The Action of a Few Random Permutations on r-Tuples and an Application to Cryptography

We prove that for every r and d≥2 there is a C such that for most choices of d permutations π1, π2, ..., πd of S n , a product of less than C log n of these permutations is needed to map any r-tuple of distinct integers to another r-tuple. We came across this problem while studying a seemingly unrelated cryptographic problem, and use this result in order to show that certain cryptographic devices using permutation automata are highly insecure. The proof techniques we develop here give more general results, and constitute a first step towards the study of expansion properties of random Cayley graphs over the symmetric group, whose relevance to theoretical computer science is well-known (see [B&al90]).

[1]  DANA ANGLUIN,et al.  On the Complexity of Minimum Inference of Regular Sets , 1978, Inf. Control..

[2]  Béla Bollobás,et al.  The Isoperimetric Number of Random Regular Graphs , 1988, Eur. J. Comb..

[3]  E. Szemerédi,et al.  Sorting inc logn parallel steps , 1983 .

[4]  Gilles Zémor,et al.  Group-theoretic hash functions , 1993, Algebraic Coding.

[5]  Alexander Lubotzky,et al.  Discrete groups, expanding graphs and invariant measures , 1994, Progress in mathematics.

[6]  J. A. Fill Eigenvalue bounds on convergence to stationarity for nonreversible markov chains , 1991 .

[7]  Sundar Vishwanathan,et al.  Rapidly Mixing Markov Chains , 1996 .

[8]  Gilles Zémor Hash functions and Cayley graphs , 1994, Des. Codes Cryptogr..

[9]  Gábor Hetyei,et al.  On the diameter of finite groups , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[10]  Béla Bollobás,et al.  The diameter of random regular graphs , 1982, Comb..

[11]  Ronald L. Rivest,et al.  Inference of finite automata using homing sequences , 1989, STOC '89.

[12]  Ronald L. Rivest,et al.  Diversity-Based Inference of Finite Automata (Extended Abstract) , 1987, FOCS.

[13]  Nabil Kahale,et al.  Better expansion for Ramanujan graphs , 1991, [1991] Proceedings 32nd Annual Symposium of Foundations of Computer Science.

[14]  Noga Alon,et al.  lambda1, Isoperimetric inequalities for graphs, and superconcentrators , 1985, J. Comb. Theory, Ser. B.

[15]  Alexander Lubotzky,et al.  Cayley graphs: eigenvalues, expanders and random walks , 1995 .

[16]  Nabil Kahale,et al.  On the second eigenvalue and linear expansion of regular graphs , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[17]  R. M. Tanner Explicit Concentrators from Generalized N-Gons , 1984 .

[18]  Ronitt Rubinfeld,et al.  Efficient learning of typical finite automata from random walks , 1993, STOC.

[19]  Béla Bollobás,et al.  Random Graphs , 1985 .

[20]  Gilles Zémor,et al.  Hashing with SL_2 , 1994, CRYPTO.

[21]  Endre Szemerédi,et al.  On the second eigenvalue of random regular graphs , 1989, STOC '89.

[22]  Ronald L. Rivest,et al.  Diversity-based inference of finite automata , 1994, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[23]  László Babai,et al.  Transparent Proofs and Limits to Approximation , 1994 .

[24]  B. McKay The expected eigenvalue distribution of a large regular graph , 1981 .

[25]  Bojan Mohar,et al.  Isoperimetric numbers of graphs , 1989, J. Comb. Theory, Ser. B.

[26]  Antoine Joux,et al.  The action of a few permutations on r-tuples is quickly transitive , 1998, Random Struct. Algorithms.

[27]  Russell Impagliazzo,et al.  How to recycle random bits , 1989, 30th Annual Symposium on Foundations of Computer Science.

[28]  John D. Lafferty,et al.  Fast Fourier Analysis for SL2 over a Finite Field and Related Numerical Experiments , 1992, Exp. Math..

[29]  Joel Friedman,et al.  On the second eigenvalue and random walks in randomd-regular graphs , 1991, Comb..

[30]  Milena Mihail,et al.  Conductance and convergence of Markov chains-a combinatorial treatment of expanders , 1989, 30th Annual Symposium on Foundations of Computer Science.

[31]  Carl H. Smith,et al.  Inductive Inference: Theory and Methods , 1983, CSUR.

[32]  N. Alon,et al.  il , , lsoperimetric Inequalities for Graphs , and Superconcentrators , 1985 .

[33]  Andrei Z. Broder,et al.  On the second eigenvalue of random regular graphs , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[34]  E. Mark Gold,et al.  Complexity of Automaton Identification from Given Data , 1978, Inf. Control..