Luca Mariot

Claude Carlet, Marko Čupić, Marko Ðurasevic et al.

Monotone Boolean functions are a structurally important class of Boolean functions, but their restricted form imposes strong limitations on achievable nonlinearity. In this paper, we investigate whether evolutionary computation can evolve monotone Boolean functions with high nonlinearity, both in the balanced and imbalanced settings. We consider three solution encodings: the standard truth table representation, a balanced truth table encoding that preserves Hamming weight, and a symbolic tree-based genetic programming representation. To guide the search toward monotone increasing functions, we introduce a non-monotonicity penalty and combine it with fitness functions targeting balancedness and nonlinearity. Experimental results are reported for dimensions from $n=5$ to $n=14$. The results show that evolutionary search can discover monotone Boolean functions with nonlinearities clearly exceeding those of majority functions, and in several cases approaching the best currently known values for monotone functions. At the same time, the experiments reveal substantial differences between encodings: the balanced truth table encoding performs poorly for larger dimensions, while the standard truth table and genetic programming encodings remain competitive, with genetic programming becoming especially relevant in the largest tested dimensions.

Luca Mariot, Federico Mazzone, Luca Manzoni et al.

We consider threshold secret sharing schemes based on cellular automata (CA) that allows for anonymous reconstruction, meaning that the secret can be recovered only as a function of the shares, without knowing the participants' identities. To this end, we revisit the basic characterization of $(2,n)$ threshold schemes based on CA in terms of Mutually Orthogonal Latin Squares (MOLS), and redefine the secret space as the MOLS family itself, showing that the new resulting scheme enables anonymous reconstruction of secret CA rules. Finally, we discuss the trade-off between the number of secret CA that can be shared and the computational complexity of the recovery phase.

Alberto Dennunzio, Maximilien Gadouleau, Luca Mariot

In this short paper, we begin to investigate the conditions under which a generic Bipermutive Cellular Automaton (BCA) with no-boundary conditions of diameter $d$ generates a Latin square of order $N=2^{d-1}$ admitting an orthogonal mate, without relying on the linearity of the local rule. Since an orthogonal mate exists if and only if the Latin square can be partitioned into $N$ disjoint \emph{transversals}, we start by characterizing the subclass of BCA whose Latin squares have a transversal on the main diagonal. In particular, we prove that the main diagonal forms a transversal if and only if the generating function of the bipermutive local rule induces an invertible CA with periodic boundary conditions on a configuration of size $d-1$. We then perform exhaustive search experiments, showing that $d=6$ is the smallest diameter for which there exist nonlinear bipermutive CA that generate Latin squares with a transversal on the main diagonal.

Claude Carlet, Marko Djurasevic, Domagoj Jakobovic et al.

Finding balanced, highly nonlinear Boolean functions is a difficult problem where it is not known what nonlinearity values are possible to be reached in general. At the same time, evolutionary computation is successfully used to evolve specific Boolean function instances, but the approach cannot easily scale for larger Boolean function sizes. Indeed, while evolving smaller Boolean functions is almost trivial, larger sizes become increasingly difficult, and evolutionary algorithms perform suboptimally. In this work, we ask whether genetic programming (GP) can evolve constructions resulting in balanced Boolean functions with high nonlinearity. This question is especially interesting as there are only a few known such constructions. Our results show that GP can find constructions that generalize well, i.e., result in the required functions for multiple tested sizes. Further, we show that GP evolves many equivalent constructions under different syntactic representations. Interestingly, the simplest solution found by GP is a particular case of the well-known indirect sum construction.

Luca Mariot, Stjepan Picek, Domagoj Jakobovic et al.

Finding Boolean functions suitable for cryptographic primitives is a complex combinatorial optimization problem, since they must satisfy several properties to resist cryptanalytic attacks, and the space is very large, which grows super exponentially with the number of input variables. Recent research has focused on the study of Boolean functions that satisfy properties on restricted sets of inputs due to their importance in the development of the FLIP stream cipher. In this paper, we consider one such property, perfect balancedness, and investigate the use of Genetic Programming (GP) and Genetic Algorithms (GA) to construct Boolean functions that satisfy this property along with a good nonlinearity profile. We formulate the related optimization problem and define two encodings for the candidate solutions, namely the truth table and the weightwise balanced representations. Somewhat surprisingly, the results show that GA with the weightwise balanced representation outperforms GP with the classical truth table phenotype in finding highly nonlinear WPB functions. This finding is in stark contrast to previous findings on the evolution of globally balanced Boolean functions, where GP always performs best.

Carlos Coello Coello, Marko Djurasevic, Domagoj Jakobovic et al.

Evolutionary algorithms have been successfully applied to attacking Physically Unclonable Functions (PUFs). CMA-ES is recognized as the most powerful option for a type of attack called the reliability attack. While there is no reason to doubt the performance of CMA-ES, the lack of comparison with different metaheuristics and results for the challenge-response pair-based attack leaves open questions if there are better-suited metaheuristics for the problem. In this paper, we take a step back and systematically evaluate several metaheuristics for the challenge-response pair-based attack on strong PUFs. Our results confirm that CMA-ES has the best performance, but we also note several other algorithms with similar performance while having smaller computational costs. More precisely, if we provide a sufficient number of challenge-response pairs to train the algorithm, various configurations show good results. Consequently, we conclude that EAs represent a strong option for challenge-response pair-based attacks on PUFs.

Maximilien Gadouleau, Luca Mariot, Stjepan Picek

We present a construction of partial spread bent functions using subspaces generated by linear recurring sequences (LRS). We first show that the kernels of the linear mappings defined by two LRS have a trivial intersection if and only if their feedback polynomials are relatively prime. Then, we characterize the appropriate parameters for a family of pairwise coprime polynomials to generate a partial spread required for the support of a bent function, showing that such families exist if and only if the degrees of the underlying polynomials is either $1$ or $2$. We then count the resulting sets of polynomials and prove that for degree $1$, our LRS construction coincides with the Desarguesian partial spread. Finally, we perform a computer search of all $\mathcal{PS}^-$ and $\mathcal{PS}^+$ bent functions of $n=8$ variables generated by our construction and compute their 2-ranks. The results show that many of these functions defined by polynomials of degree $b=2$ are not EA-equivalent to any Maiorana-McFarland or Desarguesian partial spread function.

Luca Mariot, Stjepan Picek, Domagoj Jakobovic et al.

Combinatorial designs provide an interesting source of optimization problems. Among them, permutation codes are particularly interesting given their applications in powerline communications, flash memories, and block ciphers. This paper addresses the design of permutation codes by evolutionary algorithms (EA) by developing an iterative approach. Starting from a single random permutation, new permutations satisfying the minimum distance constraint are incrementally added to the code by using a permutation-based EA. We investigate our approach against four different fitness functions targeting the minimum distance requirement at different levels of detail and with two different policies concerning code expansion and pruning. We compare the results achieved by our EA approach to those of a simple random search, remarking that neither method scales well with the problem size.

Luca Mariot, Martina Saletta, Alberto Leporati et al.

An interesting thread in the research of Boolean functions for cryptography and coding theory is the study of secondary constructions: given a known function with a good cryptographic profile, the aim is to extend it to a (usually larger) function possessing analogous properties. In this work, we continue the investigation of a secondary construction based on cellular automata, focusing on the classes of bent and semi-bent functions. We prove that our construction preserves the algebraic degree of the local rule, and we narrow our attention to the subclass of quadratic functions, performing several experiments based on exhaustive combinatorial search and heuristic optimization through Evolutionary Strategies (ES). Finally, we classify the obtained results up to permutation equivalence, remarking that the number of equivalence classes that our CA-XOR construction can successfully extend grows very quickly with respect to the CA diameter.

Luca Mariot

We consider the optimization problem of constructing a binary orthogonal array (OA) starting from a bigger one, by removing a specified amount of lines. In particular, we develop a genetic algorithm (GA) where the underlying chromosomes are constant-weight binary strings that specify the lines to be cancelled from the starting OA. Such chromosomes are then evolved through balanced crossover and mutation operators to preserve the number of ones in them. The fitness function evaluates the matrices obtained from these chromosomes by measuring their distance from satisfying the constraints of an OA smaller than the starting one. We perform a preliminary experimental validation of the proposed genetic algorithm by crafting the initial OA as a random permutation of several blocks of the basic parity-check array, thereby guaranteeing the existence of an optimal solution.

Luca Mariot

Orthogonal Cellular Automata (OCA) have been recently investigated in the literature as a new approach to construct orthogonal Latin squares for cryptographic applications such as secret sharing schemes. In this paper, we consider OCA for a different cryptographic task, namely the generation of pseudorandom sequences. The idea is to iterate a dynamical system where the output of an OCA pair is fed back as a new set of coordinates on the superposed squares. The main advantage is that OCA ensure a certain amount of diffusion in the generated sequences, a property which is usually missing from traditional CA-based pseudorandom number generators. We study the problem of finding OCA pairs with maximal period by first performing an exhaustive search up to local rules of diameter $d=5$, and then focusing on the subclass of linear bipermutive rules. In this case, we characterize the periods of the sequences in terms of the order of the subgroup generated by an invertible Sylvester matrix. We finally devise an algorithm based on Lagrange's theorem to efficiently enumerate all linear OCA pairs of maximal period up to diameter $d=11$.

Mauro Castelli, Luca Manzoni, Luca Mariot et al.

In the crowded environment of bio-inspired population-based metaheuristics, the Salp Swarm Optimization (SSO) algorithm recently appeared and immediately gained a lot of momentum. Inspired by the peculiar spatial arrangement of salp colonies, which are displaced in long chains following a leader, this algorithm seems to provide an interesting optimization performance. However, the original work was characterized by some conceptual and mathematical flaws, which influenced all ensuing papers on the subject. In this manuscript, we perform a critical review of SSO, highlighting all the issues present in the literature and their negative effects on the optimization process carried out by this algorithm. We also propose a mathematically correct version of SSO, named Amended Salp Swarm Optimizer (ASSO) that fixes all the discussed problems. We benchmarked the performance of ASSO on a set of tailored experiments, showing that it is able to achieve better results than the original SSO. Finally, we performed an extensive study aimed at understanding whether SSO and its variants provide advantages compared to other metaheuristics. The experimental results, where SSO cannot outperform simple well-known metaheuristics, suggest that the scientific community can safely abandon SSO.

Luca Mariot, Stjepan Picek, Domagoj Jakobovic et al.

Reversible Cellular Automata (RCA) are a particular kind of shift-invariant transformations characterized by a dynamics composed only of disjoint cycles. They have many applications in the simulation of physical systems, cryptography and reversible computing. In this work, we formulate the search of a specific class of RCA -- namely, those whose local update rules are defined by conserved landscapes -- as an optimization problem to be tackled with Genetic Algorithms (GA) and Genetic Programming (GP). In particular, our experimental investigation revolves around three different research questions, which we address through a single-objective, a multi-objective, and a lexicographic approach. The results obtained from our experiments corroborate the previous findings and shed new light on 1) the difficulty of the associated optimization problem for GA and GP, 2) the relevance of conserved landscape CA in the domain of cryptography and reversible computing, and 3) the relationship between the reversibility property and the Hamming weight.

Lucija Planinic, Marko Djurasevic, Luca Mariot et al.

This paper investigates the influence of genotype size on evolutionary algorithms' performance. We consider genotype compression (where genotype is smaller than phenotype) and expansion (genotype is larger than phenotype) and define different strategies to reconstruct the original variables of the phenotype from both the compressed and expanded genotypes. We test our approach with several evolutionary algorithms over three sets of optimization problems: COCO benchmark functions, modeling of Physical Unclonable Functions, and neural network weight optimization. Our results show that genotype expansion works significantly better than compression, and in many scenarios, outperforms the original genotype encoding. This could be attributed to the change in the genotype-phenotype mapping introduced with the expansion methods: this modification beneficially transforms the domain landscape and alleviates the search space traversal.

Luca Mariot, Martina Saletta, Alberto Leporati et al.

Semi-bent Boolean functions are interesting from a cryptographic standpoint, since they possess several desirable properties such as having a low and flat Walsh spectrum, which is useful to resist linear cryptanalysis. In this paper, we consider the search of semi-bent functions through a construction based on cellular automata (CA). In particular, the construction defines a Boolean function by computing the XOR of all output cells in the CA. Since the resulting Boolean functions have the same algebraic degree of the CA local rule, we devise a combinatorial algorithm to enumerate all quadratic Boolean functions. We then apply this algorithm to exhaustively explore the space of quadratic rules of up to 6 variables, selecting only those for which our CA-based construction always yields semi-bent functions of up to 20 variables. Finally, we filter the obtained rules with respect to their balancedness, and remark that the semi-bent functions generated through our construction by the remaining rules have a constant number of linear structures.

Luca Manzoni, Domagoj Jakobovic, Luca Mariot et al.

Tasks related to Natural Language Processing (NLP) have recently been the focus of a large research endeavor by the machine learning community. The increased interest in this area is mainly due to the success of deep learning methods. Genetic Programming (GP), however, was not under the spotlight with respect to NLP tasks. Here, we propose a first proof-of-concept that combines GP with the well established NLP tool word2vec for the next word prediction task. The main idea is that, once words have been moved into a vector space, traditional GP operators can successfully work on vectors, thus producing meaningful words as the output. To assess the suitability of this approach, we perform an experimental evaluation on a set of existing newspaper headlines. Individuals resulting from this (pre-)training phase can be employed as the initial population in other NLP tasks, like sentence generation, which will be the focus of future investigations, possibly employing adversarial co-evolutionary approaches.

Luca Manzoni, Luca Mariot, Eva Tuba

The use of balanced crossover operators in Genetic Algorithms (GA) ensures that the binary strings generated as offsprings have the same Hamming weight of the parents, a constraint which is sought in certain discrete optimization problems. Although this method reduces the size of the search space, the resulting fitness landscape often becomes more difficult for the GA to explore and to discover optimal solutions. This issue has been studied in this paper by applying an adaptive bias strategy to a counter-based crossover operator that introduces unbalancedness in the offspring with a certain probability, which is decreased throughout the evolutionary process. Experiments show that improving the exploration of the search space with this adaptive bias strategy is beneficial for the GA performances in terms of the number of optimal solutions found for the balanced nonlinear Boolean functions problem.

Domagoj Jakobovic, Luca Manzoni, Luca Mariot et al.

We investigate the use of Genetic Programming (GP) as a convolutional predictor for missing pixels in images. The training phase is performed by sweeping a sliding window over an image, where the pixels on the border represent the inputs of a GP tree. The output of the tree is taken as the predicted value for the central pixel. We consider two topologies for the sliding window, namely the Moore and the Von Neumann neighborhood. The best GP tree scoring the lowest prediction error over the training set is then used to predict the pixels in the test set. We experimentally assess our approach through two experiments. In the first one, we train a GP tree over a subset of 1000 complete images from the MNIST dataset. The results show that GP can learn the distribution of the pixels with respect to a simple baseline predictor, with no significant differences observed between the two neighborhoods. In the second experiment, we train a GP convolutional predictor on two degraded images, removing around 20% of their pixels. In this case, we observe that the Moore neighborhood works better, although the Von Neumann neighborhood allows for a larger training set.

Anastasiya Gorodilova, Sergey Agievich, Claude Carlet et al.

Problems and their solutions of the Fifth International Students' Olympiad in cryptography NSUCRYPTO'2018 are presented. We consider problems related to attacks on ciphers and hash functions, Boolean functions, quantum circuits, Enigma, etc. We discuss several open problems on orthogonal arrays, Sylvester matrices and disjunct matrices. The problem of existing an invertible Sylvester matrix whose inverse is again a Sylvester matrix was completely solved during the Olympiad.

Luca Manzoni, Luca Mariot, Eva Tuba

In several combinatorial optimization problems arising in cryptography and design theory, the admissible solutions must often satisfy a balancedness constraint, such as being represented by bitstrings with a fixed number of ones. For this reason, several works in the literature tackling these optimization problems with Genetic Algorithms (GA) introduced new balanced crossover operators which ensure that the offspring has the same balancedness characteristics of the parents. However, the use of such operators has never been thoroughly motivated, except for some generic considerations about search space reduction. In this paper, we undertake a rigorous statistical investigation on the effect of balanced and unbalanced crossover operators against three optimization problems from the area of cryptography and coding theory: nonlinear balanced Boolean functions, binary Orthogonal Arrays (OA) and bent functions. In particular, we consider three different balanced crossover operators (each with two variants: "left-to-right" and "shuffled"), two of which have never been published before, and compare their performances with classic one-point crossover. We are able to confirm that the balanced crossover operators performs better than all three balanced crossover operators. Furthermore, in two out of three crossovers, the "left-to-right" version performs better than the "shuffled" version.

Luca Mariot, Enrico Formenti, Alberto Leporati

We undertake an investigation of combinatorial designs engendered by cellular automata (CA), focusing in particular on orthogonal Latin squares and orthogonal arrays. The motivation is of cryptographic nature. Indeed, we consider the problem of employing CA to define threshold secret sharing schemes via orthogonal Latin squares. We first show how to generate Latin squares through bipermutive CA. Then, using a characterization based on Sylvester matrices, we prove that two linear CA induce a pair of orthogonal Latin squares if and only if the polynomials associated to their local rules are relatively prime.