Abstract not found

Random mappings from a finite set into itself are either a heuristic or an exact model for a variety of applications in random number generation, computational number theory, cryptography, and the analysis of algorithms at large. This paper introduces a general framework in which the analysis of about twenty characteristic parameters of random mappings is carried out: These parameters are studied systematically through the use of generating functions and singularity analysis. In particular, an open problem of Knuth is solved, namely that of finding the expected diameter of a random mapping. The same approach is applicable to a larger class of discrete combinatorial models and possibilities of automated analysis using symbolic manipulation systems ("computer algebra") are also briefly discussed.

Various enumerations of labeled trees and forests, including Cayley's formula n n\Gamma2 for the number of trees labeled by [n], and Cayley's multinomial expansion over trees, are derived from the following coalescent construction of a sequence of random forests (R n ; R n\Gamma1 ; : : : ; R 1 ) such that R k has uniform distribution over the set of all forests of k rooted trees labeled by [n]. Let R n be the trivial forest with n root vertices and no edges. For n k 2, given that R n ; : : : ; R k have been defined so that R k is a rooted forest of k trees, define R k\Gamma1 by addition to R k of a single edge picked uniformly at random from the set of n(k \Gamma 1) edges which when added to R k yield a rooted forest of k \Gamma 1 trees. This coalescent construction is related to a model for a physical process of clustering or coagulation, the additive coalescent in which a system of masses is subject to binary coalescent collisions, with each pair of masses of magnitude...

. We consider Pollard's rho method for discrete logarithm computation. Usually, in the analysis of its running time the assumption is made that a random walk in the underlying group is simulated. We show that this assumption does not hold for the walk originally suggested by Pollard: its performance is worse than in the random case. We study alternative walks that can be efficiently applied to compute discrete logarithms. We introduce a class of walks that lead to the same performance as expected in the random case. We show that this holds for arbitrarily large prime group orders, thus making Pollard's rho method for prime group orders about 20% faster than before. 1. Introduction Let G be a finite cyclic group, written multiplicatively, and generated by the group element g. We define the discrete logarithm problem (DLP) as follows: given a group element h, find the least non-negative integer x such that h = g x . We write x = log g h and call it the discrete logarithm of h...

The best algorithms to compute discrete logarithms in arbitrary groups (of prime order) are the baby-step giant-step method, the rho method and the kangaroo method. The first two have (expected) running time O( p n) group operations (n denoting the group order), thereby matching Shoup's lower bounds. While the baby-step giant-step method is deterministic but with large memory requirements, the rho and the kangaroo method are probabilistic but can be implemented very space efficiently, and they can be parallelized with linear speed-up. In this paper, we present the state of the art in these methods.

. A hardware implementation model is proposed that can be used in the design of stream ciphers, block ciphers and cryptographic hash functions. The cryptographic finite state machine (CFSM) model is no mathematical tool, but a set of criteria that have to be met by a real hardware finite state machine that will be used in the implementation of a cryptographic algorithm. Diffusion is studied by means of the diffusion graph and dependence matrix. For the study of confusion differential cryptanalysis is used. In the paper the design of a high-speed cryptographic coprocessor is presented called Subterranean. This coprocessor can be used for both cryptographic pseudorandom sequence generation and cryptographic hashing. It can be implemented in a straightforward way as (part of) a chip. The small gate-delay allows high clockfrequencies, and even a moderate estimation of 20 MHz leads to a (stream-)encryption speed of 0.3 Gbit/s and hashing speed of 0.6 Gbit/sec. Keywords: Hardware Cryptograph...

We present new general method for proving that for certain classes of finite structures the limit law fails for properties expressible in transitive closure logic. In all such cases also all associated asymptotic problems are undecidable. 1 Introduction The problems considered in this paper belong to the research area called random structure theory, and, more specifically, to its logical aspect. To explain (very imprecisely and incompletely) what does it mean, let us imagine that we have a class of some structures (say: finite ones over some fixed signature), equipped with a probability space structure (this probability is usually assumed to be only finitely additive). Then we draw one structure at random and ask: what does the drawn structure look like? does the drawn structure have some particular property? Those questions are typical in random structure theory. To turn to the logical part of it, look at the drawn structure through logical glasses: we can only notice properti...

Abstract. Consider the functional graph of a random mapping from an n–element set into itself. Then the number of nodes in the strata of this graph can be viewed as stochastic process. Using a generating function approach it is shown that a suitable normalization of this process converges weakly to local time of reflecting Brownian bridge. 1.

We consider the properties of certain graphs based on iteration of the quadratic maps x ! x and x ! x 2 over a finite field GF(p).

Key words: random labelled trees, monadic second order zero-one laws, second order fraisse-ehrenfeucht games, second moment method PACS: 1