Journal of Applied Mathematics

Volume 2011, Article ID 675484, 18 pages

http://dx.doi.org/10.1155/2011/675484

## Some New Constructions of Authentication Codes with Arbitration and Multi-Receiver from Singular Symplectic Geometry

College of Science, Civil Aviation University of China, Tianjin 300300, China

Received 29 May 2011; Accepted 4 November 2011

Academic Editor: Junjie Wei

Copyright © 2011 You Gao and Huafeng Yu. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

#### Abstract

A new construction of authentication codes with arbitration and multireceiver from singular symplectic geometry over finite fields is given. The parameters are computed. Assuming that the encoding rules are chosen according to a uniform probability distribution, the probabilities of success for different types of deception are also computed.

#### 1. Introduction

Let , and be four nonempty finite sets, and let and be two maps. The six-tuple is called an authentication code with arbitration (-code) if(1)the maps and are surjective;(2)for any and , if there is a , satisfying , then such an is uniquely determined by the given and ;(3) and implies , otherwise, .

, and are called the set of source states, the set of transmitter’s encoding rules, the set of receiver’s decoding rules, and the set of messages, respectively; and are called the encoding map and decoding map, respectively. The cardinals , and are called the size parameters of the code.

In [1], Simmons introduced the -code model to solve the transmitter and the receiver’s distrust problem. In [2–4], some Cartesian authentication codes were constructed from symplectic and unitary geometry; in [5–7], authentication codes with arbitration based on symplectic and pseudosymplectic geometry were constructed.

The following notations will be fixed throughout this paper: is a fixed prime. is a field with elements. is a singular symplectic space over with index . () is row vector in whose th coordinate is 1 and all other coordinates are 0. Denote by the -dimensional subspace of generated by . denotes the matrix For more concepts and notations used in this paper, refer to [8].

In an authentication system that permits arbitration, the model includes four attendance: the transmitter, the receiver, the opponent, and the arbiter and includes five attacks.(1)The opponent’s impersonation attack: the largest probability of an opponent’s successful impersonation attack is . Then,(2)The opponent’s substitution attack: the largest probability of an opponent’s successful substitution attack is . Then,(3)The transmitter’s impersonation attack: the largest probability of a transmitter’s successful impersonation attack is . Then,(4)The receiver’s impersonation attack: the largest probability of a receiver’s successful impersonation attack is . Then,(5)The receiver’s substitution attack: the largest probability of a receiver’s successful substitution attack is . Then,

*Notes*

implies that any source encoded by can be authenticated by .

#### 2. The First Construction

In this section, we will construct an authentication code with arbitration from singular symplectic geometry over finite fields.

Assume that , and . Let be a subspace of type in , and let be a fixed subspace of type which contains and orthogonal to , but not orthogonal to .

Our authentication code is a six-tuple where the set of source states the set of transmitter’s encoding rules: the set of receiver’s decoding rules: the set of messages: the encoding function: and the decoding function: ,

Assuming that the transmitter’s encoding rules and the receiver’s decoding rules are chosen according to a uniform probability distribution, we can prove that the construction given above results in an -code.

Lemma 2.1. *The six-tuple is an authentication code with arbitration; that is *(1)*, for all and ;*(2)*for any , is uniquely information source contained in and there is , such that .*

*Proof. *(1) Let be a source state, that is, a subspace of type containing and contained in . Write as
which satisfies

Let be a transmitter’s rule, that is, a subspace of type containing and . So, there exists , such that and
Therefore, is a subspace of type which contains and is a subspace of type , and is not orthogonal to , hence a message.

(2) Now, let *m* be a message; that is, is a subspace of type which contains and intersects at a subspace of type , and is not orthogonal to . By definition, contains , so , so is a source state. Since , there exists but such that . We have to show that there exists such that is a subspace of type , hence a transmitter’s encoding rule.

Assume that has been set; if is a subspace of type , then we are done. So, suppose that is not a subspace of type . Since and , we must have that or . Without loss of generality, let . If we also have , replacing by , we get and . Since is not a subspace of type , certainly . Note that is a subspace of type , , so there exists a vector such that . Replacing by , we have , . Then, is a subspace of type , and , hence is a transmitter's encoding rule.

If there is another source state such that , we have that . by . Since , so . This implies that the source state is uniquely determined by .

Let denote the number of subspaces of type contained in and containing , , the number of subspaces of type contained in and containing a fixed subspace of type as above, and , the number of subspaces of type contained in and containing and not contained in .

Lemma 2.2. *One has
*

*Proof. **(1) Computation of .*

By the transitivity of on the set of subspaces of the same type, we can assume that

Let be a subspace of type contained in and containing . There exists a such that . We may assume that . So, has a matrix representation of the form

It is easy to verify that is a subspace of type in the -dimensional symplectic space. The number of this kind of subspace is denoted by , arbitrarily. Furthermore, we may take as
to compute , where . Since has a matrix representation of the form
where , we have that
*(2) Computation of .*

Let *U* be a subspaces of type contained in and containing a fixed subspace of type which contains , similar to , we may assume that has a matrix representation of the form
where , so is a subspace of type in the -dimensional symplectic space. We have that
*(3) Computation of .*

By the same method as that of (1) and (2), let be a subspaces of type contained in , containing and not contained in . We may assume that the subspace has a matrix representation of the form

So, the number of the subspaces is denoted by . Then, by the transitivity of on the set of subspaces of the same type, we can assume that
where arbitrarily. We may get

Lemma 2.3. *The number of the source states is
*

*Proof. *Since is the number of subspaces of type contained in and containing , we have .

Lemma 2.4. *The number of the encoding rules of transmitter is
*

*Proof. *Since is the number of subspaces of type contained in and containing , let , where , and . By the transitivity of on the set of subspaces of the same type, we can assume that
where . Therefore, and have the respective forms:
Note that and , so the vector cannot lie in . Then, cannot equal zero at the same time. Thus, the number of is and that for is ; we may get

Lemma 2.5. *The number of the encoding rules of receiver is
*

*Proof. * is the number of type intersecting at . Let , where . Following the notion of Lemma 2.4, hence has the form
Clearly, . The number of is , that is,

Lemma 2.6. *For any , let the number of and contained in be and , respectively. Then,
*

*Proof. *Let be a message, and , then is a source state contained in . By Lemma 2.1, we may get a transmitter’s encoding rule contained in . Let . Here, . Following the notation of Lemma 2.4, we can assume that has a matrix representation of the form
where . By and being the subspace of type , we can assume
where . Then,
where .(1)Note that is fixed, so, for , the , and are fixed and, for , the , and are fixed. Therefore, the number of is and the number of is . Then, the number of contained in is
(2)Let be a receiver’s encoding rule contained in , where . Clearly, , then we can assume that has the form
Note that
where . Therefore, the number of is . Then, the number of contained in is

Lemma 2.7. *The number of the messages is
*

*Proof. *For any , there is uniquely and satisfying ; the number of is . Thus,

Lemma 2.8. *(1) For any , the number of contained in is .**(2) For any , the number of containing is .*

*Proof. *(1) Let be a transmitter’s encoding rule; we can assume that . Here, , and . Then, the receiver’s encoding rule contained in should have the form , where . So, the number of is .

(2) Let be a receiver’s encoding rule, and , where . Therefore, is a subspace of type . The number of subspace of type is . Here, . Note that and . It is easy to see that the number of such that is a subspace of type is . So, the number of transmitter’s encoding rules containing is .

Lemma 2.9. *For any and , the number of contained in and containing is
*

*Proof. *Let be a message, and let be a receiver’s encoding rule contained in ; we can assume that , and has a matrix representation of the form
where .

Note that is fixed, so are fixed. Assume that is a transmitter’s encoding rule contained in and containing . Let , where . Thus, has the form
where . Note that and , so . Hence, , , and are fixed. Then, the number of is ; that is, the number of is .

Lemma 2.10. *Assume that and are two distinct messages which commonly contain a transmitter’s encoding rule . and contained in and are two source states, respectively. Assume that , , then , and*(1)*the number of contained in is;*(2)*for any , the number of containing is .*

*Proof. *Since , , and , then . Again because of and , . From , it is easy to know that . Therefore,
(1)By the definition of the message, we can assume that and have the form as follows, respectively:
where ,
where . Thus,
where . Since , therefore
If , then

Since are arbitrary, every row of is the linear combination of the base
thus the number of it is . So, it is easy to know that the number of contained in is

(2)Assume that has the form of (2.46), then, for any , we can assume that
If and , then
where
is the linear combination on the basis of
then the number of containing is .

Theorem 2.11. *The above construction yields an-code with the following size parameters:
**
Moreover, assume that the encoding rules and are chosen according to a uniform probability distribution, the largest probabilities of success for different types of deceptions:
*

*Proof. *(1) The number of containing is then(2)Assume that opponent gets , which is from transmitter, and sends instead of , when contained in is different from contained in ; the opponent’s substitution attack can be successful. Because , the opponent selects satisfying and , then
where .(3)Assume that is transmitter’s encoding rules, is a source state, and . Therefore, the number of receiver’s encoding rules contained in is . Let be another message, such that and . Then, contained is at most . So,(4)From Lemmas 2.8 and 2.9, thus(5)Assume that the receiver declares to receive a message instead of when contained in is different from contained in ; the receiver’s substitution attack can be successful. Since , receiver is superior to select , satisfying , thus , and as large as possible. Therefore, the probability of a receiver’s successful substitution attack is
where .

#### 3. The Second Construction

In this section, from singular symplectic geometry and the first construction, we construct an authentication code with a transmitter and multi-receivers and compute the probabilities of success for different types of deceptions. For the definition of multi-receiver authentication codes, refer to [9].

Let , , and . Let be a subspace of type in , and let be a fixed subspace of type which contains and orthogonal to , but not orthogonal to . Let , Let , Let , and let .

First, we construct -codes. Let , where are the sets of source states, keys, and authenticators of , respectively, and for is the authentication mapping of . Let , where and are the sets of source states, keys, and authenticators of , respectively, and for , is the authentication mapping of . It is easy to know that and are well-defined -codes.

Our authentication scheme is a -tuple;. Let for , and let for . Then,

Therefore, . Thus, our scheme is indeed a well-defined authentication code with a transmitter and multi-receivers.

Theorem 3.1. *In the construction of multi-receiver authentication codes, if the encoding rules are chosen according to a uniform probability distribution, then the probabilities of impersonation attack and substitution attack are, respectively,
**
where .*

*Proof. *Let , then
It is easy to know that , and
From Lemma 2.6, we know that the number of satisfying (3.4) is . For any satisfying (3.4), the number of satisfying is . So,
and , thus
Now, we compute the probability of substitution attack: we know that
and , whenever , while
and , therefore
where .

Two types of construction of authentication codes from singular symplectic geometry over finite fields are given. Among them, in the first construction, based on singular symplectic geometry structure of the authentication code with arbitration, the greatest probabilities of success for different types of deceptions are relatively lower, therefore there are some advantages. In addition, the second construction is based on singular symplectic geometry and is a multi-receiver authentication code. The probabilities of success for different types of deceptions are also computed. The results about multi-receiver authentication codes based on singular symplectic geometry are fewer. Thus, the structure of authentication code and the theory for further discussion are very meaningful.

#### Acknowledgments

This work is supported by the National Natural Science Foundation of China under Grant no. 61179026 and the Natural Science Foundation of Tianjin City under Grant no. 08JCYBJC13900.

#### References

- G. J. Simmons, “Message authentication with arbitration of transmitter/receiver disputes,” in
*Proceedings of the Workshop on the Theory and Application of of Cryptographic Techniques (EUROCRYPT '87)*, vol. 304 of*Lecture Notes in Computer Science*, pp. 151–165, 1987. - Z. X. Wan, “Construction of Cartesian authentication codes from unitary geometry,”
*Designs, Codes and Cryptography*, vol. 2, no. 4, pp. 333–356, 1992. View at Publisher · View at Google Scholar · View at Zentralblatt MATH - H. You and Y. Gao, “Some new constructions of Cartesian authentication codes from symplectic geometry,”
*Systems Science and Mathematical Sciences*, vol. 7, no. 4, pp. 317–327, 1994. View at Google Scholar · View at Zentralblatt MATH - T. Yayuan, “Construction of cartesian authentication codes from symplectic geometry,”
*Journal of Hebei Polytechnic University (Natual Science Edition)*, vol. 30, no. 1, pp. 49–53, 2008 (Chinese). View at Google Scholar - G. You, S. Xinhua, and W. Hongli, “Constructions of authentication codes with arbitration from singular sympleetic geometry over finite fields,”
*Acta Scientiarum Naturalium Universitatis Nankaiensis*, vol. 41, no. 6, pp. 72–77, 2008. View at Google Scholar - R. Li and L. Guo, “Construction of authentication codes with arbitration from unitary geometry,”
*Applied Mathematics Series B*, vol. 14, no. 4, pp. 475–480, 1999. View at Publisher · View at Google Scholar · View at Zentralblatt MATH - G. You and W. Hong-Li, “Construction of authentication codes with arbitration from singular pseudo-symplectic geometry,” in
*Proceedings of the 7th International Conference on Machine Learning and Cybernetics (ICMLC '08)*, vol. 2, pp. 1183–1188, Kunming, China, 2008. View at Publisher · View at Google Scholar - W. Zhexian,
*Geometry of Classical Groups over Finite Fields*, Science Press, Beijing, China, 2nd edition, 2002. - R. Safavi-Naini and H. Wang, “Multireceiver authentication codes: models, bounds, constructions, and extensions,”
*Information and Computation*, vol. 151, no. 1-2, pp. 148–172, 1999. View at Publisher · View at Google Scholar · View at Zentralblatt MATH