Abstract
Let p ≥ 3 be a prime, e ≥ 2 an integer and \(\mathbb {Z}_{p^{e}}\) the residue ring modulo pe. Let σ(x) be a primitive polynomial of degree n over \(\mathbb {Z}_{p^{e}}\) and let G′(σ(x), pe) be the set of primitive linear recurring sequences over \(\mathbb {Z}_{p^{e}}\) generated by σ(x). A compressing mapping \(\varphi :\mathbb {Z}_{p^{e}}\rightarrow \mathscr {A}\) naturally induces a mapping \(\widehat {\varphi }\) on G ′(σ(x), pe), i.e., \(\widehat {\varphi }\) maps a sequence (…,si− 1,si,si+ 1,… ) to (…,φ(si− 1),φ(si),φ(si+ 1),… ). For any pair of sequences in \(\{\widehat {\varphi }(\underline {s}):\underline {s}\in G^{\prime }_{~}(\sigma (x),p^{e})\}\), it is desirable to determine whether (at least) one element of \(\mathscr {A}\) is distributed differently in them. For \(\emptyset \neq D\subseteq \mathscr {A}\), \(\widehat {\varphi }\) is said to be injective on G ′(σ(x), pe) w.r.t. D-uniformity if for any two distinct sequences \(\underline {u},\underline {v}\in G^{\prime }_{~}(\sigma (x),p^{e})\), the distribution of at least one element of D in \(\widehat {\varphi }(\underline {u})\) differs from that in \(\widehat {\varphi }(\underline {v})\). A sufficient condition on φ is given to ensure that \(\widehat {\varphi }\) is injective on G ′(σ(x), pe) w.r.t. D-uniformity. If \(\left (\left ((x^{p^{n}-1}-1)^{2}\bmod \sigma (x)\right ) \bmod p^{3}\right ) \notin p^{2}\mathbb {Z}_{p}\), then an equivalent condition on φ is obtained to decide whether \(\widehat {\varphi }\) is injective on G ′(σ(x), pe) w.r.t. D-uniformity. Furthermore, quantitative estimation suggests that almost all mappings on \(\mathbb {Z}_{p^{e}}\) induce injective mappings on G ′(σ(x), pe) as p and e increase.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Dai, Z.D.: Binary sequences derived from ML-sequences over rings I: Periods and minimal polynomials. J. Crypt. 5(4), 193–207 (1992)
Huang, M.-Q.: Analysis and cryptologic evaluation of primitive sequences over an integer residue ring, Ph.D. dissertation, Graduate School of USTC, Academia Sinica, Beijing (1988) (in Chinese)
Huang, M.-Q., Dai, Z.-D.: Projective maps of linear recurring sequences with maximal p-adic periods. Fibonacci Quart. 30(2), 139–143 (1992)
Jacobson, N.: Basic algebra II, 2nd edn. W. H. Freeman and Company, New York (1989)
Jiang, Y.-P., Lin, D.-D.: Distribution properties of compressing sequences derived from primitive sequences modulo odd prime powers. IEEE Trans. Inf. Theory 60(10), 6602–6608 (2014)
Jiang, Y.-P., Zheng, Q.-X., Lin, D.-D.: On s-uniform property of compressing sequences derived from primitive sequences modulo odd prime powers. Sci. China Inf. Sci. 60, 052102 (2017). https://doi.org/10.1007/s11432-015-5472-x
Kuzmin, A.S.: Lower estimates for the ranks of coordinate sequences of linear recurrent sequences over primary residue rings of integers. Russ. Math. Surv. 48(3), 203–204 (1993)
Kurakin, V.L., Kuzmin, A.S., Mikhalev, A.V., Nechaev, A.A.: Linear recurring sequences over rings and modules. J. Math. Sci. 76(6), 2793–2915 (1995)
Kuzmin, A.S., Nechaev, A.A.: Linear recurring sequences over Galois rings. Algebra Logic 34(2), 87–100 (1995)
Kuzmin, A.S., Nechaev, A.A.: Linear recurring sequences over Galois ring. Russ. Math. Surv. 48(1), 171–172 (1993)
Nechaev, A.A.: Linear recurring sequences over commutative rings. Discrete Math. 3(4), 107–121 (1991)
Qi, W.-F.: Compressing maps of primitive sequences over Z/(2e) and analysis of their derivative sequences. Higher Education Press, Beijing (2001) (in Chinese)
Qi, W.-F., Yang, J.-H., Zhou, J.-J.: ML-sequences over rings Z/(2e). In: Advances in Cryptology–ASIACRYPT’98, vol. 1514, pp. 315–326. LNCS. Springer, Berlin 1998 (1998)
Reeds, J.A., Sloane, N.J.A.: Shift-register synthesis (modulo m). SIAM J. Comput. 14(3), 505–513 (1985)
Sun, Z.-H., Qi, W.-F.: Injective maps on primitive sequences over Z/(p e). Appl. Math. J. Chinese Univ. Ser. B 22(4), 469–477 (2007)
Tian, T., Qi, W.-F.: Injectivity of compressing maps on primitive sequences over \(\mathbb {Z}/(p^{e})\). IEEE Trans. Inf. Theory 53(8), 2960–2966 (2007)
Ward, M.: The arithmetical theory of linear recurring series. Trans. Am. Math. Soc. 35, 600—628 (1933)
Zeng, K.-C., Dai, Z.-D., Huang, M.-Q.: Injectiveness of mappings from ring sequences to their sequences of the significant bits. In: Symposium on Problems of Cryptology, pp. 132–141. State Key Laboratory of Information Security, Beijing (1995)
Zheng, Q.-X., Qi, W.-F.: Distribution properties of compressing sequences derived from primitive sequences over \(\mathbb {Z}/(p^{e})\). IEEE Trans. Inf. Theory 56(1), 555–563 (2010)
Zheng, Q.-X., Qi, W.-F., Tian, T.: Further result on distribution properties of compressing sequences derived from primitive sequences over Z/(p e). IEEE Trans. Inf. Theory 59(8), 5016–5022 (2013)
Zhu, X.-Y., Qi, W.-F.: Compression mappings on primitive sequences over Z/(p e). IEEE Trans. Inf. Theory 50(10), 2442–2448 (2004)
Zhu, X.-Y., Qi, W.-F.: Uniqueness of the distribution of zeros of primitive level sequences over Z/(p e). Finite Fields Appl. 11, 30–44 (2005)
Zhu, X.-Y., Qi, W.-F.: Uniqueness of the distribution of zeros of primitive level sequences over \(\mathbb {Z}/(p^{e})\) (II). Finite Fields Appl. 13, 230–248 (2007)
Zhu, X.-Y., Qi, W.-F.: Further result of compressing maps on primitive sequences modulo odd prime powers. IEEE Trans. Inf. Theory 53(8), 2985–2990 (2007)
Zhu, X.-Y., Qi, W.-F.: On the distinctness of modular reductions of maximal length sequences modulo odd prime powers. Math. Comput. 77(263), 1623–1637 (2008)
ETSI/SAGE Specification: Specification of the 3GPP confidentiality and integrity algorithms 128-EEA3 & 128-EIA3. Document 2: ZUC Specification; Version: 1.5; Date: 4th January. http://www.gsma.com/technicalprojects/fraud-security/security-algorithms(2011)
Acknowledgements
The authors would like to express their gratitude to the editor and the anonymous reviewers for their invaluable and inspiring suggestions which helped to improve the manuscript. The authors also thank Miss Hongyu Li for her help on English writing.
This work is supported by National Natural Science Foundation of China (Grant No. 61502441 and 61602526), and by Science and Technology on Communication Security Laboratory Foundation (Grant No. 9140C110301150C11051).
Author information
Authors and Affiliations
Corresponding author
Appendices
Appendix A: Proof of Lemma 8
Proof
(Proof of Lemma 8) First, we prove the following claim.
Claim. If \(\underline {u}\not \sim {h_{\sigma }(x)}\underline {v}\),then for any \(a\in {\mathbb {Z}_{p^{e}}^{*}}\), (3) is satisfiable.
Let \(a\in {\mathbb {Z}_{p^{e}}^{*}}\). Consider the following four cases.
-
(i)
\(\underline {u}\bmod p\),\({h_{\sigma }(x)}\underline {u}\bmod p\),\({h_{\sigma }(x)}\underline {v}\bmod p\)and \(\underline {v}\bmod p\)are linearly independent over \(\mathbb {Z}_{p}\).By Lemma 3, (3) is satisfiable.
In Cases (ii)–(iv) below, \(\underline {u}\bmod p\),\({h_{\sigma }(x)}\underline {u}\bmod p\),\({h_{\sigma }(x)}\underline {v}\bmod p\)and\(\underline {v}\bmod p\)are linearlydependent over \(\mathbb {Z}_{p}\).
-
(ii)
\(\underline {u}\bmod p\),\({h_{\sigma }(x)}\underline {u}\bmod p\)and\({h_{\sigma }(x)}\underline {v}\bmod p\)are linearlyindependent over \(\mathbb {Z}_{p}\).Then \(\underline {v} \equiv d_0\underline {u} + d_1 {h_{\sigma }(x)}\underline {u} + d_2{h_{\sigma }(x)}\underline {v}\bmod p\)for some\(d_0,d_1,d_2\in \mathbb {Z}\). By Statement (iii) of Lemma 4, \(\underline {v}\not \sim {h_{\sigma }(x)}\underline {v}\), implying that at least one of d0 and d1is relatively prime to p. Then we only have to consider the following two subcases.
-
Subcase p∣d1.Then p ∤ d0.By Lemma 3, there exists \(t_0\in \mathbb {Z}\)satisfying
$$\left\{ \begin{array}{lcc} \underline{u}(t_{0}) & \equiv & {a} \mod p,\\ {h_{\sigma}(x)}\underline{u}(t_{0}) & \not\equiv & 0 \mod p, \\ {h_{\sigma}(x)}\underline{v}(t_{0}) & \equiv & 0 \mod p. \end{array}\right. $$Then\(\underline {v}(t_0)\equiv d_0\underline {u}(t_0) + d_1 {h_{\sigma }(x)}\underline {u}(t_0) + d_2{h_{\sigma }(x)}\underline {v}(t_0) \equiv d_0 a \not \equiv 0 \bmod p\).Therefore, (3) is satisfiable.
-
Subcase p ∤ d1. Sincep ≥ 3, we can choose\(b\in \{i\in \mathbb {Z}:p\nmid i,i\not \equiv -d_0a/d_1\bmod p\}\). By Lemma3, there exists \(t_0\in \mathbb {Z}\)satisfying
$$\left\{ \begin{array}{lclc} \underline{u}(t_{0}) & \equiv & {a} &\mod p,\\ {h_{\sigma}(x)}\underline{u}(t_{0}) & \equiv & b\not\equiv0 &\mod p, \\ {h_{\sigma}(x)}\underline{v}(t_{0}) & \equiv & 0 &\mod p. \end{array}\right. $$Then\(\underline {v}(t_0)\equiv d_0\underline {u}(t_0) + d_1 {h_{\sigma }(x)}\underline {u}(t_0) + d_2{h_{\sigma }(x)}\underline {v}(t_0) \equiv d_0 a + d_1 b \not \equiv 0\bmod p\).Therefore, (3) is satisfiable.
-
In Cases (iii)–(iv) below, \(\underline {u}\bmod p\),\({h_{\sigma }(x)}\underline {u}\bmod p\)and\({h_{\sigma }(x)}\underline {v}\bmod p\)are linearly dependentover \(\mathbb {Z}_{p}\). By Statement(iii) of Lemma 4, \(\underline {u}\not \sim {h_{\sigma }(x)}\underline {u}\). Thenthere exist \(r_0,r_1\in \mathbb {Z}\)satisfying\({h_{\sigma }(x)}\underline {v} \equiv r_0\underline {u} + r_1{{h_{\sigma }(x)}}\underline {u}\bmod p\). By Statement(iv) of Lemma 4, \({h_{\sigma }(x)}\underline {u}\not \sim {h_{\sigma }(x)}\underline {v}\),implying p ∤ r0.
-
(iii)
p ∤ r1.Consider two subcases.
-
Subcase: \(\underline {v}\bmod p\),\(\underline {u}\bmod p\)and \({h_{\sigma }(x)}\underline {u}\bmod p\)are linearly independent over \(\mathbb {Z}_{p}\).Then by Lemma 3, there exists \(t_0\in \mathbb {Z}\)satisfying
$$\left\{ \begin{array}{lcl} \underline{u}(t_{0}) & \equiv & {a} \mod p,\\ {h_{\sigma}(x)}\underline{u}(t_{0}) & \equiv & -r_{0}{a}/r_{1} \mod p, \\ \underline{v}(t_{0}) & \not\equiv & 0 \mod p. \end{array}\right. $$Then\({h_{\sigma }(x)}\underline {v}(t_0)\equiv r_0\underline {u}(t_0) + r_1{{h_{\sigma }(x)}}\underline {u}(t_0)\equiv 0\bmod p\). Notethat \({h_{\sigma }(x)}\underline {u}(t_0)\equiv -r_0{a}/r_1\not \equiv 0\bmod p\).Therefore, (3) is satisfiable.
-
Subcase: \(\underline {v}\bmod p\),\(\underline {u}\bmod p\)and\({h_{\sigma }(x)}\underline {u}\bmod p\)are linearly dependentover \(\mathbb {Z}_{p}\). By Statement(iii) of Lemma 4, \(\underline {u}\not \sim {h_{\sigma }(x)}\underline {u}\).Then \(\underline {v}\equiv d_0\underline {u} + d_1{{h_{\sigma }(x)}}\underline {u}\bmod p\)for some\(d_0,d_1\in \mathbb {Z}\). Furthermore, byLemma 3, there exists \(t_0\in \mathbb {Z}\)satisfying \(\underline {u}(t_0)\equiv {a}\bmod p\)and \({h_{\sigma }(x)}\underline {u}(t_0)\equiv -r_0{a}/r_1\bmod p\), andwe have \({h_{\sigma }(x)}\underline {v}(t_0)\equiv r_0\underline {u}(t_0) + r_1{{h_{\sigma }(x)}}\underline {u}(t_0)\equiv 0\bmod p\).Note that we have the following matrix equality
$$\left( \begin{array}{c} \underline{v}\\ {h_{\sigma}(x)}\underline{v} \end{array}\right) \equiv \left( \begin{array}{cc} d_{0}&d_{1}\\r_{0}&r_{1} \end{array}\right) \left( \begin{array}{c} \underline{u}\\ {h_{\sigma}(x)}\underline{u} \end{array}\right) \mod p. $$Besides, by Statement (iii) of Lemma 4, we have\(\underline {v}\not \sim {h_{\sigma }(x)}\underline {v}\). Hence,d0r1≢d1r0 mod p. Then\(\underline {v}(t_0) = d_0\underline {u}(t_0) + d_1{{h_{\sigma }(x)}}\underline {u}(t_0) \equiv d_0a - d_1r_0{a}/r_1\not \equiv 0 \bmod p\).Therefore, (3) is satisfiable.
-
-
(iv)
p∣r1, i.e.,\({h_{\sigma }(x)}\underline {v} \equiv r_0\underline {u} \bmod p\), contradictory tothe given condition \(\underline {u}\not \sim {h_{\sigma }(x)}\underline {v}\).
Therefore, all possible cases are exhausted, and if\(\underline {u}\not \sim {h_{\sigma }(x)}\underline {v}\), thenone of Cases (i)–(iii) holds and (3) is satisfiable.
Similar to the above claim, the following claim also holds:
Claim. If \(\underline {v}\not \sim {h_{\sigma }(x)}\underline {u}\),then for any \(a\in {\mathbb {Z}_{p^{e}}^{*}}\),(4) is satisfiable.
If Condition 1 does not hold, then \(\underline {u}\not \sim {h_{\sigma }(x)}\underline {v}\)or \(\underline {v}\not \sim {h_{\sigma }(x)}\underline {u}\).By the above two claims, at least one of (3) and (4) is satisfiable.□
Appendix B: Proof of Lemma 14
To prove Lemma 14, we prepare Lemma 18. By Lemma 18, given a0,a1,…,am satisfying \(\left (a_{i-1},a_i\right )\in \widetilde {{R}}_{\epsilon }\left (\underline {u},\underline {v}\right )\), 1 ≤ i ≤ m, we can derive b0,b1,…,bm satisfying b0 = a0 and \(\left (b_{i-1},b_i\right )\in \widetilde {{R}}_{\epsilon + 1}\left (\underline {u},\underline {v}\right )\), 1 ≤ i ≤ m.
Lemma 18
Let\(\underline {u}\), \(\underline {v}\)andℓbe given as in Lemma 14. Letℓ < 𝜖 < eanda ∈ A. If there exist\(t_i \in \mathbb {Z}\), 0 ≤ i ≤ m, satisfying
then there exist\(t_i^{\prime } \in t_i + \left (p^{n}-1\right ) p^{\epsilon -1} \mathbb {Z}\),0 ≤ i ≤ m, such that
Proof
For 0 ≤ i ≤ m,let \( t_{i}^{\prime } = t_{i} + \left (p^{n}-1\right ){p^{\epsilon -1}d_{i}}\), where
Because \(\underline {u}(t_{0})\equiv a\bmod p^{\epsilon }\) and \({h_{\sigma }(x)}\underline {u}(t_0)\not \equiv 0\bmod p\), d0is well-defined.By Lemma 5, \(\underline {v}(t_{i-1}^{\prime })\equiv \underline {v}(t_{i-1}) \equiv \underline {u}(t_{i}) \bmod p^{\epsilon }\), 1 ≤ i ≤ m. As given above, \({h_{\sigma }(x)}\underline {u}(t_i)\not \equiv 0\bmod p\), 1 ≤ i ≤ m. So, di is well-definedfor any 1 ≤ i ≤ m. Then by Lemma 5,
Besides, by Statement (i) of Lemma 4, the sequence \({h_{\sigma }(x)}\underline {u}\bmod p\) is of period pn − 1 and hence \({h_{\sigma }(x)}\underline {u}(t_i^{\prime })\equiv {h_{\sigma }(x)}\underline {u}(t_i)\not \equiv 0\bmod p\), 0 ≤ i ≤ m.□
Proof
(Proof of Lemma 14) Choose any a0 ∈A and b = a0 + dp𝜖,where \(d\in \mathbb {Z}\).
Suppose that Statement 1 holds for l = 𝜖. Then there exist k > 0 and \(\left \{{a_1,\dots ,a_k}\right \}\subseteq \left \{{a_0\gamma ^{i}:i\in \mathbb {Z}}\right \}+p^{\ell } \mathbb {Z}_{p^{e}}\) such that ak = a0 + dp𝜖− 1,γk ≡ 1 mod pℓ, and \(\left (a_{i-1},a_i\right )\in \widetilde {{R}}_{\epsilon }\left (\underline {u},\underline {v}\right )\), 1 ≤ i ≤ k. By the definition of \(\widetilde {{R}}_{\epsilon }\left (\underline {u},\underline {v}\right )\), for any 1 ≤ i ≤ k, there exists ti− 1,0 such that \(\underline {u}(t_{i-1,0}) \equiv a_{i-1}\bmod p^{\epsilon }\), \(\underline {v}(t_{i-1,0}) \equiv a_i \bmod p^{\epsilon }\) and \({h_{\sigma }(x)}\underline {u}(t_{i-1,0})\not \equiv 0\mod p\). So, we have
The proof consists of three steps. In the first step, we find ti, j′,0 ≤ i < k,0 ≤ j < p − 1, to form a chain oftransitive pairs in \(\widetilde {{R}}_{\epsilon + 1}\left (\underline {u},\underline {v}\right )\), i.e.,
The second step shows \(\underline {v}(t_{k-1,p-1}^{\prime })-\underline {u}(t_{0,0}^{\prime })\equiv dp^{\epsilon }\bmod p^{\epsilon + 1}\). Using the above chain of transitive pairs, in the third step we prove that Statement 1 holds for l = 𝜖 + 1 with arbitrarily chosen a0 and \(b\in a_0+p^{\epsilon }\mathbb {Z}_{p^{e}}\) above.
- Step 1: :
-
Let
$$\left\{ \begin{array}{ccll} r_{i} & = &\gamma^{i} d / \left( {h_{\sigma}(x)}\underline{u}(t_{i,0})\right)\bmod p,&0\leq i<k,\\ t_{i,j} &=& t_{i,0} + jr_{i} p^{\epsilon-2}\left( p^{n}-1\right),& 0\leq i < k, 1\leq j<p. \end{array} \right. $$For 1 ≤ i < k and 1 ≤ j < p, we have
$$\begin{array}{@{}rcl@{}} \underline{v}({t_{i-1,j}}) &\equiv & \underline{v}\left( {t_{i-1,0} + (p^{n}-1){jr_{i-1}p^{\epsilon-2}}}\right)\\ &\equiv & \underline{v}({t_{i-1,0}}) + jr_{i-1}p^{\epsilon-1} {h_{\sigma}(x)}\underline{v}({t_{i-1,0}}) \qquad \text{~by Lemma 5} \\ &\equiv & \underline{u}({t_{i,0}}) + jr_{i-1}\gamma p^{\epsilon-1} {h_{\sigma}(x)}\underline{u}({t_{i-1,0}})\qquad \text{ \;\,by (14b) and } \underline{v}\equiv \gamma\underline{u}\bmod p\\ &\equiv &\underline{u}({t_{i,0}}) + j r_{i} p^{\epsilon-1}{h_{\sigma}(x)}\underline{u}({t_{i,0}})\\ &\equiv &\underline{u}\left( {t_{i,0} + (p^{n}-1){jr_{i}p^{\epsilon-2}}}\right)\qquad \qquad\qquad \text{by Lemma 5}\\ &\equiv& \underline{u}\left( t_{i,j}\right) \mod p^{\epsilon}, \end{array} $$(15)and for 1 ≤ j < p, we have
$$\begin{array}{@{}rcl@{}} \underline{v}(t_{k-1,j-1})&\equiv &\underline{v}\left( t_{k-1,0} + (j-1) r_{k-1} p^{\epsilon-2}\left( p^{n}-1\right)\right)\\ &\equiv&\underline{v}(t_{k-1,0}) + (j-1)r_{k-1}p^{\epsilon-1}{h_{\sigma}(x)}\underline{v}(t_{k-1,0})\qquad\quad\text{by Lemma 5}\\ &\equiv& \underline{u}(t_{0,0}) + dp^{\epsilon-1} + (j-1)r_{k-1}\gamma p^{\epsilon-1}{h_{\sigma}(x)}\underline{u}(t_{k-1,0})\\ &&\hspace{0.36\textwidth}{\text{by (14c), (14d) and } \underline{v}\equiv \gamma\underline{u}\bmod p}\\ &\equiv& \underline{u}(t_{0,0}) + j r_{0}p^{\epsilon-1}{h_{\sigma}(x)}\underline{u}(t_{0,0})\qquad\qquad\qquad\quad\text{by } \gamma^{k}\equiv1\bmod p\\ &\equiv & \underline{u}\left( t_{0,0} + jr_{0}p^{\epsilon-2}\left( p^{n}-1\right)\right)\qquad\qquad\qquad\qquad\qquad\text{by Lemma 5} \\ &\equiv & \underline{u}(t_{0,j}) \mod p^{\epsilon}. \end{array} $$(16)By Statement (i) of Lemma 4, the sequence \({h_{\sigma }(x)}\underline {u}\bmod p\) is of period pn − 1, and henceby (14a), for 1 ≤ i < k, 1 ≤ j < p, we have
$$ {h_{\sigma}(x)}\underline{u}(t_{i,j})\equiv{h_{\sigma}(x)}\underline{u}(t_{i,0})\not\equiv 0\mod p. $$(17)By (14a), (15), (16), (17) and Lemma 18, there exist \(t^{\prime }_{i,j}\in t_{i,j} + (p^n-1) p^{\epsilon -1}\mathbb {Z}\), 0 ≤ i < k,0 ≤ j < p, such that
$$\begin{array}{@{}rcl@{}} {\kern2.4pc}\left\{ \begin{array}{rllr} {h_{\sigma}(x)}\underline{u}(t_{i,j}^{\prime})&\not\equiv& 0\mod p,\qquad\qquad\qquad\;\; 0\leq i< k,0\leq j< p,&\quad\quad{\kern5.9pt}\text{(18a)}\\ \underline{u}(t_{i,j}^{\prime}) & \equiv& \underline{v}(t_{i-1,j}^{\prime}) \mod p^{\epsilon+ 1},\qquad 1\leq i< k,0\leq j< p,&\text{(18b)}\\ \underline{u}(t_{0,j}^{\prime})& \equiv& \underline{v}(t_{k-1,j-1}^{\prime}) \mod p^{\epsilon+ 1}, \qquad\qquad\;\;\;\; 1\leq j< p,&\text{(18c)}\\ \underline{u}(t_{0,0}^{\prime}) & \equiv& a_{0} \mod p^{\epsilon+ 1}.&\text{(18d)} \end{array}\right. \end{array} $$ - Step 2: :
-
Denote \(\underline {w}=(\underline {v}-\gamma \underline {u})/p^{\ell }\). ByLemmas 13 and 5, for 0 ≤ i < k,we have
$$\begin{array}{@{}rcl@{}} &&\underline{v}{(t_{i,j}^{\prime})} - \underline{v}(t_{i,0}^{\prime}) \\ &\equiv&\gamma(\underline{u}({t_{i,j}^{\prime}})-\underline{u}({t_{i,0}^{\prime}})) + p^{\ell}(\underline{w}(t_{i,j}^{\prime})-\underline{w}(t_{i,0}^{\prime})) \\ &\equiv&\gamma(\underline{u}({t_{i,j}^{\prime}})-\underline{u}({t_{i,0}^{\prime}})) + p^{\ell+\epsilon-1}jr_{i} {h_{\sigma}(x)}\underline{w}({t_{i,0}^{\prime}})\mod p^{\min\left\{{\epsilon+\ell,e}\right\}}. \end{array} $$(19)Iteratively using (18b) and (19), for 0 ≤ j < p we have
$$\begin{array}{@{}rcl@{}} &&\underline{v}({t_{k-1,j}^{\prime}})-\underline{v}({t_{k-1,0}^{\prime}})\equiv \gamma^{k}(\underline{u}({t_{0,j}^{\prime}})-\underline{u}({t_{0,0}^{\prime}}))\\ &&+ j p^{\ell+\epsilon-1} {\sum}_{i = 0}^{k-1} \gamma^{k-1-i}r_{i} {h_{\sigma}(x)}\underline{w}({t_{i,0}^{\prime}})\mod p^{\epsilon+ 1}. \end{array} $$(20)Recalling γk ≡ 1 mod pℓ,for 1 ≤ j ≤ p − 1 we have
$$\begin{array}{@{}rcl@{}} &&(\underline{v}({t_{k-1,j}^{\prime}})-\underline{u}({t_{0,j}^{\prime}}))-(\underline{v}({t_{k-1,0}^{\prime}})-\underline{u}({t_{0,0}^{\prime}}))\\ &\equiv&(\underline{v}({t_{k-1,j}^{\prime}})-\underline{v}({t_{k-1,0}^{\prime}}))-(\underline{u}({t_{0,j}^{\prime}}) - \underline{u}({t_{0,0}^{\prime}})) \\ &\equiv&(\gamma^{k}-1)(\underline{u}({t_{0,j}^{\prime}})-\underline{u}({t_{0,0}^{\prime}})) + j p^{\ell+\epsilon-1} \sum\limits_{i = 0}^{k-1} \gamma^{k-1-i}r_{i} {h_{\sigma}(x)}\underline{w}({t_{i,0}^{\prime}}) \text{ by (20)} \\ &\equiv&(\gamma^{k}-1)p^{\epsilon-1}jr_{0}{h_{\sigma}(x)}\underline{u}({t_{0,0}^{\prime}})\\ && + j p^{\ell+\epsilon-1} \sum\limits_{i = 0}^{k-1} \gamma^{k-1-i}r_{i} {h_{\sigma}(x)}\underline{w}({t_{i,0}^{\prime}}) \bmod p^{\epsilon+ 1}. \text{ by Lemma 5} \end{array} $$(21)Denote \({\Delta }^{\prime }=\underline {v}({t_{k-1,p-1}^{\prime }})-\underline {u}({t_{0,0}^{\prime }})\).By Lemma 5, (14c) and (14d),
$$ \underline{v}(t_{k-1,0}^{\prime})-\underline{u}(t_{0,0}^{\prime}) \equiv\underline{v}(t_{k-1,0})-\underline{u}(t_{0,0})\equiv dp^{\epsilon-1}\bmod p^{\epsilon}. $$(22)Then we have
$$\begin{array}{@{}rcl@{}} {\Delta}^{\prime} &\equiv & \sum\limits_{j = 0}^{p-1}(\underline{v}({t_{k-1,j}^{\prime}}) - \underline{u}({t_{0,j}^{\prime}}))\qquad\qquad\qquad\qquad\qquad\qquad\quad\text{by (18c)}\\ &\equiv & dp^{\epsilon} + (\gamma^{k}-1)p^{\epsilon-1}r_{0}{h_{\sigma}(x)}\underline{u}({t_{0,0}^{\prime}})\sum\nolimits_{j = 1}^{p-1}j \\ && + p^{\ell+\epsilon-1}\sum\limits_{i = 0}^{k-1}\gamma^{k-1-i}r_{i}{h_{\sigma}(x)}\underline{w}({t_{i,0}^{\prime}})\sum\nolimits_{j = 1}^{p-1}j \mod p^{\epsilon+ 1}.\text{ by (21) and (22)} \end{array} $$Since p∣(γk − 1)and\({\sum }_{j = 1}^{p-1}j \equiv p(p-1)/2\equiv 0\bmod p\), wehave Δ′≡dp𝜖 mod p𝜖+ 1.Thus, by (18d), we have
$$ \underline{v}(t_{k-1,p-1}^{\prime})\equiv \underline{u}(t_{0,0}^{\prime})+{\Delta}^{\prime} \equiv a_{0} + dp^{\epsilon}\equiv b\mod p^{\epsilon+ 1}. $$(23) - Step 3: :
-
Let a0′ = a0,apk′ = b, and\(a^{\prime }_{i+kj} = \underline {u}(t_{i,j}^{\prime })\), where 0 ≤ i < k,0 ≤ j < p and (i, j) ≠ (0, 0). Then we have \(a^{\prime }_1\dots ,a^{\prime }_{pk}\) satisfying
$$\left\{ \begin{array}{ll} a^{\prime}_{pk} = b,&\\ \gamma^{pk}\equiv(\gamma^{k})^{p}\equiv1\mod p^{\ell},&\\ \left( a^{\prime}_{j-1},a^{\prime}_{j}\right)\in\widetilde{{R}}_{\epsilon+ 1}\left( \underline{u},\underline{v}\right), 1\leq j\leq pk.& \text{by (18) and (23)} \end{array}\right. $$Since \(\underline {v}\equiv \gamma \underline {u}\bmod p^{\ell }\),𝜖 ≥ℓ + 1 and \(\left (a^{\prime }_{j-1},a^{\prime }_j\right )\in \widetilde {{R}}_{\epsilon + 1}\left (\underline {u},\underline {v}\right )\), where 1 ≤ j ≤ pk, we have \(a^{\prime }_j\in \left \{{a_0\gamma ^t:t\in \mathbb {Z}}\right \}+p^{\ell } \mathbb {Z}_{p^{e}}\) for 1 ≤ j ≤ pk. Therefore, Statement 1 holds for l = 𝜖 + 1.□
Rights and permissions
About this article
Cite this article
Wang, L., Hu, Z. Injectivity on distribution of elements in the compressed sequences derived from primitive sequences over \(\mathbb {Z}_{p^{e}}\). Cryptogr. Commun. 11, 167–189 (2019). https://doi.org/10.1007/s12095-017-0278-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12095-017-0278-x