# Simon R. Blackburn's research while affiliated with Royal Holloway, University of London and other places

## Publications (101)

Preprint
Full-text available
Let $p$ be a fixed prime. We show that the number of isomorphism classes of finite rings of order $p^n$ is $p^\alpha$, where $\alpha=\frac{4}{27}n^3+O(n^{5/2})$. This result was stated (with a weaker error term) by Kruse and Price in 1969; a problem with their proof was pointed out by Knopfmacher in 1973. We also show that the number of isomorphism...
Article
Let n and ℓ be positive integers. Recent papers by Kreher, Stinson, and Veitch have explored variants of the problem of ordering the points in a triple system (such as a Steiner triple system [STS], directed triple system, or Mendelsohn triple system) on n points so that no block occurs in a segment of ℓ consecutive entries (thus the ordering is lo...
Preprint
Recent papers by Kreher, Stinson and Veitch have explored variants of the problem of ordering the points in a triple system (such as a Steiner triple system, directed triple system or Mendelsohn triple system) so that no block occurs in a short segment of consecutive entries (so the ordering is locally block-avoiding). The paper describes a greedy...
Article
There has been much recent interest in private information retrieval (PIR) in models where a database is stored across several servers using coding techniques from distributed storage, rather than being a simply replicated. In particular, a recent breakthrough result of Fazelli, Vardy, and Yaakobi introduces the notion of a PIR code and a PIR array...
Article
Shah, Rashmi and Ramchandran recently considered a model for Private Information Retrieval (PIR) where a user wishes to retrieve one of several Ä-bit messages from a set of n non-colluding servers. Their security model is information-theoretic. Their paper is the first to consider a model for PIR in which the database is not necessarily replicated,...
Article
Let π be a permutation of {1,2,…,n}. If we identify a permutation with its graph, namely the set of n dots at positions (i,π(i)), it is natural to consider the minimum L1 (Manhattan) distance, d(π), between any pair of dots. The paper computes the expected value (and higher moments) of d(π) when n→∞ and π is chosen uniformly, and settles a conjectu...
Preprint
An inglenook puzzle is a classic shunting (switching) puzzle often found on model railway layouts. A collection of wagons sits in a fan of sidings with a limited length headshunt (lead track). The aim of the puzzle is to rearrange the wagons into a desired order (often a randomly chosen order). This article answers the question: When can you be sur...
Article
There has been much recent interest in Private information Retrieval (PIR) in models where a database is stored across several servers using coding techniques from distributed storage, rather than being simply replicated. In particular, a recent breakthrough result of Fazelli, Vardy and Yaakobi introduces the notion of a PIR code and a PIR array co...
Article
Shah, Rashmi and Ramchandran recently considered a model for Private Information Retrieval (PIR) where a user wishes to retrieve one of several $R$-bit messages from a set of $n$ non-colluding servers. Their security model is information-theoretic. Their paper is the first to consider a model for PIR in which the database is not necessarily replica...
Conference Paper
We present a novel cryptanalysis of the Algebraic Eraser primitive. This key agreement scheme, based on techniques from permutation groups, matrix groups and braid groups, is proposed as an underlying technology for ISO/IEC 29167-20, which is intended for authentication of RFID tags. SecureRF, the company owning the trademark Algebraic Eraser, mark...
Article
There has been much recent interest in Private information Retrieval (PIR) in models where a database is stored across several servers using coding techniques from distributed storage, rather than being simply replicated. In particular, a recent breakthrough result of Fazelli, Vardy and Yaakobi introduces the notion of a PIR array code, and uses th...
Conference Paper
The Algebraic Eraser has been gaining prominence as SecureRF, the company commercializing the algorithm, increases its marketing reach. The scheme is claimed to be well-suited to IoT applications but a lack of detail in available documentation has hampered peer-review. Recently more details of the system have emerged after a tag authentication prot...
Article
The Algebraic Eraser has been gaining prominence as SecureRF, the company commercializing the algorithm, increases its marketing reach. The scheme is claimed to be well-suited to IoT applications but a lack of detail in available documentation has hampered peer-review. Recently more details of the system have emerged after a tag authentication prot...
Article
Full-text available
The Pearson distance has been advocated for improving the error performance of noisy channels with unknown gain and offset. The Pearson distance can only fruitfully be used for sets of $q$-ary codewords, called Pearson codes, that satisfy specific properties. We will analyze constructions and properties of optimal Pearson codes. We will compare the...
Article
Full-text available
Anshel, Anshel, Goldfeld and Lemieaux introduced the Colored Burau Key Agreement Protocol (CBKAP) as the concrete instantiation of their Algebraic Eraser scheme. This scheme, based on techniques from permutation groups, matrix groups and braid groups, is designed for lightweight environments such as RFID tags and other IoT applications. It is propo...
Article
K.A.S. Immink and J.H. Weber recently defined and studied a channel with both gain and offset mismatch, modelling the behaviour of charge-leakage in flash memory. They proposed a decoding measure for this channel based on minimising Pearson distance (a notion from cluster analysis). The paper derives a formula for maximum likelihood decoding for th...
Article
Separable codes were defined by Cheng and Miao in 2011, motivated by applications to the identification of pirates in a multimedia setting. Combinatorially, $\overline{t}$-separable codes lie somewhere between $t$-frameproof and $(t-1)$-frameproof codes: all $t$-frameproof codes are $\overline{t}$-separable, and all $\overline{t}$-separable codes a...
Article
Full-text available
We say that a set $S$ is additively decomposed into two sets $A$ and $B$ if $S = \{a+b : a\in A, \ b \in B\}$. A. S\'ark\"ozy has recently conjectured that the set $Q$ of quadratic residues modulo a prime $p$ does not have nontrivial decompositions. Although various partial results towards this conjecture have been obtained, it is still open. Here...
Article
Let $\def \xmlpi #1{}\def \mathsfbi #1{\boldsymbol {\mathsf {#1}}}\let \le =\leqslant \let \leq =\leqslant \let \ge =\geqslant \let \geq =\geqslant \def \Pr {\mathit {Pr}}\def \Fr {\mathit {Fr}}\def \Rey {\mathit {Re}}G$ be a cyclic group written multiplicatively (and represented in some concrete way). Let $n$ be a positive integer (much smaller th...
Article
We say that a $q$-ary length $n$ code is non-overlapping if the set of non-trivial prefixes of codewords and the set of non-trivial suffices of codewords are disjoint. (This property is often called cross-bifix-free.) Baji\'c and Stojanovi\'c were the first to consider non-overlapping codes, motivated by applications requiring fast and reliable fra...
Article
Full-text available
The iterated Johnson bound is the best known upper bound on a size of an error-correcting code in the Grassmannian $\mathcal{G}_q(n,k)$. The iterated Sch\"{o}nheim bound is the best known lower bound on the size of a covering code in $\mathcal{G}_q(n,k)$. We use probabilistic methods to prove that both bounds are asymptotically attained for fixed $... Article A rack of order$n$is a binary operation$\rack$on a set$X$of cardinality$n$, such that right multiplication is an automorphism. More precisely,$(X,\rack)$is a rack provided that the map$x\mapsto x\rack y$is a bijection for all$y\in X$, and$(x\rack y)\rack z=(x\rack z)\rack (y\rack z)$for all$x,y,z\in X$. The paper provides upper and l... Article Full-text available Let $$\mathcal{G}$$ be a triangulation of the sphere with vertex set V, such that the faces of the triangulation are properly coloured black and white. Motivated by applications in the theory of bitrades, Cavenagh and Wanless defined $$\mathcal{A}_W$$ to be the abelian group generated by the set V, with relations r+c+s = 0 for all white triangles w... Article Let G be a finite group, and let κ(G) be the probability that elements g, h∈G are conjugate, when g and h are chosen independently and uniformly at random. The paper classifies those groups G such that κ(G)≥¼, and shows that G is abelian whenever . It is also shown that κ(G)|G| depends only on the isoclinism class of G. Specializing to the symmetr... Article We cryptanalyse a matrix-based key transport protocol due to Baumslag, Camps, Fine, Rosenberger and Xu from 2006. We also cryptanalyse two recently proposed matrix-based key agreement protocols, due to Habeeb, Kahrobaei and Shpilrain, and due to Romanczuk and Ustimenko. Article Full-text available Given a prime$p$, an elliptic curve$\E/\F_p$over the finite field$\F_p$of$p$elements and a binary \lrs\$$$u(n)$$_{n =1}^\infty$of order~$r$, we study the distribution of the sequence of points $$\sum_{j=0}^{r-1} u(n+j)P_j, \qquad n =1,..., N,$$ on average over all possible choices of$\F_p$-rational points$P_1,..., P_r$on~$\E$. For a s... Article Let$n$and$k$be positive integers, and let$F$be an alphabet of size$n$. A sequence over$F$of length$m$is a \emph{$k$-radius sequence} if any two distinct elements of$F$occur within distance$kof each other somewhere in the sequence. These sequences were introduced by Jaromczyk and Lonc in 2004, in order to produce an efficient caching... Article Traceability codes are combinatorial objects introduced by Chor, Fiat and Naor in 1994 to be used in traitor tracing schemes to protect digital content. A k-traceability code is used in a scheme to trace the origin of digital content under the assumption that no more than k users collude. It is well known that an error correcting code of high minim... Article The paper provides a cryptanalysis the AA -cryptosystem recently proposed by Arin and Abu. The scheme is in essence a key agree- ment scheme whose security is based on a discrete logarithm problem in the innite Article Full-text available A distinct difference configuration is a set of points in Z2 with the property that the vectors (difference vectors) connecting any two of the points are all distinct. Many specific examples of these configurations have been previously studied: the class of distinct difference configurations includes both Costas arrays and sonar sequences, for exam... Article Full-text available An n-ary k-radius sequence is a finite sequence of elements taken from an alphabet of size n such that any two distinct elements of the alphabet occur within distance k of each other somewhere in the sequence. These sequences were introduced by Jaromczyk and Lonc to model a caching strategy for computing certain functions on large data sets such as... Article Full-text available A two-dimensional (2-D) grid with dots is called a configuration with distinct differences if any two lines which connect two dots are distinct either in their length or in their slope. These configurations are known to have many applications such as radar, sonar, physical alignment, and time-position synchronization. Rather than restricting dots t... Article Full-text available In this article, we analyze the complexity of the construction of the 2k -diamond structure proposed by Kelsey and Kohno (LNCS, Vol 4004, pp 183–200, 2006). We point out a flaw in their analysis and show that their construction may not produce the desired diamond structure. We then give a more rigorous and detailed complexity analysis of the constr... Article Full-text available A honeycomb array is an analogue of a Costas array in the hexagonal grid; they were first studied by Golomb and Taylor in 1984. A recent result of Blackburn, Etzion, Martin and Paterson has shown that (in contrast to the situation for Costas arrays) there are only finitely many examples of honeycomb arrays, though their bound on the maximal size of... Article Full-text available Given a right-angled triangle of squares in a grid whose horizontal and vertical sides aren$squares long, let N(n) denote the maximum number of dots that can be placed into the cells of the triangle such that each row, each column, and each diagonal parallel to the long side of the triangle contains at most one dot. It has been proven that$N(n)...
Article
In this paper we describe a cryptanalysis of MST 3, a public key cryp-tosystem based on non-commutative groups recently proposed by Lemp-ken, Magliveras, van Trung and Wei.
Article
This paper is a guide for the pure mathematician who would like to know more about cryptography based on group theory. The paper gives a brief overview of the subject, and provides pointers to good textbooks, key research papers and recent survey papers in the area. Comment: 25 pages References updated, and a few extra references added. Minor typog...
Article
Full-text available
We consider symmetric key predistribution in grid-based wireless sensor networks. Networks consisting of wireless sensor nodes arranged in a grid pattern have many useful applications, including environmental monitoring and agribusiness. The structured physical distribution of nodes in such networks facilitates efficient distribution of keys to the...
Article
Biggs has recently proposed the critical group of a certain class of finite graphs as a platform group for cryptosystems relying on the difficulty of the discrete log problem. The paper uses techniques from the theory of Picard groups on finite graphs to show that the discrete log problem can be efficiently solved in Biggs's groups. Thus this class...
Article
The paper provides an upper bound on the size of a (generalized) separating hash family, a notion introduced by Stinson, Wei and Chen. The upper bound generalizes and unifies several previously known bounds which apply in special cases, namely bounds on perfect hash families, frameproof codes, secure frameproof codes and separating hash families of...
Conference Paper
Full-text available
In this paper we propose a new key predistribution scheme for wireless sensor networks in which the sensors are arranged in a square grid. We describe how Costas arrays can be used for key predistribution in these networks, then define distinct difference configurations, a more general structure that provides a flexible choice of parameters in such...
Conference Paper
Full-text available
The problem of establishing symmetric keys in wireless sensor networks has been extensively studied, but other aspects of key management have received comparatively little attention. In this paper we consider the problem of refreshing keys that are shared among several nodes in a WSN, in order to provide forward security. We discuss several applica...
Article
A \emph{uniform random intersection graph} $G(n,m,k)$ is a random graph constructed as follows. Label each of $n$ nodes by a randomly chosen set of $k$ distinct colours taken from some finite set of possible colours of size $m$. Nodes are joined by an edge if and only if some colour appears in both their labels. These graphs arise in the study of t...
Article
We obtain upper and lower bounds on the average energy of circulant graphs with n vertices and regularity d. The average is taken over all representations of such graphs by circulant adjacency matrices.
Article
Full-text available
are descendants. It is shown that linear prolific IPP codes fall into three infinite ('trivial') families, together with a single sporadic example which is ternary of length 4. There are no known examples of prolific IPP codes which are not equivalent to a linear example: the paper shows that for most parameters there are no prolific IPP codes, lea...
Article
Let q>1 be an integer and let a and b be elements of the residue ring Zq of integers modulo q. We show how, when given a polynomial f∈Zq[X] and approximations to v0,v1∈Zq such that v1≡f(v0)modq one can recover v0 and v1 efficiently. This result has direct applications to predicting the polynomial congruential generator: a sequence (vn) of pseudoran...
Article
The paper cryptanalyses a public-key cryptosystem recently proposed by D. Grigoriev and I. Ponomarenko [Quad. Mat. 13, 305–325 (2004; Zbl 1149.94318)], which encrypts an element from a fixed finite group defined in terms of generators and relations to produce a ciphertext from SL(2,ℤ). The paper presents a heuristic method for recovering the secret...
Article
The paper contains proofs of the following results. For all sufficiently large odd integers n, there exists a set of 2(n-1) permutations that pairwise generate the symmetric group S, There is no set of 2(n-1) + 1 permutations having this property. For all sufficiently large integers n with n 2 mod 4, there exists a set of 2(n-2) even permutations t...
Article
A binary array is a (d<sub>1</sub>,k<sub>1</sub>,d<sub>2</sub>,k <sub>2</sub>) runlength constrained array if the runs of zeros in every row and column have length at least d<sub>1</sub> and at most k<sub>1 </sub>, and the runs of ones in every row and column have length at least d<sub>2</sub> and at most k<sub>2</sub>. Such arrays arise in the con...
Article
We obtain upper bounds on character sums and autocorrelation of nonlinear recurrence sequences over arbitrary finite rings.
Article
A public key cryptosystem based on Drinfeld modules has been proposed by Gillard, Leprevost, Panchishkin and Roblot. This paper shows how an adversary can directly recover a private key using only the public key, and so the cryptosystem is insecure. http://eprint.iacr.org/2003/223
Article
Full-text available
Let p be a prime and let a and b be elements of the finite field Fp of p elements. The inversive congruential generator (ICG) is a sequence (un) of pseudorandom numbers defined by the relation un+1 ≡ au−1 n +b mod p .W e show that if sufficiently many of the most significant bits of several consecutive values un of the ICG are given, one can recove...
Conference Paper
Full-text available
Acryptanalysis is given of aMAC proposal presented at CRYPTO2003 by Cary and Venkatesan. Anice feature of the Cary- Venkatesan MAC is that alower bound on its security can be proved when acertain block cipher is modelled as an ideal cipher. Our attacks find collisions for the MAC and yield MAC forgeries, both faster than astraightforward applicatio...
Conference Paper
Full-text available
Let p be a prime and let a and b be integers modulo p. The inversive congruential generator (ICG) is a sequence (u n ) of pseudorandom numbers defined by the relation Un+1 º au-1n+b mod pU_{n+1}\equiv au{^{-1}_{n}}+b {\rm mod} p.We show that if b and sufficiently many of the most significant bits of three consecutive values u n of the ICG are giv...
Article
Let G be an abelian group of order n (written multiplicatively), let g∈G and let d be an integer such that 1⩽d⩽n. The paper establishes bounds on the number of d-element subsets S of G such that ∏x∈Sx=g. This work generalises the problem of finding bounds on the number of monic root-free polynomials of degree d over a finite field Fq with a specifi...
Article
The paper gives an upper bound on the size of a q-ary code of length n that has the k-identifiable parent property. One consequence of this bound is that the optimal rate of such a code is determined in many cases when q→∞ with k and n fixed.
Article
Frameproof codes were first introduced by Boneh and Shaw in the context of digital fingerprinting. Variants of these codes have been studied by several authors, and several similar definitions of frameproof codes exist in the literature. The paper considers frameproof codes from a combinatorial point of view, where we define frameproof codes as fol...
Article
Full-text available
A public key cryptosystem based on Drinfeld modules has been proposed by Gillard, Leprevost, Panchishkin and Roblot. The paper shows how an adversary can directly recover a private key using only the public key, and so the cryptosystem is insecure.
Article
We present a cryptanalysis of a MAC proposal at CRYPTO 2003 due to Cary and Venkatesan. Our attacks nd collisions for the MAC and yield MAC forgeries, both faster than a straightforward application of the birthday paradox would suggest.
Article
The authors show that a public key cryptosystem due to Yoo, Hong, Lee, Lim, Yi and Sung is insecure, as it is susceptible to an attack based on the LLL algorithm
Article
An (n, q, t)-perfect hash family of size s consists of a set V of order n, a set F of order q, and a sequence φ1, φ2, …, φs of functions from V to F with the following property. For all t-subsets X⊆V, there exists i∈{1, 2, …, s} such that φi is injective when restricted to X. An (n, q, t)-perfect hash family of minimal size is known as optimal. The...
Article
Full-text available
. The baby-step giant-step algorithm, due to Shanks, may be used to solve the discrete logarithm problem in arbitrary groups. The paper explores a generalisation of this algorithm, where extra baby steps may be computed after carrying out giant steps (thus increasing the giant step size). The paper explores the problem of deciding how many, and whe...
Article
Full-text available
In environments using RSA schemes, a Certification Authority (CA) is often used to bind a user's public key to their identity. The paper proposes a method of RSA key generation which convinces the CA that a user's key has been well generated, i.e. that the resulting RSA problem is hard with overwhelming probability. This is achieved by involving bo...
Conference Paper
The paper cryptanalyses two public key cryptosystems based on SL2 (\mathbbZ){\mbox{SL}_2 (\mathbb{Z})} that have been recently proposed by Yamamura.
Article
The self-shrinking generator, a stream cipher due to Meier and Staffelbach (see Advances in Cryptology-EUROCRYPT'94, Berlin, Germany, p.205-14, 1995 and Lecture Notes in Computer Science, vol.950), uses the output of a primitive binary linear-feedback shift register (LFSR) of length n to generate a keystream sequence of period dividing 2<sup>n-1 </...
Article
The paper classifies (up to isomorphism) those groups of prime power order whose derived subgroups have prime order.
Article
This paper cryptanalyses a public key cryptosystem that has recently been proposed by C.K. Wu and E. Dawson (see ibid., vol. 145, no. 5, p. 321-5 (1998)). We show that anyone, knowing only the public key and a ciphertext, can retrieve the corresponding message by using some basic linear algebra
Conference Paper
C. Cocks [Cryptography and coding: 6th IMA international conference, Lect. Notes Comput. Sci. 1355, 89-95 (1997; Zbl 0904.94010)] proposed a protocol for two parties to jointly generate a shared RSA key. His protocol was designed under the assumption that both parties follow the protocol. He then proposed a modification to the protocol to prevent c...
Article
It is shown that a stream cipher proposed by Chan and Cheng (see ibid., vol. 34, 1206-7, 1998) is insecure, due to a Meier-Steffelbach correlation attack
Article
Full-text available
The paper cryptanalyses the stream cipher Labyrinth', a cipher recently proposed by Bo Lin and Simon Shepherd. Given only 2 30 known bits of keystream, the 119 bit key of Labyrinth is recovered in under a second of computation using a DEC Alpha. Key words: Stream cipher, cryptanalysis, Labyrinth. 1 Introduction The stream cipher Labyrinth' has re...
Article
Minghua Qu and S.A.Vanstone [2] have proposed a public key cryptosystem (FGM) which is based on factorisations of a binary vector space (i.e. transversal logarithmic signatures of an elementary abelian 2-group). In this paper, a generalised (basis-independent) decryption algorithm is given, which shows that there are many equivalent private keys, a...
Article
LetVbe a set of ordernand letFbe a set of orderq. A setS⊆{φ: V→F} of functions fromVtoFis an (n, q, t)-perfect hash familyif for allX⊆Vwith |X|=t, there existsφ∈Swhich is injective when restricted toX. Perfect hash families arise in compiler design, in circuit complexity theory and in cryptography. LetSbe an (n, q, t)-perfect hash family. The paper...
Article
Cryptanalysis of the stream cipher `Labyrinth', a cipher recently proposed by Lin and Shepherd (1997), is performed. Given only 2<sup>30 </sup> known bits of keystream, the 119 bit key of Labyrinth is recovered in under a second of computation using a DEC Alpha
Article
The paper considers the problem of distributed key generation for shared-control RSA schemes. In particular: how can two parties generate a shared RSA key in such a way that neither party can cheat? The answer to this question would have significant applications to, for example, key escrow systems. Cocks has recently proposed protocols to solve thi...
Article
Letfandgbe polynomials over some field, thought of as elements of the ring of one-sided Laurent series, and suppose that deg f<deg g. The quotientf/gisbadly approximableif all the partial quotients of the continued fraction expansion off/ghave degree 1. We investigate the set of polynomials which occur as the denominatorsgof badly approximable quot...
Article
We show that an algorithm designed to solve the Welch–Berlekamp key equation may also be used to solve a more general problem, which can be regarded as a finite analogue of a generalized rational interpolation problem. As a consequence, we show that a single algorithm exists which can solve both Berlekamp's classical key equation (usually solved by...
Article
Full-text available
This paper argues that the cipher systems based on cellular automata (CA) proposed by S. Nandi et al. (1994) are affine and are insecure. A reply by S. Nandi and P. Pal Chaudhuri is given. The reply emphasizes the point that the regular, modular, cascadable structure of local neighborhood CA can be employed for building low cost cipher system hardw...
Article
The authors argue that public key system proposed by C.H. Lin et al. (1995) is insecure, even if used as a private key system
Article
An asymptotically fast algorithm for solving the generalized rational interpolation problem is presented. This problem has been studied as part of system theory and is related to the solution of the classical and Welch-Berlekamp (1983) key equations which arise in Reed-Solomon decoding. The algorithm can also be used to compute the linear complexit...
Article
A node bisector of a graph Γ is a subset Ω of the nodes of Γ such that Γ may be expressed as the disjoint union G = W1 [(È)\dot] W[(È)\dot] W2 ,\Gamma = \Omega _1 \dot \cup \Omega \dot \cup \Omega _2 , , where | W1 | \geqslant \frac13| G|,W2 \geqslant \frac13| G|\left| {\Omega _1 } \right| \geqslant \frac{1}{3}\left| \Gamma \right|,\Omega _2 \ge...
Article
A sequence of elements from a finite field satisfies the shift and add property if the componentwise sum of any two shifts of the sequence is either a shift of the sequence or the all zero sequence. A sequence whose elements lie in an arbitrary group satisfies the shift and multiply property if the componentwise product of any two shifts of the seq...
Article
The paper establishes a connection between the theory of permutation polynomials and the question of whether a de Bruijn sequence over a general finite field of a given linear complexity exists. The connection is used both to construct span 1 de Bruijn sequences (permutations) of a range of linear complexities and to prove non-existence results for...
Article
. Recently, Qu and Vanstone have announced the construction of several new public-key cryptosystems based on group factorization. One of these was described at the last AUSCRYPT meeting [2]. We point out a serious weakness of this last system which makes it insecure. Our method only uses elementary algebra. 1 The proposed cryptosystem. Let G be a f...
Conference Paper
Multiplicative threshold schemes are useful tools in thresh- old cryptography. For example, such schemes can be used with a wide variety of practical homomorphic cryptosystems (such as the RSA, the El Gamal and elliptic curve systems) for threshold decryption, signa- tures, or proofs. The paper describes a new recursive construction for multiplicat...
Article
Let s be a periodic sequence whose elements lie in a finite field. The authors present an algorithm that calculates the minimal polynomial of s, assuming that a period of s is known. The algorithm generalises both the discrete Fourier transform and the Games-Chan algorithm
Article
Maximal length Linear Shift Register sequences (m-sequences) are widely used in digital systems, such as stream ciphers, which require fast, easily produced bitstreams with good statistical properties. Since many applications require rapid generation of m-sequences, it is desirable to study methods of increasing their rate of output. M. Robshaw (19...
Conference Paper
As a generalisation of clock-controlled shift registers, we consider a class of key-stream generators where a clocking sequence is used to control a pseudorandom walk on a finite group.
Article
This paper summarizes the results of four separate research topics related to the generation of binary sequences by linear feedback shift registers for applications in cryptographic systems.
Conference Paper
. Recently, Qu and Vanstone have announced the constructionof several new public-key cryptosystems based on group factorization.One of these was described at the last AUSCRYPT meeting [2]. Wepoint out a serious weakness of this last system which makes it insecure.Our method only uses elementary algebra.1 The proposed cryptosystem.Let G be a finite...
Article
How much extra length (above the length of your car) do you need to parallel park? This report shows how to write down a formula for this.
Article
Cambridge Core - Algorithmics, Complexity, Computer Algebra, Computational Geometry - Surveys in Combinatorics 2013 - edited by Simon R. Blackburn

## Citations

... It is cyclically -good if each set of cyclically consecutive vertices is an independent set of (X , B). These definitions accord with those given in [2,7], where good and cyclically good sequencings were studied. Trivially, any cyclically -good sequencing of (X , B) is cyclically -good and -good for each ∈ {1, . . . ...
... Studying the value of P t,ℓ (s, k) has been initiated in [11] and since then several more results have appeared; see e.g. [3], [4], [6], [28]. Note that the first work [12] which studied batch codes defined them in their array codes setup and only later on they were studied in their one-dimensional case, also known as primitive batch codes; see e.g. ...
... The retrieval rate of an PIR scheme is the ratio of the gained information over downloaded information, while uploaded costs of the requests are ignored. PIR scheme for more realistic coded distributed data storage system was proposed in [6,35]. All files x 1 , . . . ...
... We mention th