on Helleseth conjectures

(1)

On Helleseth conjectures

Yves Aubry Philippe Langevin

Institut de Mathmatiques de Toulon universit´e du sud Toulon Var.

 September

5th International Conference on Algebraic Informatics Porquerolles island

(2)

Origine

The mathematical problems of the talk appeared in the 60’s when people searched pairs of binary sequences with nice intercorrelation properties : phone, radar etc. . .

correlation

Given two complex sequencess ands⁰ on unit circle, of periodn, the intercorrelation att ∈Zis

s⁰×s(t) =

n

X

i=1

s_i⁰si+t

finding pairs of sequences of root of 1, preferably ternary or binary, with small correlation, ideally 0, is important for applications.

(3)

maximal sequence

By the works of people like Gold, Welch, Niho . . . We know it is possible to construct interesting sequences using both the additive and the multiplicative structures of a finite field.

Lbe a finite field of characteristic pand orderq.

µthe canonical addidive character ofL,

L3x7→ζ_p^Tr^L^(x), ζ_p= exp(2iπ/p).

γ a primtive root ofL.

s_i :=µ(γⁱ) is (q−1)-periodic, it is amaximal sequence.

(4)

Fourier coefficient

Lets⁰ an otherm-sequence.

s_i⁰ =µ(βⁱ) =µ(γ^si), (s,q−1) = 1, β =γ^s.

s⁰×s(t) =

q−1

X

i=1

s_i⁰si+t

=

q−1

X

i=1

µ(γ^si)¯µ(γ^i+t)

=bf(a)−1

wherea=γ^t andf(x) =x^s (power permutation), and bf(a) =X

x∈L

µ f(x)−ax thisFourier coefficientis sometimes called aWeil sum.

(5)

spectrum

Letf:L→Lbe any mapping.

bf(a)∈Q(ζ_p) is a cyclotomic integer.

The distribution of thebf(a)⁰s is the spectrum off. We sayf (or an exponents) has aN-valued spectrum, if

N=]

bf(a)|a∈L^× It is convenient to introduce

Det(f) := Y

a∈L^×

bf(a)

(6)

Rationality

Theorem (Helleseth)

All the Fourier coefficients of x^s are inZiff s= 1 (modp−1).

Proof.

Lett be the inverse ofs modulop−1. The automorphismσu defined by σ_u(ζ_p) =ζ_p^uacts like

σ_u(bf(a)) =X

x∈L

µ(ux^s−uax) =X

x∈L

µ(x^s −u^1−tax)

=bf(u^1−ta)

whence by Fourier inversion

∀x ∈L, f(x) =f(u^1−tx)

∀y ∈Fp, y=u^1−ty

(7)

Rationality

Theorem (Helleseth)

All the Fourier coefficients of x^s are inZiff s= 1 (modp−1).

Proof.

Lett be the inverse ofs modulop−1. The automorphismσu defined by σ_u(ζ_p) =ζ_p^uacts like

σ_u(bf(a)) =X

x∈L

µ(ux^s−uax) =X

x∈L

µ(x^s −u^1−tax)

=bf(u^1−ta)

whence by Fourier inversion

∀x ∈L, f(x) =f(u^1−tx)

∀y ∈Fp, y=u^1−ty

(8)

main conjectures

The domain of sequences is full of open questions, problems and conjectures concerning the spectra of power mappings. One of the main conjectures appears in a paper of Sarwate and Pursley (1980).

Conjecture

Assuming p= 2. If f is a power permutation of L where[L:F2] is even thensup_a∈L|bf(a)| ≥2√

q.

There is also two conjectures by Helleseth (1976).

(9)

Helleseth conjectures

Conjecture (HZ)

Let L be a field of cardinal q>2. If f is a power permutation of L of exponent s≡1 mod (p−1)then

∃a∈L^×, bf(a) = 0.

Conjecture (HP)

If[L:Fp]is a power of 2. If f is a power permutation of L thenbf takes at least four values.

(10)

Recent results

In characteristic 2,

HZ checked up to dimension 25, numerical project page of PL.

HP checked up to dimension 32, idem.

D. Katz proved HZ assuming tri-valued spectrum.

T. Feng proved HP assuming non trivial zero.

HP is proved (2012).

In odd characteristic,

three valued spectrum impliess = 1 (modp−1) (D. Katz) D. Katz proved HP in characteristic 3.

HP checked forq≤2²⁰, numerical project page of PL.

HP looks like ”almost” proved (2013).

(11)

How to progress ?

It appears that the hard conjecture is Conjecture (HZ)

Let L be a field of cardinal q>2. If f is a power permutation of L of exponent s≡1 mod (p−1)then

∃a∈L^×, bf(a) = 0.

no progress since 40 years !

(12)

Kloosterman sum

The cases=q−2 is very interesting

f(x) =x^s =x⁻¹, bf(a) = 1 + X

x∈L^×

µ(1

x −ax) = 1 +kloos(a) We know HZ is true for the inversion :

in characteristic 2 (Lachaud-Wolfmann).

in characteristic 3 (Katz-Livn´e).

in characteristic p>3,sdoma=−1 (mod p−1).

(Kononen-Rinta-Aho-Vaanainen).

Problem

Find a more direct proof ! Problem

What about APN mappings ?

(13)

Divisibility

Letf be a permutation of L bf(0) =X

x∈L

µ(f(x)) =X

x∈L

µ(x) = 0

Definition

We say that HZ is true modulo`if for any power permutation of exponents= 1 (modp−1),

∃a∈L^×, bf(a)≡0 (mod `).

(14)

Divisibility by p

Proposition

HZ is true modulo p.

bf(a) = q

q−1+ 1 q−1

X

χ6=1

τ( ¯χ^t)τ(χ) ¯χ(a) wherest= 1 (modq−1).

Thep-divisiblity is well understand by Stickelberger’s congruences on Gauss sums :

τ(χ) =X

x∈L

χ(x)µ(x).

The minimalp-adic valuation ofbf(a) (a6= 0) is 1

p−1 min

0<j S(jt) +S(−j)

whereS(j) is thep-ary weight of the residue≡j mod (q−1).

(15)

Divisibility by 3

Theorem

HZ is true modulo 3

(16)

primary degree

Theorem

if[L:Fp]is a power of a prime`then HZ is true modulo`.

(17)

Key point

We consider the numberN_n(u,v), of solutions inLⁿof the system

x₁ + x₂ + . . . + x_n =u

f(x₁) + f(x₂) + . . . + f(x_n) =v. (1) Using characters counting principle :

Lemma

The number N_n(u,v)of solutions in Lⁿ of the system (??) verifies q²N_n(u,v) =qⁿ+ X

α∈L^×

X

β∈L^×

fb_β(α)ⁿµ(αu¯ +βv).

wherefβ(x) =f(βx).

(18)

sketch ` = 3

Suppose thatDet(f)6≡0 mod 3 whencep6= 3 q²N2(u,v) =q²+ X

α∈L^×

X

β∈L^×

fbβ(α)²µ(αu¯ +βv).

Assumingu,v ∈L^×.

Using little Fermat Theorem, it becomes

N2(u,v)≡1 + X

α∈L^×

X

β∈L^×

¯

µ(αu+βv)

≡1 + X

α∈L^×

¯

µ(αu)× X

β∈L^×

¯ µ(βv)

≡1 + (−1)×(−1)≡2 (mod 3).

∀u∈L^×, ∀v ∈L^×, N₂(u,v)6≡0 (mod `). (2)

(19)

sketch ` = 3

In order to obtain a contradiction, we exhibit av ∈L^× such that N2(1,v) = 0. This number is also the number of preimages ofv by

d:x 7→x^s+ (1−x)^s

An elementv6= 1/2 in the image has at least two images x,1−x

The image ofd contains at most ^q+1₂ elements and there exists a v such thatN2(1,v) = 0.

(20)

conclusion

still a lot of work !

but up to now, divisibility by 3 (new) and divisibility byp(old) are the only two global results in the direction of the Helleseth conjecture !