyper-bent Functions in polynomial form and Their Link With Some Exponential Sums and Dickson Polynomials. S. Mesnager, IEEE Transactions on Information Theory, Vol. 57, No. 9, pages 5996-6009, 2011.
    Abstract :
    Bent functions are maximally nonlinear Boolean functions with an even number of variables. They were introduced by Rothaus in 1976. For their own sake as interesting combinatorial objects, but also because of their relations to coding theory (Reed-Muller codes) and applications in cryptography (design of stream ciphers), they have attracted a lot of research, especially in the last 15 years. The class of bent functions contains a subclass of functions introduced by Youssef and Gong in 2001, the so-called hyper-bent functions, whose properties are still stronger and whose elements are still rarer than bent functions. Bent and hyperbent functions are not classified. A complete classification of these functions is elusive and looks hopeless. So, it is important to design constructions in order to know as many of (hyper)-bent functions as possible. This paper is devoted to constructing bent and hyper-bent Boolean functions in polynomial forms. We survey and present an overview of the constructions discovered recently. We extensively investigate the link between the bentness property of such functions and some exponential sums (involving Dickson polynomials) and give some conjectures that lead to the construction of new hyper-bent functions.
  178. A New Class of Bent and Hyper-Bent Boolean Functions in Polynomial Forms. S. Mesnager, Journal Designs, Codes and Cryptography. Volume 59, No. 1-3, pages 265-279 (2011).
    Abstract :
    Bent functions are maximally nonlinear Boolean functions and exist only for functions with an even number of inputs. This paper is a contribution to the construction of bent functions over $\GF{n}$ ($n=2m$) having the form $f(x) = \tr {o(s_1)} (a x^ {s_1}) + \tr {o(s_2)} (b x^{s_2})$ where $o(s_i$) denotes the cardinality of the cyclotomic class of 2 modulo $2^n-1$ which contains $s_i$ and whose coefficients $a$ and $b$ are, respectively in $F_{2^{o(s_1)}}$ and $F_{2^{o(s_2)}}$. Many constructions of monomial bent functions are presented in the literature, but very few are known, even in the binomial case. We prove that the exponents $s_1=2^{m}-1$ and $s_2={\frac {2^n-1}3}$, where $a\in\GF{n}$ ($a\not=0$) and $b\in\GF[4]{}$ provide a construction of bent functions over $\GF{n}$ with optimum algebraic degree. For $m$ odd, we give an explicit characterization of the bentness of these functions, in terms of the Kloosterman sums. We generalize the result for functions whose exponent $s_1$ is of the form $r(2^{m}-1)$ where $r$ is co-prime with $2^m+1$. The corresponding bent functions are also hyper-bent. For $m$ even, we give a necessary condition of bentness in terms of these Kloosterman sums.
  179. On the construction of bent vectorial functions, C. Carlet et S. Mesnager, Journal of Information and Coding Theory: Algebraic and Combinatorial Coding Theory, Vol 1, No. 2, pages 133-148 (2010).
    Abstract :
    This paper is devoted to constructing bent vectorial functions, that is, maximally nonlinear multi-output Boolean functions. Such functions contribute to an optimal resistance to both linear and differential attacks of those cryptosystems in which they are involved as substitution boxes (S-boxes). We survey, study more in detail and generalize the known primary and secondary constructions of bent functions, and we introduce new ones.
  180. Improving the Lower Bound on the Higher Order nonlinearity of Boolean Functions With Prescribed Algebraic Immunity. S. Mesnager, IEEE Transactions on Information Theory-IT Vol. 54, No. 8, pages 3656-3662 (2008).
    Abstract :
    The recent algebraic attacks have received a lot of attention in cryptographic literature. The algebraic immunity of a Boolean function quantifies its resistance to the standard algebraic attacks of the pseudorandom generators using it as a nonlinear filtering or combining function. Very few results have been found concerning its relationship with the other cryptographic parameters or with the rth-order nonlinearity. As recalled by Carlet at CRYPTO'06, many papers have illustrated the importance of the r th-order nonlinearity profile (which includes the first-order nonlinearity). The role of this parameter relatively to the currently known attacks has also been shown for block ciphers. Recently, two lower bounds involving the algebraic immunity on the rth-order nonlinearity have been shown by Carlet. None of them improves upon the other one in all situations. In this paper, we prove a new lower bound on the rth-order nonlinearity profile of Boolean functions, given their algebraic immunity, improves significantly upon one of these lower bounds for all orders and upon the other one for low orders.
  181. On the number of resilient Boolean functions. S. Mesnager, Journal of Number Theory and its Applications, Vol. 5, pages 139-153, 2008.
    Abstract :
    Boolean functions are very important primitives of symmetric cryptosystems. To increase the security of such cryptopsystems, these Boolean functions have to fit several security criteria. In particular, they have to be $m$-resilient, that is, to be balanced and $m$-correlation immune. This class of Boolean function has been widely studied by cryptographers. Nevertheless, the problem of counting the number of $m$-resilient $n$-variables Boolean functions is still challenging. In this paper, we propose a new approach to this question. We reword this question in that to count integer solutions of a system of linear inequalities. This allows us to deduce two representation formulas for the number of $m$-resilient $n$-variables Boolean functions.
  182. Improving the Upper Bounds on the Covering Radii of Binary Reed-Muller Codes, C. Carlet et S. Mesnager, IEEE Transactions on Information Theory 53 (1), pages 162-173 (2007).
    Abstract :
    By deriving bounds on character sums of Boolean functions and by using the characterizations, due to Kasami, of those elements of the Reed-Muller codes whose Hamming weights are smaller than twice and a half the minimum distance, we derive an improved upper bound on the covering radius of the Reed-Muller code of order 2, and we deduce improved upper bounds on the covering radii of the Reed-Muller codes of higher orders
  183. Test of epimorphism for finitely generated morphisms between affine algebras over Computational rings. S. Mesnager, Journal of Algebra and Applications, Vol 4 (4), pages 1-15 (2005).
    Abstract :
    In this paper, based on a characterization of epimorphisms of $R$-algebras given by Roby [15], we bring an algorithm testing whether a given finitely generated morphism $f : A to B$, where A and B are finitely presented affine algebras over the same Nœtherian commutative ring $R$, is an epimorphism of $R$-algebras or not. We require two computa- tional conditions on $R$, which we call a computational ring.
  184. Construction of the integral closure of an affine domain in a finite field extension of its quotient field. S. Mesnager, Journal of Pure and Applied Algebra, Vol 194, pages 311-327 (2004).
    Abstract :
    The construction of the normalization of an affine domain over a field is a classical problem solved since sixteen's by Stolzenberg (1968) and Seidenberg (1970-1975) thanks to classical algebraic methods and, more recently, by Vasconcelos (1991-1998) and de Jong (1998), thanks to homological methods. The aim of this paper is to explain how to use such a construction to obtain the integral closure of effectively such a domain in any finite extension of its quotient field, thanks to Dieudonn\'e characterization of such an integral closure. As an application of our construction, we explain how to obtain an effective decomposition of a quasi-finite and dominant morphism from a normal affine irreducible variety to an affine irreducible variety as a product of an open immersion and a finite morphism, conformity to the classical Grothendieck's version of Zariski's main theorem.
  185. On resultant criteria and formulas for the inversion of a polynomial map. S. Mesnager, Communications in Algebra 29 (8), pages 3327-3339 (2001).
    Abstract :
    About the inversion of a polynomial map $F: K^2 \mapsto K^2$ over an arbitrary field $K$, it is natural to consider the following questions: (1) Can we find a necessary and sufficient criterion in terms of resultants for $F$ to be invertible with polynomial inverse such that this criterion gives an explicit formula to compute the inverse of $F$ in this case? (2) Can we find a necessary and sufficient condition in terms of resultants for $F$ to be invertible with rational inverse such that this criterion gives an explicit formula to compute the inverse of $F$ in this case ? MacKay and Wang [5] gave a partial answer to question (1), by giving an explicit expression of the inverse of $F$, when $F$ is invertible without constant terms. on the other hand,Adjamagbo and Essen \cite{Adjamagbo-Essen} have fully answered questions (2) and have furnished a necessary and sufficient criterion, which relies on the existence of some constants $\lambda_1$, $\lambda_2$ in $K^\star$. We improve this results by giving an explicit relationship between $\lambda_1$, $\lambda_2$ and constants of the Theorem of MacKay and Wang [5]. Concerning question (2), Adjamagbo and Boury [2] give a criterion for rational maps which relies on the existence of two polynomials $\lambda_1$, $\lambda_2$. We also improve this result by expliciting the relations between these $\lambda_1$,$\lambda_2$ and the coefficients of $F$. This improvement enables us, first, to give an explicit proof of the corresponding Theorem of Abhyankhar[1], and secondly, to give a counter-example where these $\lambda_1$,$\lambda_2$ are not in $K^\star$, contrary to a claim of Yu [6].

    186. Proceedings of international conferences (in reverse chronological order)

  186. S. Eddahmani and S. Mesnager. $C$-Differential-Linear Connectivity Table of Vectorial Boolean Functions. Proceedings of the 15th International Conference on the Theory and Applications of Cryptology ``AfricaCrypt" 2024, Douala, Cameroun 2024, pages 3-20 LNCS, Springer 2024.
  187. On the evolution of boomerang uniformity in cryptographic S-boxes. M. Djurasevic, D. Jakobovic, L. Mariot, S. Mesnager, and S. Picek. Proceedings of the International Conference on the Applications of Evolutionary Computation, Brno, Czech Republic, LNCS, Springer, 2023.
  188. D. Tang, J. Liu, and S. Mesnager. On constructions of binary locally repairable codes with locality two and multiple repair alternatives via autocorrelation spectra of Boolean functions}. Proceedings of the 12th International Workshop on Coding and Cryptography (WCC 2022), Rostock, Germany, 2022.
  189. A suitable proposal of S-boxes (inverse-like) for the AES, their analysis and performances. S. Eddahmani and S. Mesnager. Proceedings of the International Conference on Security and Privacy ICSP 2021, India pages 49--63, 2021.
  190. Infinie Classes of six-weight linear codes derived from weakly regular plateaued functions. S. Mesnager and A. Sinak. Proceedings of the IEEE International Conference on Information and Cryptology (ISCTURKEY), Ankara, Turkey pages 93--100, 2020.
  191. Further results on bent-negabent Boolean functions. S. Mesnager, B. ben Moussat et Z. Zhuo, Proceedings of the International Conference on Security and Privacy (ICSP 2020), 2020, Inde.
  192. Infinite Classes of six-weight linear codes derived from weakly regular plateaued functions. S. Mesnager et A. Sinak, the 13th International Conference on Information Security and Cryptology 2020 with the IEEE Turkey Section Support, Turquie 2020.
  193. Privacy as a Service: Anonymisation of NetFlow Traces. A. Aloui, M. Msahli, T. Abdessalem, S. Mesnager et S. Bressan, Proceedings of ICEBE 2019, pages 561-571, 2019, Chine.
  194. Three-weight minimal linear codes and their applications. S. Mesnager, A. Sinak et O. Yayla, Proceedings of the Second International Workshop on Cryptography and its Applications (IWCA 2019).
  195. Strongly regular graphs from weakly regular plateaued functions. S. Mesnager et A. Sinak, Proceedings of 2019 Ninth International Workshop on Signal Design and its Applications in Communications (IWSDA), Chine 2019.
    Abstract :
    This paper presents the first construction of strongly regular graphs and association schemes from weakly regular plateaued functions over finite fields of odd characteristic. Indeed, we generalize the construction method of strongly regular graphs from weakly regular bent functions given by Chee et al. in [Journal of Algebraic Combinatorics, 34(2), 251-266, 2011] to weakly regular plateaued functions. In this framework, we construct strongly regular graphs with three types of parameters from weakly regular plateaued functions with some homogeneous conditions. We also construct a family of association schemes of class p from weakly regular p-ary plateaued functions.
  196. Further study of $2$-to-$1$ mappings over $F_{2^n}$. K. Li, S. Mesnager et L. Qu, Proceedings of 2019 Ninth International Workshop on Signal Design and its Applications in Communications (IWSDA), Chine 2019.
    Abstract :
    2-to-1 mappings over finite fields play important roles in symmetric cryptography, such as APN functions, bent functions, semi-bent functions and so on. Very recently, Mesnager and Qu [9] provided a systematic study of 2-to-1 mappings over finite fields. Particularly, they determined all 2-to-1 mappings of degree $\leq4 over any finite fields. In addition, another research direction is to consider 2-to-1 polynomials with few terms. Some results about 2-to-1 monomials and binomials can be found in [9]. Motivated by their work, in this present paper, we continue to study 2-to-1 mappings, particularly over finite fields with characteristic 2. Firstly, we determine 2-to-1 polynomials with degree 5 over $F_{2^n}$ completely by Hasse-Weil bound. Besides, using the multivariate method and the resultant of two polynomials, we present three classes of 2-to-1 trinomials and four classes of 2-to-1 quadrinomials over $F_{2^n}$.
  197. Constructions of optimal locally recoverable codes via Dickson polynomials. J. Liu, S. Mesnager, et D. Tang, Proceedings of The Eleventh International Workshop on Coding and Cryptography} (WCC 2019), Saint-Malo, France.
    Abstract :
    In 2014, Tamo and Barg presented in a very remarkable paper a family of optimal linear locally recoverable codes (LRC codes) attain the maximum possible distance (given code length, cardinality, and locality). The key ingredient for constructing such optimal linear LRC codes is the so-called $r$-good polynomials, where $r$ is equal to the locality of the LRC code. In 2018, Liu et al. presented two general methods of designing $r$-good polynomials by using function composition, which led to three new constructions of $r$-good polynomials. Next, Micheli has provided a Galois theoretical framework which allows to produce $r$-good polynomials. The well-known Dickson polynomials form an important class of polynomials which have been extensively investigated in recent years under different contexts. This paper provides new methods of designing $r$-good polynomials based on Dickson polynomials. Such $r$-good polynomials provide new constructions of optimal LRC codes.
  198. On good polynomials over finite fields for optimal locally recoverable codes. S. Mesnager, Proceedings of the international Conference on Codes, Cryptology and Information Security C2SI 2019, Maroc, pages 257-268, 2019.
    Abstract :
    [This is an extended abstract of the paper [Liu-Mesnager-Chen2018] A locally recoverable (LRC) code is a code that enables a simple recovery of an erased symbol by accessing only a small number of other symbols. LRC codes currently form one of the rapidly developing topics in coding theory because of their applications in distributed and cloud storage systems. In 2014, Tamo and Barg have presented in a very remarkable paper a family of LRC codes that attain the maximum possible (minimum) distance (given code length, cardinality, and locality). The key ingredient for constructing such optimal linear LRC codes is the so-called $r$-good polynomials, where $r$ is equal to the locality of the LRC code. In this extended abstract, we review and discuss good polynomials over finite fields for constructing optimal LRC codes.
  199. On Plateaued Functions, Linear Structures and Permutation Polynomials. S. Mesnager, K. Kaytannci et F. Ozbudak, Proceedings of the international Conference on Codes, Cryptology and Information Security C2SI 2019, Maroc, pages 217-235, 2019.
    Abstract :
    We obtain concrete upper bounds on the algebraic immunity of a class of highly nonlinear plateaued functions without linear structures than the one was given recently in 2017, Cusick. Moreover, we extend Cusick's class to a much bigger explicit class and we show that our class has better algebraic immunity by an explicit example. We also give a new notion of linear translator, which includes the Frobenius linear translator given in 2018, Cepak, Pasalic and Muratovi\'{c}-Ribi\'{c} as a special case. We find some applications of our new notion of a linear translator to the construction of permutation polynomials. Furthermore, we give explicit classes of permutation polynomials over $GF(q^n)$ using some properties of $GF(q)$ and some conditions of 2011, Akbary, Ghioca and Wang.
  200. Characterizations of partially bent and plateaued functions over finite fields. S. Mesnager, F. Ozbudak et A. Sinak, Proceedings of International Workshop on the Arithmetic of Finite Fields, WAIFI 2018, Bergen, 2018.
    Abstract :
    Plateaued and partially bent functions over finite fields have significant applications in cryptography, sequence theory, coding theory, design theory and combinatorics. They have been extensively studied due to their various desirable cryptographic properties. In this paper, we study on characterizations of partially bent and plateaued (vectorial) functions over finite fields, with the aim of clarifying their structure. We first redefine the notion of partially bent functions over any finite field $GF(q)$, with $q$ a prime power, and then provide a few characterizations of these functions in terms of their derivatives, Walsh power moments and autocorrelation functions. We next characterize partially bent (vectorial) functions over $GF(p)$, with $p$ a prime, by means of their second-order derivatives and Walsh power moments. We finally characterize plateaued functions over $GF(p)$
  201. Construction of Some Codes Suitable for Both Side Channel and Fault Injection Attacks. C. Carlet, C. Guneri, S. Mesnager et F. Ozbudak, Proceedings of International Workshop on the Arithmetic of Finite Fields, WAIFI 2018, Bergen, 2018.
    Abstract :
    Using algebraic curves over finite fields, we construct some codes suitable for being used in the countermeasure called Direct Sum Masking, which allows, when properly implemented, to protect the whole cryptographic block cipher algorithm against side-channel attacks and fault injection attacks, simultaneously. These codes address a problem which has its own interest in coding theory.
  202. A new class of three-weight linear codes from weakly regular plateaued functions. S. Mesnager, F. Ozbudak et A. Sinak, Proceedings of The Tenth International Workshop on Coding and Cryptography (WCC 2017). Saint-Petersburg, Russie, 2017
    Abstract :
    Linear codes with few weights have many applications in secret sharing schemes, authentication codes, communication and strongly regular graphs. In this paper, we consider linear codes with three weights in arbitrary characteristic. To do this, we generalize the recent contribution of Mesnager given in [Cryptography and Communications 9(1), 71-84, 2017]. We first present a new class of binary linear codes with three weights from plateaued Boolean functions and their weight distributions. We next introduce the notion of (weakly) regular plateaued functions in odd characteristic p and give concrete examples of these functions. Moreover, we construct a new class of three-weight linear p-ary codes from weakly regular plateaued functions and determine their weight distributions. We finally analyse the constructed linear codes for secret sharing schemes.
  203. Preserving Privacy in Distributed System (PPDS) Protocol: Security analysis. A. Aloui, M. Msahli, T. Abdessalem, S. Bressan et S. Mesnager, Proceedings of 36th IEEE International Performance Computing and Communications Conference}, (IPCCC 2017), San Diego, USA.
    Abstract :
    Within the diversity of existing Big Data and data processing solutions, meeting privacy and security requirements is becoming a real need. In this paper, we tackle the security analysis of a new data processing protocol in distributed systems (PPDS). This protocol is composed of three phases: authentication, node head selection and data linking. This paper deals with its formal validation done using HLPSL language via AVISPA. We provide also its security analysis. Some performance analysis based on its proof of concept are also given in this paper.
  204. New bent functions from permutations and linear translators. S. Mesnager, P. Ongan et F. Ozbudak, Proceedings of the International Conference on Codes, Cryptology and Information Security (C2SI-2017), pages 282-297, Springer 2017.
    Abstract :
    Starting from the secondary construction originally introduced by Carlet ["On Bent and Highly Nonlinear Balanced/Resilient Functions and Their Algebraic Immunities", Applied Algebra, Algebraic Algorithms and Error-Correcting Codes, 2006], that we shall call \Car- let`s secondary construction", Mesnager has showed how one can construct several new primary constructions of bent functions. In particular, she has showed that three tuples of permutations over the finite field F2m such that the inverse of their sum equals the sum of their inverses give rise to a construction of a bent function given with its dual. It is not quite easy to find permutations satisfying such a strong condition (Am). Nevertheless, Mesnager has derived several candidates of such permutations in 2015, and showed in 2016 that in the case of involutions, the problem of construction of bent functions amounts to solve arithmetical and algebraic problems over finite fields. This paper is in the line of those previous works. We present new families of permutations satisfying (Am) as well as new infinite families of permutations constructed from permutations in both lower and higher dimensions. Our results involve linear translators and give rise to new primary constructions of bent functions given with their dual. And also, we show that our new families are not in the class of Maiorana-McFarland in general.
  205. Explicit Characterizations for Plateaued-ness of p-ary (Vectorial) Functions. C. Carlet, S. Mesnager, F. Ozbudak et A. Sinak. Proceedings of the international Conference on Codes, Cryptology and Information Security (C2SI-2017) pages 328-345, Springer 2017.
    Abstract :
    Plateaued (vectorial) functions have an important role in the sequence and cryptography frameworks. Given their importance, they have not been studied in detail in general framework. Several researchers found recently results on their characterizations and introduced new tools to understand their structure and to design such functions In this work, we mainly extend some of the observations made in characteristic 2 and given in [C. Carlet, IEEE T INFORM THEORY 61(11), 2015] to arbitrary characteristic. We first extend to arbitrary characteristic the characterizations of plateaued (vectorial) Boolean functions by the autocorrelation functions, next their characterizations in terms of the second-order derivatives, and finally their characterizations via the moments of the Walsh transform.
  206. On constructions of bent functions from involutions. S. Mesnager. Proceedings of 2016 IEEE International Symposium on Information Theory, (ISIT 2016), Barcelone, Espagne, 2016.
    Abstract :
    Bent functions are maximally nonlinear Boolean functions. They are important functions introduced by Rothaus and studied firstly by Dillon and next by many researchers for four decades. Since the complete classification of bent functions seems elusive, many researchers turn to design constructions of bent functions. In this paper, we show that linear involutions (which are an important class of permutations) over finite fields give rise to bent functions in bivariate representations. In particular, we exhibit new constructions of bent functions involving binomial linear involutions whose dual functions are directly obtained without computation. The existence of bent functions from involutions heavily relies on solving systems of equations over finite fields.
  207. Partially homomorphic encryption schemes over finite fields. J. Liu, S. Mesnager et L. Chen. Proceedings of the Sixth International Conference on Security, Privacy and Applied Cryptographic Engineerin (Space 2016), pages 109-123, Springer, 2016.
    Abstract :
    Homomorphic encryption scheme enables computation in the encrypted do- main, which is of great importance because of its wide and growing range of applications. The main issue with the known fully (or partially) homomorphic encryption schemes is the high computational complexity and large communication cost required for their exe- cution. In this work, we study symmetric partially homomorphic encryption schemes over finite fields, establishing relationships between homomorphisms over finite fields with q-ary functions. Our proposed partially homomorphic encryption schemes have perfect secrecy and resist cipher-only attacks to some extent.
  208. A Scalable and Systolic Architectures of Montgomery Modular Multiplication for Public Key Cryptosystems Based on DSPs. A. Mrabet, N. El-Mrabet, R. Lashermes, J-B. Rigaud, B. Bouallegue, S. Mesnager et M. Machhout. Proceedings of the Sixth International Conference on Security, Privacy and Applied Cryptographic Engineering (Space 2016) pages 138-156, Springer, 2016.
    Abstract :
    Inversion can be used in Elliptic Curve Cryptography systems and pairing-based cryptography, which are becoming popular for Public Key Cryptosystems. For the same security level, ECC and pairing use much smaller key length than RSA but need modular inversion. In ECC when points are represented in so-called affine coordinates, the addition of two points involves a field inversion. Some pairing require one inversion over $GF(p)$ in order to perform the final exponentiation. Usually, inversions are avoided in Elliptic Curve Cryptography as they are expensive. For example, inversions in affine coordinates are transform into multiplication in Jacobian or projective coordinates. In order to improve performance of Public Key Cryptosystems, we present an improved algorithm for prime field modular inversion. We demonstrate that the affine coordinates can be more efficient than projective or Jacobian for the scalar multiplication.
  209. Secret sharing schemes with general access structures, J. Liu, S. Mesnager et L. Chen, Proceedings of the "11th International Conference on Information Security and Cryptology" Inscrypt 2015 (IACR), Volume 9589, LNCS, Springer, 2016.
    Abstract :
    Secret sharing schemes with general monotone access structures have been widely discussed in the literature. But in some scenarios, non-monotone access structures may have more practical significance. In this paper, we shed a new light on secret sharing schemes realizing general (not necessarily monotone) access structures. Based on an attack model for secret sharing schemes with general access structures, we redefine perfect secret sharing schemes, which is a generalization of the known concept of perfect secret sharing schemes with monotone access structures. Then, we provide for the first time two constructions of perfect secret sharing schemes with general access structures. The first construction can be seen as a democratic scheme in the sense that the shares are generated by the players themselves. Our second construction significantly enhance the efficiency of the system, where the shares are distributed by the trusted center (TC).
  210. On existence (based on an arithmetical problem) and constructions of bent functions. S. Mesnager, G. Cohen et D. Madore. Proceedings of the fifteenth International Conference on Cryptography and Coding, Oxford, United Kingdom, IMACC 2015, Pages 3-19, LNCS, Springer, Heidelberg, 2015.
    Abstract :
    Bent functions are maximally nonlinear Boolean functions. They are wonderful creatures introduced by O. Rothaus in the 1960's and studied firstly by J. Dillon since 1974. Using some involutions over finite fields, we present new constructions of bent functions in the line of recent Mesnager's works. One of the constructions is based on an arithmetical problem. We discuss existence of such bent functions using Fermat hypersurface and Lang-Weil estimations.
  211. On the diffusion property of iterated functions. J. Liu, S. Mesnager et L. Chen. Proceedings of the fifteenth International Conference on Cryptography and Coding, Oxford, United Kingdom, IMACC 2015, Pages 239-253, LNCS, Springer, Heidelberg, 2015.
    Abstract :
    For vectorial Boolean functions, the behavior of iteration has consequence in the diffusion property of the system. We present a study on the diffusion property of iterated vectorial Boolean functions. The measure that will be of main interest here is the notion of the degree of completeness, which has been suggested by the NESSIE project. We provide the first (to the best of our knowledge) two constructions of $(n,n)$-functions having perfect diffusion property and optimal algebraic degree. We also obtain the complete enumeration results for the constructed functions.
  212. Bent and semi-bent functions via linear translators. N. Kocak, S. Mesnager et F. Ozbudak. Proceedings of the fifteenth International Conference on Cryptography and Coding, Oxford, United Kingdom, IMACC 2015, Pages 205-224, LNCS, Springer, Heidelberg, 2015.
    Abstract :
    This paper is dealing with two important subclasses of plateaued functions in even dimension: bent and semi-bent functions. In the first part of the paper, we construct mainly bent and semi-bent functions in Maiorana-McFarland class using Boolean functions having linear structures (linear translators) systematically. Although most of these results are rather direct applications of some recent results, using linear structures (linear translators) allows us to have certain flexibilities to control extra properties of these plateaued functions. In the second part of the paper, using the results of the first part and exploiting these flexibilities, we modify many secondary constructions. Therefore, we obtain new secondary constructions of bent and semi-bent functions not belonging to Maiorana-McFarland class. Instead of using bent (semi-bent) functions as ingredients, our secondary constructions use only Boolean (vectorial Boolean) functions with linear structures (linear translators) which are very easy to choose. Moreover, all of them are very explicit and we also determine the duals of the bent functions in our constructions. We show how these linear structures should be chosen in order to satisfy the corresponding conditions coming from using derivatives and quadratic/cubic functions in our secondary constructions.
  213. Results on characterizations of plateaued functions in arbitrary characteristic. S. Mesnager, F. Ozbudak et A. Sinak, Proceedings of BalkanCryptSec 2015, LNCS 9540, pages 17-30, 2015.
    Abstract :
    Bent and plateaued functions play a signi cant role in cryptography since they can possess various desirable cryptographic characteristics. We provide the characterizations of bent and plateaued functions in arbitrary characteristic in terms of their second-order directional di erences. Moreover, we present a new characterization of plateaued functions in arbitrary characteristic in terms of fourth power moments of their Walsh transforms. Furthermore, we give a new proof of the characterization of vectorial bent functions in arbitrary characteristic. Finally, we also present new characterizations of vectorial s-plateaued functions in arbitrary characteristic.
  214. On involutions of finite fields. P. Charpin, S. Mesnager et S. Sarkar, Proceedings of 2015 IEEE International Symposium on Information Theory, ISIT 2015, Hong-Kong, 2015.
    Abstract :
    In this paper we study involutions over a finite field of order $2^n$. We present some classes, several constructions of involutions and we study the set of their fixed points.
  215. Cyclic codes and algebraic immunity of Boolean functions. S. Mesnager et G. Cohen, Proceedings of the IEEE Information Theory Workshop (ITW) 2015, Jerusalem, Israel, 2015.
    Abstract :
    Since 2003, algebraic attacks have received a lot of attention in the cryptography literature. In this context, algebraic immunity quantifies the resistance of a Boolean function to the standard algebraic attack of the pseudo-random generators using it as a nonlinear Boolean function. A high value of algebraic immunity is now an absolutely necessary cryptographic criterion for a resistance to algebraic attacks but is not sufficient, because of more general kinds of attacks so-called Fast Algebraic Attacks. In view of these attacks, the study of the set of annihilators of a Boolean function has become very important. We show that studying the annihilators of a Boolean function can be translated into studying the codewords of a linear code. We then explain how to exploit that connection to evaluate or estimate the algebraic immunity of a cryptographic function. Direct links between the theory of annihilators used in algebraic attacks and coding theory are established using an atypical univariate approach.
  216. Variations on Minimal Linear Codes. G. Cohen et S. Mesnager. Proceedings of the 4th International Castle Meeting on coding theory and Application. Series: CIM Series in Mathematical Sciences, Vol. 3, Springer-Verlag, pages 125-131, 2015.
    Abstract :
    Minimal linear codes are linear codes such that the support of every codeword does not contain the support of another linearly independent codeword. Such codes have applications in cryptography, e.g. to secret sharing. We pursue here their study and construct asymptotically good families of minimal linear codes. We also push further the study of quasi-minimal and almost-minimal linear codes, relaxations of the minimal linear codes.
  217. Characterizations of plateaued and bent functions in characteristic p. S. Mesnager. Proceedings of the 8th International Conference on SEquences and Their Applications (SETA 2014), Melbourne, Australie, LNCS, Springer, pages 72-82, 2014.
    Abstract :
    We characterize bent functions and plateaued functions in terms of moments of their Walsh transforms. We introduce in any characteristic the notion of directional difference and establish a link between the fourth moment and that notion. We show that this link allows to identify bent elements of particular families. Notably, we characterize bent functions of algebraic degree $3$.
  218. On semi-bent functions and related plateaued functions over the Galois field $F_{2^n}$. S. Mesnager. Proceedings "Open Problems in Mathematics and Computational Science", LNCS, Springer, pages 243-273, 2014
    Abstract :
    Plateaued functions were introduced in 1999 by Zheng and Zhang as good candidates for designing cryptographic functions since they possess desirable various cryptographic characteristics. They are defined in terms of the Walsh-Hadamard spectrum. Plateaued functions bring together. various nonlinear characteristics and include two important classes of Boolean functions defined in even dimension: the well-known bent functions and semi-bent functions. Bent functions (including their constructions) have been extensively investigated for more than 35 years. Very recently, the study of semi-bent functions has attracted the attention of several researchers. Many progress in the design of such functions has been made. The paper is devoted to certain plateaued functions. The focus is particularly on semi-bent functions defined over the Galois field $\GF n$ ($n$ even). We review what is known in this framework and investigate constructions.
  219. A note on linear codes and algebraic immunity of Boolean functions, S. Mesnager. Proceedings of the 21st International Symposium on Mathematical Theory of Networks and Systems (MTNS 2014), Invited session "Coding Theory: Coding for Security", pages 923-927, Groningen, the Netherlands, 2014
    Abstract :
    Since 2003, Algebraic Attacks have received a lot of attention in the cryptography literature. In this context, algebraic immunity quantifies the resistance of a Boolean function to the standard algebraic attack of the pseudo-random generators using it as a nonlinear Boolean function. A high value of algebraic immunity is now an absolutely necessary cryptographic criterion for a resistance to algebraic attacks but is not sufficient, because of a more general kind of attacks so-called Fast Algebraic Attacks. In view of these attacks, the study of the set of annihilators of a Boolean function has become very important. We show that studying the annihilators of a Boolean function can be translated in studying the codewords of a linear code. We then explain how to exploit that connection to evaluate or estimate the algebraic immunity of a cryptographic function.
  220. Implementation of Faster Miller over Barreto-Naehrig Curves in Jacobian Cordinates, A. Mrabet Amine, B. Bouallegue, M. Machhout, N. EL Mrabet et S. Mesnager, Proceedings of GSCIT 2014-IEEE, pages 1-6, 2014.
    Abstract :
    A few years ago, cryptography based on elliptic curves was increasingly used in the field of security. It has also gained a lot of importance in the academic community and industry. This is particularly due to the high level of the security that it offers with a relatively small size of the keys, in addition to its ability to the construction of original protocols, which are characterized by high efficiency. Moreover, it is a technique of great interest for hardware and software implementation. Pairing-friendly curves are important for speeding up the arithmetic calculation of pairing on elliptic curves, such as the Barreto-Naehrig (BN) curves arguably constitute one of the most versatile families. In this paper, the proposed architecture is designed for field programmable gate array (FPGA) platforms. We present the implementation results of the Miller’s algorithm of the optimal ate pairing targeting the 128-bit security level using such a curve BN defined over a 256-bit prime field. And we also present a fast formula for BN elliptic-curve addition and doubling. Our architecture is able to compute Miller’s algorithm in just 638337 of clock cycles.
  221. On Minimal and Almost-Minimal Linear Codes, G. Cohen et S. Mesnager, Proceedings of the 21st International Symposium on Mathematical Theory of Networks and Systems (MTNS 2014), Session "Théorie des codes", pages 928-931 Groningen, Pays bas, 2014.
    Abstract :
    Minimal linear codes are such that the support of every codeword does not contain the support of another linearly independent codeword. Such codes have applications in cryptography, e.g. to secret sharing and secure two-party computations. We pursue here the study of minimal codes and construct infinite families with asymptotically non-zero rates. We also introduce a relaxation to almost minimal codes, where a fraction of codewords is allowed to violate the minimality constraint. Finally, we construct new minimal codes based on hyperovals.
  222. Semi-bent functions from oval polynomials, S. Mesnager, Proceedings of Fourteenth International Conference on Cryptography and Coding, Oxford, United Kingdom, IMACC 2013, LNCS 8308, pages. 1-15. Springer, Heidelberg, 2013.
    Abstract :
    Although there are strong links between finite geometry and coding theory (it has been proved since 1960's that all these connections between the two areas are important from theoretical point of view and for applications), the connections between finite geometry and cryptography remains little studied. In 2011, Carlet and Mesnager have showed that projective finite geometry can also be useful in constructing significant cryptographic primitives such as plateaued Boolean functions. Two important classes of plateaued Boolean functions are those of bent functions and of semi-bent functions, due to their algebraic and combinatorial properties. In this paper, we show that oval polynomials (which are closely related to the hyperovals of the projective plane) give rise to several new constructions of infinite classes of semi-bent Boolean functions in even dimension.
  223. On Minimal and quasi-minimal linear codes, G. Cohen, S. Mesnager et A. Patey, Proceedings of Fourteenth International Conference on Cryptography and Coding, Oxford, United Kingdom, IMACC 2013, LNCS 8308, pages 85-98. Springer, Heidelberg, 2013.
    Abstract :
    Minimal linear codes are linear codes such that the support of every codeword does not contain the support of another linearly independent codeword. Such codes have applications in cryptography, e.g. to secret sharing. We here study minimal codes, give new bounds and properties and exhibit families of minimal linear codes. We also introduce and study the notion of quasi-minimal linear codes, which is a relaxation of the notion of minimal linear codes, where two non-zero codewords have the same support if and only if they are linearly dependent.
  224. On hyper-bent functions via Dillon-like exponents, S. Mesnager et J.P. Flori, ISIT 2012-IEEE International Symposium on Information Theory, IMT, Cambridge, MA, USA, 2012.
    Abstract :
    This paper is devoted to hyper-bent functions with multiple trace terms (including binomial functions) via Dillon-like exponents. We show how the approach developed by Mesnager to extend the Charpin–Gong family and subsequently extended by Wang et al. fit in a much more general setting. To this end, we first explain how the original restriction for Charpin–Gong criterion can be weakened before generalizing the Mesnager approach to arbitrary Dillon-like exponents. Afterwards, we tackle the problem of devising infinite families of extension degrees for which a given exponent is valid and apply these results not only to reprove straightforwardly the results of Mesnager and Wang et al., but also to characterize the hyperbentness of new infinite classes of Boolean functions.
  225. Semi-bent functions with multiple trace terms and hyperelliptic curves, S. Mesnager, Proceeding of International Conference on Cryptology and Information Security in Latin America, latincrypt 2012, LNCS 7533, Springer, pages 18-36, 2012.
    Abstract :
    Semi-bent functions with an even number of variables are a class of important Boolean functions whose Hadamard transform takes three values. Semi-bent functions have been extensively studied due to their applications in cryptography and coding theory. In this paper, we are interested in the property of semi-bentness of Boolean functions defined on the Galois field $\GF n$ (n even) with multiple trace terms obtained via Niho functions, and two Dillon-like functions (the first one has been studied by the author and the second one has been studied very recently by Wang et al. using an approach introduced by the author). We subsequently give a connection between the property of semi-bentness and the number of rational points on some associated hyperelliptic curves. We use the hyperelliptic curve formalism to reduce the computational complexity in order to provide an efficient test of semi-bentness leading to substantial practical gain thanks to the current implementation of point counting over hyperelliptic curves.
  226. Niho Bent Functions and Subiaco Hyperovals, T. Helleseth, A. Kholosha et S. Mesnager, Proceedings of the 10-th International Conference on Finite Fields and Their Applications (Fq'10), Contemporary Math., AMS, 2012. Vol 579, pages 91-101, 2012.
    Abstract :
    In this paper, the relation between binomial Niho bent functions discovered by Dobbertin et al. and o-polynomials that give rise to Subiaco class of hyperovals is found. This allows to expand the original class of bent functions in the case when $m \equiv 2 (mod 4)$. These results provide an interesting connection between Hadamard and cyclic difference sets.
  227. Dickson polynomials, hyperelliptic curves and hyper-bent functions,J.P. Flori et S. Mesnager, Proceedings of 7-th International conference SEquences and Their Applications, SETA 2012, Waterloo, Canada. LNCS 7780, pages 40-52, Springer, 2012.
    Abstract :
    In this paper, we study the action of Dickson polynomials on subsets of finite fields of even characteristic related to the trace of the inverse of an element and provide an alternate proof of a not so well-known result. Such properties are then applied to the study of a family of Boolean functions and a characterization of their hyper-bentness in terms of exponential sums recently proposed by Wang et al. Finally, we extend previous works of Lisonek and Flori and Mesnager to reformulate this characterization in terms of the number of points on hyperelliptic curves and present some numerical results leading to an interesting problem.
  228. On Dillon’s class H of Niho bent functions and o-polynomials, C. Carlet et S. Mesnager, Symposium on Artificial Intelligence and Mathematics (ISAIM 2012), Fort Lauderdale, Floride, USA, 2012.
    Abstract :
    This extended abstract is a reduced version of the paper (Carlet and Mesnager 2011). We refer to this paper for the proofs and for complements.
  229. Binary Kloosterman sums with value 4, J.P. Flori, S. Mesnager et G. Cohen. Proceedings of Thirteenth International Conference on Cryptography and Coding, Oxford, Angleterre, IMACC 2011, LNCS 7089 pages 61-78, Springer, 2011.
    Abstract :
    Kloosterman sums have recently become the focus of much research, most notably due to their applications in cryptography and their relations to coding theory. Very recently Mesnager has showed that the value 4 of binary Kloosterman sums gives rise to several infinite classes of bent functions, hyper-bent functions and semi-bent functions in even dimension. In this paper we analyze the different strategies used to find zeros of binary Kloosterman sums to develop and implement an algorithm to find the value 4 of such sums. We then present experimental results showing that the value 4 of binary Kloosterman sums gives rise to bent functions for small dimensions, a case with no mathematical solution so far.
  230. Sphere coverings and Identifying Codes, D. Auger, G. Cohen et S. Mesnager, Proceeding of 3rd International Castle Meeting on coding theory and Application (3ICMTA), Barcelone, Espagne, 2011.
    Abstract :
    In any connected, undirected graph $G=(V,E)$, the {\it distance} $d(x,y)$ between two vertices $x$ and $y$ of $G$ is the minimum number of edges in a path linking $x$ to $y$ in $G$. A {\it sphere} in $G$ is a set of the form $S_r(x) = \{ y \in V : d(x,y)=r \},$ where $x$ is a vertex and $r$ is a nonnegative integer called the {\it radius} of the sphere. We first address in this paper the following question: What is the minimum number of spheres with fixed radius $r \geq 0$ required to cover all the vertices of a finite, connected, undirected graph $G$? We then turn our attention to the Hamming Hypercube of dimension $n$, and we show that the minimum number of spheres {\it with any radii} required to cover this graph is either $n$ or $n+1$, depending on $n \mod 2$. We also relate the two above problems to other questions in combinatorics, in particular, to identify codes.
  231. On the Dual of Bent Functions with $2^r$ Niho Exponents, C. Carlet, T. Helleseth, A. Kholosha et S. Mesnager, IEEE International Symposium on Information Theory, ISIT 2011, pages 703-707, Saint-Petersburg, Russie, Juillet-Aout 2011.
    Abstract :
    Computed is the dual of the Niho bent function consisting of $2^r$ exponents that was found by Leander and Kholosha. The algebraic degree of the dual is calculated and it is shown that this new bent function is not of the Niho type. This note is a follow-up of the recent paper by Carlet and Mesnager.
  232. Generalized witness sets, G. Cohen et S. Mesnager, Proceeding 1st International Conference on Data Compression, Communication and Processing CCP 2011, Italie, 21-24 juin 2011.
    Abstract :
    Given a set C of q-ary n-tuples and c in C, how many symbols of suffice to distinguish it from the other elements in C? This is a generalization of an old combinatorial problem, on which we present (asymptotically tight) bounds and variations.
  233. On the link of some semi-bent functions with Kloosterman sums, S. Mesnager et G. Cohen, Proceeding of International Workshop on Coding and Cryptology, IWCC 2011, LNCS 6639, pages 263-272, Springer, Heidelberg,2011.
    Abstract :
    We extensively investigate the link between the semi-bentness property of some functions in polynomial forms and Kloosterman sums.
  234. On a conjecture about binary strings distribution, J. P. Flori, H. Randriambololona, G. Cohen et S. Mesnager, Proceedings of 6-th International conference SEquences and Their Applications, SETA 2010, Paris, France, SETA 2010, LNCS 6338, pages 346-358. Springer, Heidelberg (2010).
    Abstract :
    It is a difficult challenge to find Boolean functions used in stream ciphers achieving all of the necessary criteria and the research of such functions has taken a significant delay with respect to crypt analyses. Very recently, an infinite class of Boolean functions has been proposed by Tu and Deng having many good cryptographic properties under the assumption that the following combinatorial conjecture about binary strings is true: Conjecture. Let $S_{t,k}$ be the following set: $S_{t,k}=\{(a,b) \in \left(\Zk\right)^2 | a + b = t and w(a) + w(b) < k}$. Then the size of $S_{t,k}$ is less or equal to $2^{k-1}$. The main contribution of the present paper is the reformulation of the problem in terms of carries which gives more insight into it than simple counting arguments. Successful applications of our tools include explicit formulas of the cardinality of $S_{t,k}$ for numbers whose binary expansion is made of one block, a proof that the conjecture is asymptotically true and a proof that a family of numbers (whose binary expansion has a high number of 1's and isolated 0's) reaches the bound of the conjecture. We also conjecture that the numbers in that family are the only ones reaching the bound.
  235. Recent Results on Bent and Hyper-bent Functions and Their Link With Some Exponential Sums, S. Mesnager, IEEE Information Theory Workshop (ITW 2010), Dublin, Iralande, Aout-Septembre 2010.
    Abstract :
    Bent functions are maximally nonlinear Boolean functions with an even number of variables. They were introduced by Rothaus in 1976. For their own sake, as interesting combinatorial objects, but also because of their relations to coding theory (Reed-Muller codes) and applications in cryptography (design of stream ciphers), they have attracted a lot of research, especially in the last 15 years. The class of bent functions contains a subclass of functions, introduced by Youssef and Gong in 2001, the so-called hyper-bent functions whose properties are still stronger and whose elements are still rarer than bent functions. Bent and hyper-bent functions are not classified. A complete classification of these functions is elusive and looks hopeless. So, it is important to design constructions in order to know as many of (hyper)-bent functions as possible. This paper is devoted to the constructions of bent and hyper-bent Boolean functions in polynomial forms. We survey and present an overview of the constructions discovered recently. We extensively investigate the link between the bentness property of such functions and some exponential sums (involving Dickson polynomials)
  236. Hyper-bent Boolean Functions with Multiple Trace Terms, S. Mesnager, Proceedings of International Workshop on the Arithmetic of Finite Fields, WAIFI 2010, LNCS 6087, pages. 97-113. Springer, Heidelberg (2010).
    Abstract :
    Bent functions are maximally nonlinear Boolean functions with an even number of variables. These combinatorial objects, with fascinating properties are rare. The class of bent functions contain a subclass of functions the so-called hyper-bent functions whose properties are still stronger and whose elements are still rarer. In fact, hyper-bent functions still seem more difficult to generate at random than bent functions and many problems related to the class of hyper-bent functions remain open. (Hyper)-bent functions are not classified. A complete classification of these functions are elusive and look hopeless. In this paper, we contribute to the knowledge of the class of hyper-bent functions on finite fields $\GF n$ (where $n$ is even) by studying a subclass $\mathfrak {F}_n$ of the so-called Partial Spreads class $PS^-$ (such functions are not yet classified, even in the monomial case). Functions of $\mathfrak {F}_n$ have a general form with multiple trace terms. We describe the hyper-bent functions of $\mathfrak {F}_n$, and we show that the bentness of those functions is related to the Dickson polynomials. In particular, the link between the Dillon monomial hyper-bent functions of $\mathfrak {F}_n$ and the zeros of some Kloosterman sums has been generalized to a link between hyper-bent functions of $\mathfrak {F}_n$ and some exponential sums where Dickson polynomials are involved. Moreover, we provide a possibly a new infinite family of hyper-bent functions. Our study extends recent works of the author and is a complement of a recent work of Charpin and Gong on this topic.
  237. A new family of hyper-bent Boolean functions in polynomial form, S. Mesnager, Proceedings of Twelfth International Conference on Cryptography and Coding. Cirencester, Angleterre, IMACC 2009, LNCS 5921, pages 402-417. Springer, Heidelberg (2009).
    Abstract :
    Bent functions are maximally nonlinear Boolean functions and exist only for functions with an even number of inputs. These combinatorial objects with fascinating properties are rare. The class of bent functions contains a subclass of functions the so-called hyper-bent functions whose properties are still stronger and whose elements are still rarer. (Hyper)-bent functions are not classified. A complete classification of these functions is elusive and looks hopeless. So, it is important to design constructions in order to know as many (hyper)-bent functions as possible. Few constructions of hyper-bent functions defined over the Galois field $\GF{n}$ ($n = 2m$) are proposed in the literature. The known ones are mostly monomial functions.\\ This paper is devoted to the construction of hyper-bent functions. We exhibit an infinite class over $\GF{n}$ ($n=2m$, $m$ odd) having the form $f(x) = \tr {o(s_1)} (a x^ {s_1}) + \tr {o(s_2)} (b x^{s_2})$ where $o(s_i$) denotes the cardinality of the cyclotomic class of $2$ modulo $2^n-1$ which contains $s_i$ and whose coefficients $a$ and $b$ are, respectively in $\GF{{o(s_1)}}$ and $\GF{{o(s_2)}}$. We prove that the exponents $s_1={3(2^m-1)}$ and $s_2={\frac {2^n-1}3}$, where $a\in\GF{n}$ ($a\not=0$) and $b\in\GF[4]{}$ provide a construction of hyper-bent functions over $\GF{n}$ with optimum algebraic degree. We give an explicit characterization of the bentness of these functions, in terms of the Kloosterman sums and the cubic sums involving only the coefficient $a$.
  238. A new class of Bent Boolean functions in polynomial forms, S. Mesnager, Proceedings of international Workshop on Coding and Cryptography, WCC 2009, pages 5-18, Ullensvang, Norvége.
    Abstract :
    Bent functions are maximally nonlinear Boolean functions and exist only for functions with an even number of inputs. This paper is a contribution to the construction of bent functions over $\GF{n}$ ($n=2m$) having the form $f(x) = \tr {o(s_1)} (a x^ {s_1}) + \tr {o(s_2)} (b x^{s_2})$ where $o(s_i$) denotes the cardinality of the cyclotomic class of 2 modulo $2^n-1$ which contains $s_i$ and whose coefficients $a$ and $b$ are, respectively in $F_{2^{o(s_1)}}$ and $F_{2^{o(s_2)}}$. Many constructions of monomial bent functions are presented in the literature, but very few are known even in the binomial case. We prove that the exponents $s_1=2^{\frac n2}-1$ and $s_2={\frac {2^n-1}3}$, where $a\in\GF{n}$ ($a\not=0$) and $b\in\GF[4]{}$ provide a construction of bent functions over $\GF{n}$ with optimum algebraic degree. For $m$ odd, we give an explicit characterization of the bentness of these functions, in terms of the Kloosterman sums. For $m$ even, we give a necessary condition in terms of these Kloosterman sums.
  239. Secret Sharing Schemes Based on Self-dual Codes, S.T. Dougherty, S. Mesnager et P. Solé. IEEE Information Theory Workshop (ITW 2008), Porto, Portugal 5-9 Mai 2008.
    Abstract :
    Secret sharing is an important topic in cryptography and has applications in information security. We use self-dual codes to construct secret-sharing schemes. We use combinatorial properties and invariant theory to understand the access structure of these secret-sharing schemes. We describe two techniques to determine the access structure of the scheme, the first arising from design properties in codes and the second from the Jacobi weight enumerator and invariant theory.
  240. On immunity profile of Boolean functions, C. Carlet, P. Guillot. et S. Mesnager, Proceedings of SEquences and Their Applications, SETA 2006, Pékin, Chine. Lecture Notes in Computer Science, pages 364-375, 2006, Springer.
    Abstract :
    The notion of resilient function has recently been weakened to match more properly the features required for Boolean functions used in stream ciphers. We introduce and we study an alternate notion of almost resilient function. We show that it corresponds more closely to the requirements that make the cipher more resistant to precise attacks.
  241. On the Walsh support of Boolean functions, C. Carlet et S. Mesnager. Proceedings of the first workshop on Boolean functions: Cryptography and Applications, BFCA'05, Rouen, France, Mars 2005, pages 65-82.
    Abstract :
    In this paper, we study, in relationship with covering sequences, the structure of those subsets of $\V {n}$ which can be the Walsh supports of Boolean functions.
  242. Non-Linearity and Security of Self Synchronizing Stream Ciphers, P. Guillot et S. Mesnager. International Symposium on Nonlinear Theory and its Applications, NOLTA 2005, Bruges, Belgique, Octobre 2005.
    Abstract :
    Several chaos-based ciphers have been proposed that exploit the ergodic property of chaotic orbits. As chaotic systems are unstable and have sensitive dependence on initial conditions, the main difficulty for the receiver is to reproduce the chaotic signal that has been generated by the the sender in order to correctly decrypt the message. This is performed by a self-synchronizing device. In discrete cryptography, the closest scheme is the so-called self synchronizing stream cipher (SSSC). After recalling general security models for assessing cryptographic algorithms, we present SSSC scheme and two examples of cryptanalysis. In order to resist to these attacks, the ciphering function must satisfy high non-linearity properties, which are presented.
  243. Improving the upper bounds on the covering radii of Reed-Muller codes, C. Carlet et S. Mesnager, IEEE International Symposium on Information Theory, ISIT 2005, Australie, Septembre 2005.
    Abstract :
    By deriving bounds on character sums of Boolean functions and by using the characterizations due to Kasami and Tokura, of those elements of the Reed-Muller codes whose Hamming weights are smaller than twice the minimum distance, we derive an improved upper bound on the covering radius of the Reed-Muller code of order 2, and we deduce improved upper bounds on the covering radii of the Reed-Muller codes of higher orders.
  244. Test of monomorphism for finitely generated morphisms between affine schemes. S. Mesnager, Proceedings of the sixth workshop on Computer Algebra in Scientific Computing, CASC'04, Euler International Mathematical Institute, Saint-Pétersbourg, Russie, Juilllet 2004, pages 348-357.
    Abstract :
    In this paper, we give an algorithmic criterion for morphisms of finite type between affine schemes to be a monomorphism. As a result, this paper also contains an algorithmic test for separability and an algorithmic criterion for ``radiciality'' in the sense of Grothendieck.

    245. Books and book chapters (in reverse chronological order)

  245. Linear codes from functions. S. Mesnager. In A Concise Encyclopedia of Coding Theory, Routledge / Taylor & Francis, London–New York, 2021 (chapter 20, 94 pp.).
  246. Direct Sum Masking as a Countermeasure to Side-Channel and Fault Injection Attacks. C. Carlet, S. Guilley, S. Mesnager. In Security and Privacy in the Internet of Things, 2019, pp. 148–166.
  247. Construction of Efficient Codes for High-Order Direct Sum Masking. C. Carlet, S. Guilley, C. Güneri, S. Mesnager, F. Özbudak. In Security and Privacy in the Internet of Things, 2019, pp. 108–128.
  248. Bent functions: fundamentals and results. S. Mesnager. Springer, Switzerland, 2016.
  249. Arithmetic of Finite Fields (WAIFI 2014). Ç. K. Koç, S. Mesnager, E. Savaş (eds.). LNCS 9061, Springer, 2015, 213 pp.
  250. Finite Fields and Coding Theory. S. Mesnager. Pearson Education, 2007 (in French).

    251. Chair / Organizer of international conferences

    • Co-chair (with Zhengchun Zhou) of SETA 2026, Wuhan, China, 19–23 September 2026.
    • Co-chair & co-organizerFq16, São Carlos (ICMC–USP), Brazil, 7–11 July 2025.
    • General chairICSP 2024, Jamshedpur, India, November 2024.
    • Co-chair (with Daniel Katz) — BFA 2024, Dubrovnik, Croatia, 9–13 September 2024.
    • Co-organizer (with H. Labiod, L. Prabel) — Privacy/Crypto event, Huawei Lagrange Mathematics & Computing Research Centre (Paris Digital Trust Lab), Paris, 2024.
    • Co-chair (with Michele Ciampi) — CIFRIS23, Rome, Italy, 14–15 December 2023.
    • Co-chair (with Claude Carlet) — BFA 2023, Voss, Norway, 3–8 September 2023.
    • Co-chair & organizer (with C. Carlet, G. Mullen, D. Panario) — Fq15, Paris, France, 19–23 June 2023.
    • Co-chair (with S. El Hajji, E. M. Souidi) — C2SI 2023, Rabat, Morocco, 29–31 May 2023.
    • Co-chair & organizer (with A. Bonnecaze, P. Solé) — “Alcocrypt — Algebraic and Combinatorial Methods for Coding and Cryptography”, CIRM, Marseille, 20–24 February 2023.
    • Co-chair (with T. Kojima, K. S. Kim) — IWSDA 2022, United Kingdom, 1–5 August 2022.
    • Co-chair & organizer (with Z. Zhou) — WAIFI 2022, Chengdu, China, 29 August–2 September 2022.
    • Co-chairICSP 2022, Paris, 2022.
    • Co-chair (with S. K. Debnath) — ICSP 2021, Jamshedpur, India, 16–17 November 2021.
    • Co-organizer (with H. Randriambololona, G. Zémor) — CohenFest 2016, Télécom Paris, 4–5 July 2016.
    • General chairICCC 2015, Algeria, 2–5 November 2015.
    • Co-chair (with I. Kosterias, K. Guenda) — Special session at ACA 2015, Kalamata, Greece, 20–23 July 2015.
    • Co-chair (with E. Savas) — WAIFI 2014, Gebze, Turkey, 26–28 September 2014.

    Participation in program committees of international conferences

    • Member of the program committee — IEEE International Symposium on Information Theory (ISIT 2025), 22–27 June 2025, Ann Arbor, Michigan, USA.
    • Member of the program committee — 24th International Conference on Cryptology (INDOCRYPT 2024), 18–21 December 2024.
    • Member of the program committee — Cryptography conference CIFRIS 2024, Rome, Italy, 25–27 September 2024.
    • Member of the program committee — WAIFI 2024, Ottawa, Canada, 10–12 June 2024.
    • Member of the program committee — ISIT 2024, Athens, Greece, 7–12 July 2024.
    • Member of the program committee — ITW 2024, Taipei, Taiwan, 25–30 June 2024.
    • Member of the program committee — WTSC’24, 8 March 2024, Willemstad, Curaçao.
    • Member of the program committee — INDOCRYPT 2023, 11–13 December 2023, Goa, India.
    • Member of the program committee — ICCNSML 2023, 27–29 October 2023.
    • Member of the program committee — WTSC’23, 5 May 2023, Bol Brac, Croatia.
    • Member of the program committee — ITW 2023, 23–28 April 2023, Saint-Malo, France.
    • Member of the program committee — ALCOCRYPT workshop, CIRM, Marseille, 20–24 February 2023.
    • Member of the program committee — ICCNSML 2022, 16–18 December 2022, Kanpur, India.
    • Member of the program committee — INDOCRYPT 2022, 11–14 December 2022, Kolkata, India.
    • Member of the program committee — WAIFI 2022, 29 August–2 September 2022.
    • Member of the program committee — B2C’22, 16–18 November 2022, Barcelona, Spain.
    • Member of the program committee — IWSDA’22, Colchester, UK, 1–5 August 2022.
    • Member of the program committee — ISIT 2022, Aalto, Finland, 26 June–1 July 2022.
    • Member of the program committee — WTSC’22, 6 May 2022, Granada, Spain.
    • Member of the program committee — WCC 2022, 7–11 March 2022, Rostock, Germany.
    • Member of the program committee — BFA 2021, 6–10 September 2021, Granada, Spain.
    • Member of the program committee — WTSC 2021, March 2021, Granada, Spain.
    • Member of the program committee — ICSP 2020, India, 5–6 November 2020.
    • Member of the program committee — ICCCS 2020, 15–17 May 2020, Shanghai, China.
    • Member of the program committee — SETA 2020, 22–25 September 2020, Saint Petersburg, Russia.
    • Member of the program committee — WTSC’20, 14 February 2020.
    • Member of the program committee — WAIFI 2020, 6–8 July 2020, Rennes, France.
    • Member of the program committee — BFA 2020, 25–29 May 2020, Granada, Spain.
    • Member of the program committee — WTSC’19, 2019.
    • Member of the program committee — C2SI-2019, 22–24 April 2019, Rabat, Morocco.
    • Member of the program committee — C2 — Codes and Cryptography, France, October 2018.
    • Member of the program committee — WCC 2017, 18–22 September 2017, Saint Petersburg, Russia.
    • Member of the program committee — 5ICMCTA, Estonia, August–September 2017.
    • Member of the program committee — C2SI 2017, 10–12 April 2017, Rabat, Morocco.
    • Member of the program committee — SETA 2016, 9–14 October 2016, Chengdu, China.
    • Member of the program committee — WAIFI 2016, 13–16 July 2016, Ghent, Belgium.
    • Member of the program committee — ICCA 2016, 26–27 April 2016, Oran, Algeria.
    • Member of the program committee — WCC 2015, 13–17 April 2015, Paris, France.
    • Member of the program committee — WAIFI 2014, 26–28 September 2014, Gebze, Turkey.
    • Member of the program committee — SETA 2014, 24–28 November 2014, Melbourne, Australia.
    • Member of the program committee — 4ICMCTA, Palmela, Portugal, 15–18 September 2014.
    • Member of the program committee — WCC 2013, 15–19 April 2013, Bergen, Norway.
    • Member of the program committee — WCC 2011, 11–15 April 2011, Paris, France.
    • Member of the program committee — SETA 2010, 12–17 September 2010, Paris, France.
    • Member of the program committee — Africacrypt 2009, 21–25 June 2009, Gammarth, Tunisia.

    Steering Committee member

    • International Workshop on the Arithmetic of Finite Fields (WAIFI).

    Editorial responsibilities

    Guest Editor — Special Issues

    • CCDS — Special Issue for “BFA 2024”, Dubrovnik, Croatia — 2024.
    • AMC — Special Issue “ALCOCRYPT” — 2023–2024.
    • CCDS — Special Issue for “BFA 2023”, Voss, Norway — 2023.
    • IEICE Transactions on Fundamentals — Special Issue “Signal Design and its Applications in Communications” — 2023.
    • AMC — Special Issue “Cryptography and Coding Theory — dedicated to the 60th Birthday of Prof. Cunsheng Ding” — 2022–2023.
    • IEEE Transactions on Information Theory — Special Issue dedicated to V. I. Levenshtein — 2021.
    • CCDS — Special Issue “Contemporary interactions between codes, cryptographic functions and/or sequences” — 2021–2022.
    • International Journal of Mathematics — Special Issue “The Cryptography of Cryptocurrency” — 2020–2021.
    • IJCM-CST — Special Issue “Mathematics of Cryptography and Coding in the Quantum Era” — 2020–2021.

    Talks

    Invited (Keynote) talks — international conferences and meetings (in reverse chronological order)

    • Invited keynote talk — ICMADS’25, 29–31 August 2025, Konya, Turkey.
    • Invited keynote talk — Finite Fields and Their Applications, 7–11 July 2025, São Paulo, Brazil.
    • Invited keynote talk — “Women in Mathematics — American Mathematical Society”, 5–7 February 2025, Palermo, Italy.
    • Invited keynote talk — 12th International Conference of the American Mathematical Society (AMS), Coding Theory session, 22–26 July 2024, Palermo, Italy.
    • Invited keynote talk — SETA 2024, 1–5 July 2024, University of Essex, Colchester, UK.
    • Three invited talks (1 h each) — Young Researchers Algebra Conference, 26–28 July 2023, L’Aquila, Italy.
    • Invited talk — Mathematics Days in Sofia, 10–14 July 2023, Bulgarian Academy of Sciences.
    • Invited talk — Applications of Computer Algebra (ACA 2023), Warsaw, Poland.
    • Invited talk (online) — International Conference on Recent Trends in Mathematical Sciences, December 2022.
    • Invited talk — BFA 2022, September 2022, Norway (University of Bergen).
    • Invited talk (online) — “The 2022 Research Symposium: Mathematical Aspects of Cryptography”, June 2022, CUNY John Jay College of Criminal Justice, USA.
    • Invited talk — Scientific Day, Charles Hermite Federation (“Pseudorandomness, cryptography and number theory”), December 2021, Nancy, France.
    • Invited talk — “Reader’s digest of 16-year achievements on Boolean functions and open problems”, BFA 2020, September 2020.
    • Invited talk — Applied Algebra and Geometry (AAG) UK Network Meeting, University of Oxford, December 2019.
    • Invited talk — IWSDA 2019, China.
    • Invited talk — BFA 2019, Florence, Italy.
    • Invited talk — CanaDAM 2019, Vancouver, Canada.
    • Invited talk — C2SI 2019, Rabat, Morocco.
    • Invited talk — Oberwolfach Workshop “Contemporary Coding Theory”, March 2019, Germany.
    • Invited talk — Dagstuhl Seminar “Algebraic Coding Theory for Networks, Storage and Security”, December 2018, Germany.
    • Invited talk — SETA 2018, Hong Kong.
    • Invited talk — BFA 2018, Norway.
    • Invited talk — GGRRT 2017, Khorfakkan, UAE, November 2017.
    • Invited talk — International Workshop in Cryptology, New Delhi, India, October 2017.
    • Invited talk — IMACC 2015, Oxford, UK, December 2015.
    • Invited talk — MTNS 2014, Groningen, The Netherlands, July 2014.
    • Invited talk — Workshop “Polynomials over Finite Fields: Functional and Algebraic Properties”, Barcelona, Spain, May 2014.

    Contributed talks at international conferences (in reverse chronological order)

    • Coding Theory and Cryptography: A Conference in Honor of Joachim Rosenthal’s 60th Birthday, Zurich, Switzerland, July 2022.
    • On constructions of weightwise perfectly balanced functions, BFA 2020.
    • Strongly Regular Graphs from Weakly Regular Plateaued Functions, IWSDA 2019, China.
    • Constructions of optimal locally recoverable codes via Dickson polynomials, Fq13, Vancouver, Canada, 2019.
    • Constructions of optimal locally recoverable codes via Dickson polynomials, WCC 2019, Saint-Malo, France.
    • Generalized plateaued functions and admissible (plateaued) functions, BFA 2017, Solstrand, Norway.
    • On the nonlinearity of Boolean functions with restricted input, Fq13, Gaeta, Italy, 2017.
    • On constructions of bent functions from involutions, ISIT 2016, Barcelona, Spain.
    • On construction of bent functions involving symmetric functions and their duals, WMC 2016, Santander, Spain.
    • Fast algebraic immunity of Boolean functions, WMC 2016, Santander, Spain.
    • Explicit constructions of bent functions from pseudo-planar functions, WMC 2016, Santander, Spain.
    • On constructions of bent, semi-bent and five-valued spectrum functions from old bent functions, WMC 2016, Santander, Spain.
    • On the diffusion property of iterated functions, IMACC 2015, Oxford, UK.
    • On p-ary bent functions from (maximal) partial spreads, Fq12, New York, USA, 2015.
    • Dickson polynomials that are involutions, Fq12, New York, USA, 2015.
    • On involutions of finite fields, ISIT 2015, Hong Kong, China.
    • Cyclic codes and algebraic immunity of Boolean functions, ITW 2015, Jerusalem, Israel.
    • Characterizations of plateaued and bent functions in characteristic p, SETA 2014, Melbourne, Australia.
    • Semi-bent functions from oval polynomials, IMACC 2013, Oxford, UK.
    • Bent functions from spreads, Fq11, Magdeburg, Germany, 2013.
    • Semi-bent functions with multiple trace terms and hyperelliptic curves, Latincrypt 2012, Santiago, Chile.
    • Bent and hyper-bent functions via Dillon-like exponents, YACC 2012, Porquerolles Island, France.
    • On hyper-bent functions via Dillon-like exponents, ISIT 2012, Cambridge, MA, USA.
    • Dickson polynomials, hyperelliptic curves and hyper-bent functions, SETA 2012, Waterloo, Canada.
    • New semi-bent functions with multiple trace terms, ITA 2012, San Diego, USA.
    • Identifying and covering by spheres, MCCCC 2011, Las Vegas, USA.
    • Sphere coverings and identifying codes, 3ICMTA, Cardona, Spain, 2011.
    • On the link of some semi-bent functions with Kloosterman sums, IWCC 2011, Qingdao, China.
    • On the link of some semi-bent functions in polynomial forms with exponential sums, ITA 2011, San Diego, USA.
    • Recent results on bent and hyper-bent functions and their link with some exponential sums, ITW 2010, Dublin, Ireland.
    • Hyper-bent Boolean functions with multiple trace terms, WAIFI 2010, Istanbul, Turkey.
    • A new family of hyper-bent Boolean functions in polynomial form, IMACC 2009, Cirencester, UK.
    • A new class of bent Boolean functions in polynomial forms, WCC 2009, Ullensvang, Norway.
    • On the number of resilient Boolean functions, SAGA 2007, Papeete, Tahiti.
    • On immunity profile of Boolean functions, SETA 2006, Beijing, China.
    • On the Walsh support of Boolean functions, BFCA 2005, Rouen, France.

    Talks at international and national seminars (in reverse chronological order)

    • Seminar — Department of Mathematics, University of Palermo, Italy, May 2023.
    • Seminar — ENS Paris-Saclay “Panorama Research”, Gif-sur-Yvette, France, May 2023.
    • Seminar — ENS Paris-Saclay “Panorama Research”, Gif-sur-Yvette, France, April 2022.
    • ~15 international online seminars during 2020–2021.
    • Seminar — AGAA (Paris 8 & Paris 13), online, May 2020, France.
    • Seminar — York University, UK, February 2020 (invited by D. Kahrobaei).
    • Seminar — University of Oxford, UK, December 2019 (invited by H. Harrington).
    • Seminar — University of Guangzhou, China, October 2019 (invited by Y. Yu).
    • Seminar — Sun Yat-sen University, Guangzhou, China, October 2019 (invited by C.-A. Zhao).
    • Seminar — Inria Lyon, France, January 2019.
    • Seminar — University of Porto, Portugal, July 2018.
    • Seminar — University of Zurich, Switzerland, December 2017.
    • Seminar — Number Theory, Institute in New Delhi, India, October 2017.
    • Seminar — Algebra & Number Theory, Aalto University, Finland, February 2017.
    • Seminar — Mathematics for Cryptography and Coding Theory, University of Paris 8, November 2016.
    • Seminar — Télécom ParisTech, Paris, France, September 2016.
    • Seminar — Discrete Mathematics, Université Paul Sabatier (IMT), Toulouse, France, April 2016.
    • Seminar — “Combinatorics and Algorithmics”, University of Rouen, France, February 2016.
    • Seminar — Hong Kong University of Science and Technology, Hong Kong, June 2015.
    • Seminar — Algebra & Geometry, University of Versailles, France, April 2015.
    • Seminar — “Cryptography”, CY Cergy Paris University, France, April 2015.
    • Seminar — Discrete Mathematics, Nanjing University, China, December 2014.
    • Seminar — “Cryptography”, China University of Mining & Technology (Xuzhou), China, December 2014.
    • Seminar — Department of Mathematical Sciences, UAE University, UAE, October 2014.
    • Seminar — Combinatorics, Université Paris XIII, France, May 2014.
    • Seminar — LIP6, Sorbonne Université (UPMC), Paris, France, April 2014.
    • Seminar — Project Boole, Sorbonne Université (UPMC), Paris, France, June 2013.
    • Seminar — UCD School of Mathematical Sciences, Dublin, Ireland, February 2012.
    • Seminar — Project Boole, Institut Henri Poincaré, Paris, France, January 2012.
    • Seminar — Information Theory, Télécom ParisTech, France, December 2011.
    • Invited talk — “Coding and Cryptography” (C2), Saint-Pierre d’Oléron, France, April 2011.
    • Seminar — Arithmetic & Information Theory (ATI), IML, Marseille, France, February 2011.
    • Seminar — MTII, University of Paris 8, France, January 2011.
    • Seminar — Project Boole, Institut Henri Poincaré, Paris, France, May 2010.
    • Seminar — MTII, University of Paris 8, France, June 2009.
    • Seminar — I3S, Sophia-Antipolis, Nice, France, April 2009.
    • Seminar — Codes & Cryptography, ENSTA, Paris, France, October 2005.
    • Seminar — Algebraic Combinatorics, Université Paris 13, France, April 2005.
    • Seminar — Cryptography, University of Rennes, France, April 2005.
    • Seminar — Information Theory & Security, University of Paris 8, France, June 2003.
    • Seminar — Algebraic Geometry, University of Rennes I, France, April 2002.
    • Seminar — Workshop of Mathematics, Institut Henri Poincaré, Paris, France, March 2002.

    Visiting Positions

    In reverse chronological order

    • Invitation — July 2025, Luciane Quoos, Department of Mathematics, Universidade Federal do Rio de Janeiro, Brazil.
    • Invitation — February 2025, Hugwei Lui, Normal School, Department of Mathematics, University of Hubei, Wuhan, China.
    • Invitation — August 2023, Prof. Cunsheng Ding, Hong Kong University of Science and Technology, Hong Kong.
    • Invitation — February 2020, Prof. Delaram Kahrobaei, Department of Computer Science, University of York, UK.
    • Invitation — October 2017, Profs. Shri Kant, Shanta Laishram, Subhamoy Maitra, New Delhi, India.
    • Invitations — August–September 2017, Profs. Qi Wang (SUSTech, Shenzhen); Yongzhuang Wei, Minquan Cheng, Dianhua Wu (University of Guilin & Guangxi Normal University); Yanfeng Qi (Hangzhou Dianzi University); Longjiang Qu (NUDT, Changsha); Maosheng Xiong (HKUST).
    • Invitation — February 2017, Profs. Marcus Greferath, Camilla Hollanti, Department of Mathematics, Aalto University, Finland.
    • Invitation — September 2016, Profs. Dongdai Lin, Keqin Feng, Baofeng Wu, Chinese Academy of Sciences, China.
    • Invitation — September 2016, Profs. Françoise Soulier, Fangwei Fu, Jian Liu, Tianjin & Nankai Universities, China.
    • Invitation — July 2016, Prof. Zhengchun Zhou, Department of Mathematics, Southwest Jiaotong University, Chengdu, China.
    • Invitation — June 2015, Prof. Cunsheng Ding, Hong Kong University of Science and Technology, Hong Kong.
    • Invitation — October 2014, Prof. Kanat Abdukhalikov, Department of Mathematics, Al Ain, UAE.
    • Invitation — September 2014, Prof. Ferruh Özbudak, Middle East Technical University, Ankara, Turkey.
    • Invitation — October 2013, Prof. János Körner, University of Rome, Italy.
    • Invitation — November 2010, Prof. Simon Litsyn, Tel Aviv University, Israel.
    • Invitation — September 2010, Prof. Marcus Greferath, University College Dublin, Ireland.