The action of a few random permutations on r-tuples and an application to cryptography

  • Joel Friedman
  • Antoine Joux
  • Yuval Roichman
  • Jacques Stern
  • Jean -Pierre Tillich
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1046)


We prove that for every r and d≥2 there is a C such that for most choices of d permutations π1, π2, ..., πd of S n , a product of less than C log n of these permutations is needed to map any r-tuple of distinct integers to another r-tuple. We came across this problem while studying a seemingly unrelated cryptographic problem, and use this result in order to show that certain cryptographic devices using permutation automata are highly insecure. The proof techniques we develop here give more general results, and constitute a first step towards the study of expansion properties of random Cayley graphs over the symmetric group, whose relevance to theoretical computer science is well-known (see [B&al90]).


Directed Graph Undirected Graph Regular Graph Cayley Graph Finite Automaton 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AKS83]
    M. Ajtai, J. Komlòs, E. Szemerédi, “Sorting in c log n parallel steps”, Combinatorica 3 (1983), 1–19.Google Scholar
  2. [Ang78]
    D. Angluin. “On the complexity of minimum inference of regular sets”, Information and Control 39 (1978), 302–320.Google Scholar
  3. [AS83]
    D. Angluin and C.H. Smith. “Inductive inference, theory and methods”, Computing Surveys 15(3) (1983), 237–269.CrossRefGoogle Scholar
  4. [AM85]
    N. Alon and V.D. Milman. “gl1, isoperimetric inequalities for graphs and superconcentrators”, J. Comb. Theory, Ser. B, 38, (1985), 73–88.Google Scholar
  5. [Bab94]
    L. Babai. “Transparent proofs and limits to approximation”, preprint, (1994).Google Scholar
  6. [B&al90]
    L. Babai, G. Hetyei, W.M. Kantor, A. Lubotzky, A. Seres. “On the diameter of finite groups”, 31st annual Symposium on Foundations of Computer Science, (1990), 857–865.Google Scholar
  7. [BGG90]
    M. Bellare, O. Goldreich, S. Goldwasser. “Randomness in interactive proofs”, 31st Annual Symposium on Foundations of Computer Science, IEEE Computer Society Press, (1990), 563–572.Google Scholar
  8. [Bol85]
    B. Bollobas. Random Graphs, Academic Press, London (1985).Google Scholar
  9. [Bol88]
    B. Bollobas. “The isoperimetric number of random regular graphs”, Europ. J. Combinatorics 9 (1988), 241–244.Google Scholar
  10. [BV82]
    B. Bollobas and W. F. de la Vega. “The diameter of random-regular graphs”, Combinatorica, 2, (1982), 125–134.Google Scholar
  11. [BS87]
    A. Broder, E. Shamir. “On the second eigenvalue of random regular graphs”, 28th annual Symposium on Foundations of Computer Science, (1987), 286–284.Google Scholar
  12. [Del89]
    C. Delorme. “Counting closed paths in trees”, Technical Report n.516, University of Paris-Sud, Laboratoire de recherche en informatique Orsay, September 1989 (in French).Google Scholar
  13. [Fil91]
    J. Fill. “Eigenvalue bounds on convergence to stationarity for nonreversible Markov chains with an application to the exclusion processes” Ann. Appl. Prob. 1, (1991), 62–87.Google Scholar
  14. [F&al93]
    Y. Freund, M. Kearns, D. Ron, R. Rubinfeld, R.E. Schapire and L. Sellie. “Efficient learning of typical finite automata from random walks”, 25th ACM Symposium on the Theory of Computing (1993), 315–324.Google Scholar
  15. [FJRST95]
    J. Friedman,A. Joux,Y. Roichman,J. Stern,J.P. Tillich. “The action of a few permutations on r-tuples is quickly transitive”, submitted.Google Scholar
  16. [Fri91]
    J. Friedman. “On the second eigenvalue and random walks in random d-regular graphs”, Combinatorica 11 (4) (1991), 331–362.CrossRefGoogle Scholar
  17. [FKS89]
    J. Friedman, J. Kahn, E. Szemeredi. “On the second eigenvalue in random regular graphs”, 21st annual Symposium on Theory of Computing, ACM press, (1989), 587–598.Google Scholar
  18. [Gol78]
    E.M. Gold. “Complexity of automaton identification from given data”, Information and Control 37 (1978), 302–320.CrossRefGoogle Scholar
  19. [G&al90]
    O. Goldreich, R. Impagliazzo, L. Levin, R. Venkatesen, D. Zuckerman. “Security preserving amplification of randomness”, 31st Annual Symposium on Foundations of Computer Science, IEEE Computer Society Press, (1990), 318–326.Google Scholar
  20. [IZ89]
    R. Impagliazzo, D. Zuckerman. “How to recycle random bits”, 30th Annual Symposium on Foundations of Computer Science, IEEE Computer Society Press, (1989), 248–253.Google Scholar
  21. [JST93]
    A. Joux, J. Stern, J.P. Tillich. “Inferring finite automata by queries of fixed length”, Preprint.Google Scholar
  22. [Kah91]
    N. Kahale. “Better expansions for Ramanujan graphs”, 32nd Annual Symposium on Foundations of Computer Science (1991), 398–404.Google Scholar
  23. [Kah92]
    N. Kahale. “On the second eigenvalue and linear expansion of regular graphs”, 33rd Annual Symposium on Foundations of Computer Science (1992), 296–303.Google Scholar
  24. [LR92]
    J. Lafferty, D. Rockmore. “Fast Fourier analysis for SL 2 over a finite field, and related numerical experiments”, Experimental Mathematics 1, (1992), 115–139.Google Scholar
  25. [Lubl]
    A. Lubotzky. Discrete groups, expanding graphs and invariant measures, Progress in Mathematics, Vol. 125, Birkhäuser 1994.Google Scholar
  26. [Lub2]
    A. Lubotzky. “Cayley graphs: eigenvalues, expanders and random walks”, to appear in Survey in Combinatorics, 1995.Google Scholar
  27. [McK81]
    B. McKay. “The expected eigenvalue distribution of a large regular graph”, Linear Algebra and its Applications, 40, (1981), 203–216.CrossRefGoogle Scholar
  28. [Mih89]
    M. Mihail. “Conductance and convergence of Markov chains—a combinatorial treatment of expanders”, Proceedings of the 30th Annual Symposium on Foundations of Computer Science, 1989.Google Scholar
  29. [Moh89]
    B. Mohar. “Isoperimetric number of graphs”, Journal of Comb. Theory (B) (1989), 274–291.CrossRefGoogle Scholar
  30. [Pip77]
    N. Pippenger. “Superconcentrators”, SIAM J. Comput., 6, (1977), 298–304.CrossRefGoogle Scholar
  31. [RS87]
    R.L. Rivest and R.E. Schapire. “Diversity based inference of finite automata” Proceedings of the 28th Annual Symposium on the Foundations of Computer Science (1987), 78–87.Google Scholar
  32. [RS89]
    R.L. Rivest and R.E. Schapire. “Inference of finite automata using homing sequences” Proceedings of the 21st ACM Symposium on the Theory of Computing (1989), 411–420.Google Scholar
  33. [Tan84]
    R.M. Tanner. “Explicit constructions of concentrators from generalized N-gons”, SIAM J. Alg. Disc. Meth., 5, (1984), 287–293.Google Scholar
  34. [TZ93]
    J.P. Tillich, G. Zémor. “Group-theoretic hash functions”, Proceedings of the 1st French-Israeli Workshop in algebraic coding 1993, Springer Verlag, Lecture Notes 781, 90–110.Google Scholar
  35. [TZ94]
    J.P. Tillich, G. Zémor. “Hashing with SL2”, Advances in Cryptology, Proceedings of CRYPTO94, Springer Verlag, Lecture Notes 839, 40–49.Google Scholar
  36. [Vaz91]
    U. Vazirani. “Rapidly mixing markov chains”, Proceedings of Symposia in Applied Mathematics, Volume 44, (1991), 99–121.Google Scholar
  37. [Zem94]
    G. Zémor. “Hash Functions and Cayley graphs”, to appear in Design, Codes and Cryptography, of October 1994.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Joel Friedman
    • 1
  • Antoine Joux
    • 2
  • Yuval Roichman
    • 3
  • Jacques Stern
    • 4
  • Jean -Pierre Tillich
    • 5
  1. 1.Dept. of MathematicsUniv. of British ColumbiaVancouverCanada
  2. 2.CELARFrance
  3. 3.Dept. of Applied MathematicsMassachussetts Instit. of Tech.CambridgeUSA
  4. 4.Ecole Normale SupérieureParisFrance
  5. 5.GREYCUniversité de CaenCaenFrance

Personalised recommendations