The $c$ -differential properties of a class of power functions

Huan Zhou¹, Xiaoni Du ^1,2,3, Wenping Yuan¹, Xingbin Qiao¹
¹College of Mathematics and Statistics, Northwest Normal University,
Lanzhou, 730070, China
²Key Laboratory of Cryptography and Data Analytics,
Northwest Normal University, 730070, Lanzhou, China
³Gansu Provincial Research Center for Basic Disciplines of Mathematics and Statistics,
Northwest Normal University, 730070, Lanzhou, China
Email: [email protected] Corresponding author.

Abstract

Power functions with low $c$ -differential uniformity have been widely studied not only because of their strong resistance to multiplicative differential attacks, but also low implementation cost in hardware. Furthermore, the $c$ -differential spectrum of a function gives a more precise characterization of its $c$ -differential properties. Let $f(x)=x^{\frac{p^{n}+3}{2}}$ be a power function over the finite field $\mathbb{F}_{p^{n}}$ , where $p\neq 3$ is an odd prime and $n$ is a positive integer. In this paper, for all primes $p\neq 3$ , by investigating certain character sums with regard to elliptic curves and computing the number of solutions of a system of equations over $\mathbb{F}_{p^{n}}$ , we determine explicitly the $(-1)$ -differential spectrum of $f$ with a unified approach. We show that if $p^{n}\equiv 3\pmod{4}$ , then $f$ is a differentially $(-1,3)$ -uniform function except for $p^{n}\in\{7,19,23\}$ where $f$ is an APcN function, and if $p^{n}\equiv 1\pmod{4}$ , the $(-1)$ -differential uniformity of $f$ is equal to $4$ . In addition, an upper bound of the $c$ -differential uniformity of $f$ is also given.

Key words: power function, elliptic curve, $c$ -differential uniformity, $(-1)$ -differential spectrum.

1 Introduction

Let $\mathbb{F}_{p^{n}}$ be the finite field with $p^{n}$ elements, where $p$ is a prime and $n$ is a positive integer. The multiplicative cyclic group of the finite field $\mathbb{F}_{p^{n}}$ is denoted by $\mathbb{F}_{p^{n}}^{*}$ . Let $\mathbb{F}_{p^{n}}[x]$ denote the polynomial ring over $\mathbb{F}_{p^{n}}$ . Any function $f:\mathbb{F}_{p^{n}}\rightarrow\mathbb{F}_{p^{n}}$ can be uniquely represented as a univariate polynomial of degree less than $p^{n}$ . Therefore, $f$ can always be seen as a polynomial in $\mathbb{F}_{p^{n}}[x]$ . A polynomial $f\in\mathbb{F}_{p^{n}}[x]$ is called a permutation polynomial of $\mathbb{F}_{p^{n}}$ if the induced mapping $x\mapsto f(x)$ is a permutation over $\mathbb{F}_{p^{n}}$ . Permutation polynomials are a very important class of polynomials as they have applications in coding theory and cryptography. Nowadays, designing infinite classes of permutation polynomials over finite fields with good cryptographic properties remains an interesting research topic.

Substitution boxes (S-boxes for short) are important nonlinear building blocks in block ciphers, which can be seen as permutation functions over finite fields. To quantify the ability of S-boxes to resist the differential attack[1], one of the most powerful attacks on block ciphers, Nyberg[8] introduced the notion of differential uniformity. More importantly, to estimate the resistance against some variants of differential cryptanalysis, the differential spectrums[2] of S-boxes are also shown to be of great interest.

In [3], Borisov et al. proposed a new differential on block ciphers, called a multiplicative differential, it is an extension of differential cryptanalysis, which helps to identify the weakness of IDEA ciphers. Motivated by the concept of multiplicative differential, Ellingsen et al. in [4] first introduced the (multiplicative) $c$ -derivative.

{}_{c}D_{a}f(x)=f(x+a)-cf(x),~{}\mathrm{for~{}all}~{}x\in\mathbb{F}_{p^{n}}.

In the same paper they presented a generalized notion of differential uniformity, the so-called $c$ -differential uniformity.

Definition 1.

[4] Let $\mathbb{F}_{p^{n}}$ be the finite field with $p^{n}$ elements, where $p$ is a prime and $n$ is a positive integer. For a function $f:\mathbb{F}_{p^{n}}\rightarrow\mathbb{F}_{p^{n}}$ , and $a,b,c\in\mathbb{F}_{p^{n}}$ . Let ${}_{c}\Delta_{f}(a,b)=\#\{x\in\mathbb{F}_{p^{n}}:f(x+a)-cf(x)=b\}$ . The $c$ -differential uniformity of $f$ is defined as

{}_{c}\Delta_{f}=\max\{{}_{c}\delta_{f}(a,b):a,b\in\mathbb{F}_{p^{n}},~{}\mathrm{and}~{}a\neq 0~{}\mathrm{if}~{}c=1\}.

If ${}_{c}\Delta_{f}=\delta$ , then $f$ is called a differentially $(c,\delta)$ -uniform function. Especially, $f$ is called a perfect $c$ -nonlinear (PcN) function if ${}_{c}\Delta_{f}=1$ , and an almost perfect $c$ -nonlinear (APcN) function if ${}_{c}\Delta_{f}=2$ . It is clear that if $c=1$ and $a\neq 0$ , the $c$ -differential uniformity becomes the usual differential uniformity and one use the corresponding notation by omit the symbol $c$ . The smaller the value ${}_{c}\Delta_{f}$ is, the better $f$ resists against multiplicative differential attacks. Thus, the research on cryptographic functions with low $c$ -differential uniformity has been a hot issue in recent years, the readers can refer to [4, 7, 6, 9, 10, 15, 13, 12, 16, 20, 19, 17, 14] and the references therein.

For a power function $f(x)=x^{d}$ with a positive integer $d$ , one can easily see that ${}_{c}\delta_{f}(a,b)={}_{c}\delta_{f}(1,b/a^{d})$ , for all $a\in\mathbb{F}_{p^{n}}^{*}$ and $b\in\mathbb{F}_{p^{n}}$ . For simplicity, denoted ${}_{c}\delta_{f}(1,b)$ by ${}_{c}\delta_{f}(b)$ with $b\in\mathbb{F}_{p^{n}}$ . More precisely, it was proved in [7, Lemma 1] that the $c$ -differential uniformity of $f(x)=x^{d}$ is given by

_{c}\Delta_{f}=\max\big{\{}\{_{c}\delta_{f}(b):b\in\mathbb{F}_{p^{n}}\}\cup\{\gcd(d,p^{n}-1)\}\big{\}}.

(1)

Moreover, as a generalization of the differential spectrum, the $c$ -differential spectrum of a power function is defined as follows.

Definition 2.

[13] Let $f(x)=x^{d}$ with $c$ -differential uniformity ${}_{c}\Delta_{f}$ . Denote ${}_{c}\omega_{i}=\#\{b\in\mathbb{F}_{p^{n}}:{}_{c}\delta_{f}(b)=i\}$ , for each $0\leq i\leq{}_{c}\Delta_{f}$ . Then the $c$ -differential spectrum of $f$ is defined as the multi-set

\mathbb{S}=\{_{c}\omega_{i}>0:0\leq i\leq{}_{c}\Delta_{f}\}.

Generally speaking, it is difficult to determine the $c$ -differential spectrum of power functions. To the best of our knowledge, only a few classes of power functions over odd characteristic finite fields have a nontrivial $c$ -differential spectrum. The known results on power functions $f$ over $\mathbb{F}_{p^{n}}$ , for which $c$ -differential spectrum has been determined are summarized in Table 1, where Tr ${}_{n}(\cdot)$ is the absolute trace mapping from $\mathbb{F}_{2^{n}}$ to $\mathbb{F}_{2}$ .

Table 1: Power functions

f(x)=x^{d}\in\mathbb{F}_{p^{n}}[x]

with known

c

-differential spectrum

$d$	Conditions	${}_{c}\Delta_{f}$	Ref.
$2^{3m}+2^{2m}+2^{m}-1$	$p=2,~{}n=4m,~{}0,1\neq c\in\mathbb{F}_{2^{n}},~{}c^{1+2^{2m}}=1$	2	[12]
$p^{k}+1$	$p$ is odd, $\gcd(n,k)=e,~{}1\neq c\in\mathbb{F}_{p^{e}}$ and $\frac{n}{e}$ is odd	2	[13]
$p^{k}+1$	$p$ is odd, $\gcd(n,k)=e,~{}c\notin\mathbb{F}_{p^{e}}$ , $n$ is even, $k=\frac{n}{2}$	2	[13]
$2^{n}-2$	$p=2,c\neq 0$ , Tr ${}_{n}(c)=$ Tr ${}_{n}(c^{-1})=1$	2	[19]
$2^{n}-2$	$p=2,c\neq 0$ , Tr ${}_{n}(c)=0$ or Tr ${}_{n}(c^{-1})=0$	3	[19]
$p^{n}-2$	$p$ is odd, $c\neq 0,1,4,4^{-1}$	2 or 3	[19]
$3^{n}-3$	$p=3,~{}c=-1$ , any $n$	4 or 6	[19]
$\frac{p^{k}+1}{2}$	$p$ is odd, $c=-1,~{}\gcd(n,k)=1$ , $\frac{2n}{\gcd(2n,k)}$ is even	$\frac{p+1}{2}$	[19]
$\frac{p^{n}+1}{2}$	any $p$ , $c\neq-1$	2,4, $\frac{p^{n}+3}{4}$ or $\frac{p^{n}+5}{4}$	[10]
$\frac{5^{n}-3}{2}$	$p=5,~{}c=-1,~{}n\geq 2$	2	[19] and [9]
$\frac{p^{n}-3}{2}$	$c=-1,~{}p^{n}~{}\equiv 3~{}(\bmod~{}4),~{}p^{n}>3$	2 or 4	[17]
$\frac{3^{n}+3}{2}$	$p=3$ , $c=-1$ , $n\geq 2$ is even	2	[19]
$\frac{p^{n}+3}{2}$	$c=-1$ , $p^{n}~{}\equiv 1~{}(\bmod~{}4)$ , $p\neq 3$	4	This paper
$\frac{p^{n}+3}{2}$	$c=-1$ , $p^{n}~{}\equiv 3~{}(\bmod~{}4)$ , $p\neq 3$	3	This paper

Throughout this paper, let $f(x)=x^{\frac{p^{n}+3}{2}}\in\mathbb{F}_{p^{n}}[x]$ , where $p$ is an odd prime and $n$ is a positive integer. We should mention that when $p=3$ , $f$ is P $c$ N if $n\geq 3$ is odd, and is AP $c$ N if $n\geq 2$ is even [7] with its $(-1)$ -differential spectrum being given in [19, Theorem 9]. When $p>3$ , the $(-1)$ -differential uniformity of $f$ was discussed by Mesnager et al. in [7, Theorem 11] and they proved that ${}_{-1}\Delta_{f}\leq 4$ if $p^{n}\equiv 1\pmod{4}$ and ${}_{-1}\Delta_{f}\leq 3$ if $p^{n}\equiv 3\pmod{4}$ .

Inspired by the works above, in this paper, we mainly study the $(-1)$ -differential spectrum of $f(x)=x^{\frac{p^{n}+3}{2}}$ for all positive integer $n$ when $p\neq 3$ . More precisely, we prove that ${}_{-1}\Delta_{f}=3$ if $p^{n}\equiv 3\pmod{4}$ except for $p\in\{7,19,23\}$ where $f$ is an APcN function, and ${}_{-1}\Delta_{f}=4$ if $p^{n}\equiv 1\pmod{4}$ , that is, the upper bound of the $(-1)$ -differential uniformity of $f$ given by Mesnager et al. can be achieved.

The rest of this paper is organized as follows. In Section 2, we introduce some basic notation about quadratic character and results on quadratic character sums, which will be employed in the sequel. In Section 3, we first determine the $(-1)$ -differential spectrum of $f$ , and some examples are also presented. In Section 4, we give an upper bound of the $c$ -differential uniformity of $f$ . Section 5 concludes this paper.

2 Preliminaries

In this section, we mainly introduce some basic results on quadratic character sums over $\mathbb{F}_{p^{n}}$ . Let $\eta$ be the quadratic character over $\mathbb{F}_{p^{n}}$ , i.e., for any $x\in\mathbb{F}_{p^{n}}$ ,

\displaystyle\eta(x)=x^{\frac{p^{n}-1}{2}}=\left\{\begin{array}[]{ll}1,&\hbox{if $x$ is a square,}\\ 0,&\hbox{if $x=0$,}\\ -1,&\hbox{if $x$ is a nonsquare.}\end{array}\right.

It is well-known that $\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta(x)=0$ , and $\eta(-1)=1$ (resp. $-1$ ) if $p^{n}\equiv 1~{}(\bmod~{}4)$ (resp. $p^{n}\equiv 3~{}(\bmod~{}4)$ ), which are used extensively in the calculations of character sums.

We consider now sums involving the quadratic character of the form

\sum_{x\in\mathbb{F}_{{p^{n}}}}\eta(f(x))

with $f(x)\in\mathbb{F}_{p^{n}}[x]$ . Recall that for $\deg(f(x))=1$ , the sums above is trivial, and for $\deg(f(x))=2$ , the following explicit formula was established in [5] and [6], respectively.

Lemma 1.

[5] Let $f(x)=a_{2}x^{2}+a_{1}x+a_{0}\in\mathbb{F}_{p^{n}}[x]$ , $p$ is odd, and $a_{2}\neq 0$ . Put $\Delta:=a_{1}^{2}-4a_{0}a_{2}$ be the discriminant of $f(x)=0$ and let $\eta$ be the quadratic character of $\mathbb{F}_{p^{n}}$ . Then

\displaystyle\sum_{x\in\mathbb{F}_{{p^{n}}}}\eta(f(x))=\left\{\begin{array}[]{ll}-\eta(a_{2}),&\hbox{\rm{if} $\Delta\neq 0$,}\\ (p^{n}-1)\eta(a_{2}),&\hbox{\rm{if} $\Delta=0$.}\end{array}\right.

Lemma 2.

[6] Let $f(x)=a_{2}x^{2}+a_{1}x+a_{0}\in\mathbb{F}_{p^{n}}[x]$ with $p$ odd and $a_{2}\neq 0$ . Then the equation $f(x)=0$ has two (resp. one) solutions in $\mathbb{F}_{p^{n}}$ if and only if the discriminant $\Delta=a_{1}^{2}-4a_{0}a_{2}$ is a nonzero (resp. zero) square in $\mathbb{F}_{p^{n}}$ . That is to say, the number of solutions of $f$ is $1+\eta(\Delta)$ .

For $\deg(f(x))\geq 3$ , it is challenging to obtain an explicit formula for the character sum $\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta(f(x))$ . However, when $\deg(f(x))=3$ , such a sum can be computed by considering $\mathbb{F}_{p^{n}}$ -rational points of elliptic curves over $\mathbb{F}_{p}$ . More specifically, we denote $\lambda_{p,n}$ as

\lambda_{p,n}=\sum_{x\in\mathbb{F}_{p^{n}}}\eta(f(x)).

To calculate $\lambda_{p,n}$ , we will use some elementary concepts from the theory of elliptic curves [11]. Let $E/\mathbb{F}_{p}$ be the elliptic curve over $\mathbb{F}_{p}$

E:y^{2}=f(x)

and $N_{p,n}$ denote the number of $\mathbb{F}_{p^{n}}$ -rational points (remember the extra point at infinity) on the curve $E/\mathbb{F}_{p}$ . From the results in [11, P.139, P.142], we have, for all $n\geq 1$ ,

N_{p,n}=p^{n}+1+\lambda_{p,n}

with

\displaystyle\lambda_{p,n}=-\alpha^{n}-\beta^{n},

where $\alpha$ and $\beta$ are the two conjugate complex roots of the polynomial $T^{2}+\lambda_{p,1}T+p$ . We obtain an explicit and efficient formula of $\lambda_{p,n}$ .

Define the following two specific character sums

\displaystyle\lambda^{(1)}_{p,n}=\sum_{x\in\mathbb{F}_{p^{n}}}\eta(x(x+1)(x-3))

(2)

and

\displaystyle\lambda^{(2)}_{p,n}=\sum_{x\in\mathbb{F}_{p^{n}}}\eta(x(x+1)(x-2)),

(3)

which play a significant role in our main results. As we will see later, the determination of the $(-1)$ -differential spectrum of $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$ heavily depend on the computations of $\lambda^{(1)}_{p,n}$ and $\lambda^{(2)}_{p,n}$ .

In the following examples, we will give the exact values of $\lambda^{(1)}_{p,n}$ and $\lambda^{(2)}_{p,n}$ , respectively, for specific values of $p$ .

Example 1.

Let $p=5$ . We can obtain $\lambda^{(1)}_{5,1}=2$ by Magma program. So we have $\alpha,\beta=-1\pm 2\sqrt{-1}$ . Hence $\lambda^{(1)}_{5,n}=-(-1+2\sqrt{-1})^{n}-(-1-2\sqrt{-1})^{n}$ .

Example 2.

Let $p=13$ . We can obtain $\lambda^{(2)}_{13,1}=2$ by Magma program. So we have $\alpha,\beta=-1\pm 2\sqrt{-3}$ . Hence $\lambda^{(2)}_{13,n}=-(-1+2\sqrt{-3})^{n}-(-1-2\sqrt{-3})^{n}$ .

In addition, we have the following bound on $\lambda^{(i)}_{p,n}$ for $i=1,2$ .

Lemma 3.

[11] With the notation as above, we have $|\lambda^{(i)}_{p,n}|\leq 2p^{\frac{n}{2}}$ , for $i=1,2$ .

In the end of this section, we present the following results concerning the exact values specific character sums used in Section 3.

Lemma 4.

If $p^{n}\equiv 3\pmod{4}$ and $p\neq 3$ , then relevant consequences as follows,

$1)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta\left((2x-2)(2x+1)(2x+2)\right)=\lambda_{p,n}^{(1)}$ ,

$2)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta\left((2x-2)(2x-1)(2x+2)\right)=-\lambda_{p,n}^{(1)}$ ,

$3)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta((2x-2)(2x-1)(2x+1)(2x+2))=\lambda_{p,n}^{(1)}-1$ ,

$4)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta\left((2x-1)(2x+1)(2x+2)\right)=\lambda_{p,n}^{(2)}$ ,

$5)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta\left((2x-2)(2x-1)(2x+1)\right)=-\lambda_{p,n}^{(2)}$ .

Proof.

1) It is clear that $2x+1$ is a permutation of $\mathbb{F}_{p^{n}}$ . Set $t=2x+1$ . The left side of equation 1) leads to

\sum\limits_{t\in\mathbb{F}_{p^{n}}}\eta(t(t+1)(t-3))=\lambda_{p,n}^{(1)}.

2) Set $t=2x-1$ . The left side of equation 2) leads to

		$\displaystyle\sum\limits_{t\in\mathbb{F}_{p^{n}}}\eta(t(t-1)(t+3))$
	$\displaystyle=$	$\displaystyle\sum\limits_{t\in\mathbb{F}_{p^{n}}}\eta((-t)(-t-1)(-t+3))$
	$\displaystyle=$	$\displaystyle-\sum\limits_{t\in\mathbb{F}_{p^{n}}}\eta(t(t+1)(t-3))$
	$\displaystyle=$	$\displaystyle-\lambda_{p,n}^{(1)}$

since $\eta(-1)=-1$ .

3) First observe that the left side of equation 3) can be written as

\displaystyle\sum\limits_{4x^{2}-1\neq 0}\eta\Big{(}\frac{4x^{2}-4}{4x^{2}-1}\Big{)}.

(4)

If we set $\frac{4x^{2}-4}{4x^{2}-1}=u$ , then $u$ and $x$ satisfy

(4-4u)x^{2}+u-4=0.

When $u\neq 1$ , it is a quadratic equation with connection on the variable $x$ , with discriminant $\Delta=16(u-4)(u-1)$ . Therefore, according to Lemma 2 for all $\ u\neq 1$ , it corresponds to $(1+\eta(\Delta))$ $x$ ’s, and then

	$\displaystyle\mathrm{Eq.}\eqref{ux}=$	$\displaystyle\sum\limits_{u\in\mathbb{F}_{p^{n}}}\eta(u)(1+\eta(\Delta))-\eta(1)$
	$\displaystyle=$	$\displaystyle\sum\limits_{u\in\mathbb{F}_{p^{n}}}\eta(u(u-4)(u-1))-1$
	$\displaystyle=$	$\displaystyle\sum\limits_{t\in\mathbb{F}_{p^{n}}}\eta(t(t+1)(t-3))-1$
	$\displaystyle=$	$\displaystyle\lambda_{p,n}^{(1)}-1.$

5) Set $t=2x-1$ . The left side of equation 5) leads to

		$\displaystyle\sum\limits_{t\in\mathbb{F}_{p^{n}}}\eta(t(t-1)(t+2))$
	$\displaystyle=$	$\displaystyle\sum\limits_{t\in\mathbb{F}_{p^{n}}}\eta((-t)(-t-1)(-t+2))$
	$\displaystyle=$	$\displaystyle-\sum\limits_{t\in\mathbb{F}_{p^{n}}}\eta(t(t+1)(t-2))$
	$\displaystyle=$	$\displaystyle-\lambda_{p,n}^{(2)}.$

The proof of following lemma is very similar to that of [18, Lemma 5], we will no longer prove that.

Lemma 5.

Let $\lambda^{(1)}_{p,n}$ and $\lambda^{(2)}_{p,n}$ be defined as above. If $p^{n}\equiv 1\pmod{4}$ and $p\neq 3$ , then we have

$(1)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta(x(x^{2}+x+1))=\lambda^{(1)}_{p,n}$ ,

$(2)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta((x+1)(x^{2}+x+1))=\lambda^{(1)}_{p,n}$ ,

$(3)\sum\limits_{x\in\mathbb{F}_{{p^{n}}}}\eta((x^{2}+x)(x^{2}+x+1))=\lambda^{(1)}_{p,n}-1$ ,

$(4)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta(x(3x^{2}+2x+3))=\lambda^{(2)}_{p,n}$ ,

$(5)\sum\limits_{x\in\mathbb{F}_{{p^{n}}}}\eta((x^{2}+x+1)(3x^{2}+2x+3))=\lambda^{(2)}_{p,n}-\eta(3)$ ,

$(6)\sum\limits_{x\in\mathbb{F}_{p^{n}}}\eta(x(x^{2}+x+1)(3x^{2}+2x+3))=2\lambda^{(1)}_{p,n}$ .

3 The $c$ -differential properties of $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$

In this section, we are about to determine the $(-1)$ -differential spectrum of $f$ explicitly.

We first introduce some properties of the $c$ -differential spectrum of power function presented by Yan and Zhang in [19], which will be used to examine the $(-1)$ -differential spectrum of $f$ .

Lemma 6.

[19] Let $f(x)=x^{d}$ be a power function over $\mathbb{F}_{p^{n}}$ with $c$ -differential uniformity ${}_{c}\Delta_{f}$ for some $1\neq c\in\mathbb{F}_{p^{n}}$ , where $d$ is a positive integer. Then we have

\displaystyle\sum_{i=0}^{{}_{c}\Delta_{f}}{{}_{c}\omega_{i}}=\sum_{i=0}^{{}_{c}{\Delta_{f}}}(i\cdot{{}_{c}{\omega_{i}}})=p^{n}.

(5)

Moreover,

\sum\limits_{i=0}^{{}_{c}\Delta_{f}}(i^{2}\cdot{}_{c}\omega_{i})=\frac{{}_{c}N_{4}-1}{p^{n}-1}-\gcd(d,p^{n}-1),

(6)

where

{}_{c}N_{4}=\#\left\{{(x_{1},x_{2},x_{3},x_{4})\in(\mathbb{F}_{p^{n}})^{4}:\Bigg{\{}\begin{array}[]{ll}x_{1}-x_{2}+x_{3}-x_{4}&=0\\ x_{1}^{d}-cx_{2}^{d}+cx_{3}^{d}-x_{4}^{d}&=0\end{array}}\right\}.

(7)

3.1 $p^{n}\equiv 3\pmod{4}$ and $p\neq 3$

In this subsection, we give the $(-1)$ -differential spectrum of the power function $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$ , $p^{n}\equiv 3\pmod{4}$ and $p\neq 3$ . Before that, we give some notions.

For any square $\alpha\in\mathbb{F}_{p^{n}}^{*}$ , $\sqrt{\alpha}$ denotes either solution of the equation $x^{2}=\alpha$ in $\mathbb{F}_{p^{n}}$ . Let $C_{0}$ and $C_{1}$ denote the sets of squares and nonsquares in $\mathbb{F}_{p^{n}}^{*}$ , respectively. The cyclotomic number $(i,j)$ is defined as the cardinality of the set $C_{i,j}=\{{x\in\mathbb{F}_{p^{n}}\backslash\{{0,-1}\}:x\in C_{i},x+1\in C_{j}}\}$ , where $i,j\in\{{0,1}\}$ .

Theorem 1.

Let $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$ , where $p^{n}\equiv 3\pmod{4}$ and $p\neq 3$ . Then the $(-1)$ -differential spectrum of $f$ is

	$\displaystyle\mathbb{S}=\{$	${}_{-1}\omega_{0}=\frac{1}{4}(p^{n}+\lambda_{p,n}^{(1)}+1),~{}{}_{-1}\omega_{1}=\frac{1}{16}(9p^{n}-5\lambda_{p,n}^{(1)}+2\lambda_{p,n}^{(2)}-7),$
		$\displaystyle{}_{-1}\omega_{2}=\frac{1}{8}(p^{n}-\lambda_{p,n}^{(1)}-2\lambda_{p,n}^{(2)}+1),~{}{}_{-1}\omega_{3}=\frac{1}{16}(p^{n}+3\lambda_{p,n}^{(1)}+2\lambda_{p,n}^{(2)}+1)\}.$

Proof.

In order to determine the $(-1)$ -differential spectrum of $f$ , the number of solutions $N_{f}(b)$ of the equation

(x+1)^{d}+x^{d}=b,~{}\mathrm{for~{}all}~{}b\in\mathbb{F}_{p^{n}}

(8)

needs to be determined.

Evidently, if $x=0$ , then $b=1$ , and if $x=-1$ , then $b=-1$ since $d=\frac{p^{n}+3}{2}$ is odd. Now we always assume $x\in\mathbb{F}_{p^{n}}^{*}\backslash\{-1\}$ , Eq.(8) can be written as

(\eta(x+1)+\eta(x))x^{2}+2\eta(x+1)x+\eta(x+1)-b=0.

(9)

Note that $\mathbb{F}_{p^{n}}^{*}\backslash\{-1\}=\mathcal{C}_{0,0}\cup\mathcal{C}_{0,1}\cup\mathcal{C}_{1,0}\cup\mathcal{C}_{1,1}$ . The following four cases are discussed.

(1) $x\in\mathcal{C}_{0,0}$ , that is $\eta(x)=\eta(x+1)=1$ . Eq.(9) becomes

2x^{2}+2x+1-b=0

(10)

with discriminant $\Delta_{1}=8b-4$ .

If $\Delta_{1}=0$ , then $b=\frac{1}{2}$ , by Eq.(10), we get $x=-\frac{1}{2}$ . So $\eta(x+1)=\eta(-\frac{1}{2}+1)=\eta(\frac{1}{2})=\eta(-x)=-\eta(x)$ , i.e., $\eta(x)\neq\eta(x+1)$ , which means that $x=-\frac{1}{2}\notin\mathcal{C}_{0,0}$ .

If $\eta\left(\Delta_{1}\right)=1$ , we can acquire two solutions of Eq.(10) over $\mathbb{F}_{p^{n}}^{*}\backslash\{-1\}$ , denote by $x_{1}=\frac{-1+\sqrt{2b-1}}{2}$ , $x_{1}^{\prime}=\frac{-1-\sqrt{2b-1}}{2}$ . Apparently, $x_{1}+1=-x_{1}^{\prime}$ , $x_{1}^{\prime}+1=-x_{1}$ and $x_{1}\left(x_{1}+1\right)=\frac{b-1}{2}$ . Since $\eta(-1)=-1$ , we assert that Eq.(9) has at most one solution in $\mathcal{C}_{0,0}$ when $b\in D_{1}$ , where

D_{1}=\{b\in\mathbb{F}_{p^{n}}:\eta(2b-1)=\eta(2b-2)=1\}.

(2) $x\in\mathcal{C}_{0,1}$ , that is $\eta(x)=1,~{}\eta(x+1)=-1$ . Eq.(9) becomes $2x+1+b=0$ , one can be deduced that $x=\frac{-1-b}{2}$ , $x+1=\frac{1-b}{2}$ . Hence Eq.(9) has at most one solution when $b\in D_{2}$ , where

D_{2}=\{b\in\mathbb{F}_{p^{n}}:\eta(2b-2)=1,~{}\eta(2b+2)=-1\}.

(3) $x\in\mathcal{C}_{1,0}$ , that is $\eta(x)=-1,\eta(x+1)=1$ . Eq.(9) becomes $2x+1-b=0$ , then $x=\frac{b-1}{2}$ , $x+1=\frac{b+1}{2}$ . Therefore, Eq.(9) has at most one solution in $\mathcal{C}_{1,0}$ if $b\in D_{3}$ , where

D_{3}=\{b\in\mathbb{F}_{p^{n}}:\eta(2b-2)=-1,~{}\eta(2b+2)=1\}.

(4) $x\in\mathcal{C}_{1,1}$ , that is $\eta(x)=\eta(x+1)=-1$ . Eq.(9) becomes

2x^{2}+2x+1+b=0,

(11)

with discriminant $\Delta_{2}=-4-8b$ .

If $\Delta_{2}=0$ , then $b=-\frac{1}{2}$ and $x=-\frac{1}{2}$ . So $\eta(x+1)=\eta(\frac{1}{2})=\eta(-x)=-\eta(x)$ , i.e., $\eta(x)\neq\eta(x+1)$ , which means that $x=-\frac{1}{2}\notin\mathcal{C}_{1,1}$ .

If $\eta\left(\Delta_{2}\right)=1$ , we can acquire two solutions of Eq.(11) over $\mathbb{F}_{p^{n}}^{*}\backslash\{-1\}$ , denote by $x_{2}=\frac{-1+\sqrt{-2b-1}}{2}$ , $x_{2}^{\prime}=\frac{-1-\sqrt{-2b-1}}{2}$ . Obviously, $x_{2}+1=-x_{2}^{\prime}$ , $x_{2}^{\prime}+1=-x_{2}$ and $x_{2}\left(x_{2}+1\right)=-\frac{1+b}{2}$ . Since $\eta(-1)=-1$ , we assert that Eq.(9) has at most one solution in $\mathcal{C}_{1,1}$ when $b\in D_{4}$ , where

D_{4}=\{b\in\mathbb{F}_{p^{n}}:\eta(2b+1)=\eta(2b+2)=-1\}.

We can get that $b=\pm 1\notin\bigcup\limits_{i=1}^{4}D_{i}$ , $D_{3}\cap\left(D_{1}\cup D_{2}\cup D_{4}\right)=\emptyset$ and $D_{1}\cap D_{4}=D_{1}\cap D_{2}\cap D_{4}$ , The discussion above can be summed up in Table 2.

Table 2: Solutions to Eq.(8) in

\mathbb{F}_{p^{n}}

$b$	solutions
$b=1$	$x=0$
$b=-1$	$x=-1$
$b\in D_{1}$	$x\in A\subset\{\frac{1+\sqrt{2b-1}}{2},\frac{1-\sqrt{2b-1}}{2}\}$
$b\in D_{2}$	$x=-\frac{b+1}{2}$
$b\in D_{3}$	$x=\frac{b-1}{2}$
$b\in D_{4}$	$x\in B\subset\{\frac{-1+\sqrt{-2b-1}}{2},\frac{-1-\sqrt{-2b-1}}{2}\}$

Hence Eq.(8) has at most three solutions in $\mathbb{F}_{p^{n}}$ , and the number of the solutions of Eq.(8) is

\displaystyle N_{f}(b)=\left\{\begin{array}[]{ll}3,&\mathrm{if}~{}b\in D_{1}\cap D_{2}\cap D_{4},\\ 2,&\mathrm{if}~{}b\in(\left(D_{1}\cap D_{2}\right)\backslash D_{4})\cup(\left(D_{2}\cap D_{4}\right)\backslash D_{1}),\\ 1,&\mathrm{if}~{}b=\pm 1,~{}\mathrm{or}~{}b\in D_{3},\mathrm{or}~{}b\in(D_{2}\backslash\left(D_{1}\cup D_{4}\right))\\ &~{}\cup(D_{1}\backslash\left(D_{2}\cup D_{4}\right))\cup(D_{4}\backslash\left(D_{1}\cup D_{2}\right)),\\ 0,&\mathrm{otherwise}.\end{array}\right.

Now we calculate the cardinality of the sets $D_{1}\cap D_{2}\cap D_{4}$ , $(D_{1}\cap D_{2})\backslash D_{4}$ , $(D_{2}\cap D_{4})\backslash D_{1}$ to determine $(-1)$ -differential spectrum of $f$ .

First, note that

D_{1}\cap D_{2}\cap D_{4}=\{b\in\mathbb{F}_{p^{n}}:\eta(2b-2)=\eta(2b-1)=1,~{}\eta(2b+1)=\eta(2b+2)=-1\}.

By the definition of the $(-1)$ -differential spectrum of $f$ , we have

	${}_{-1}\omega_{3}=$	$\displaystyle\#(D_{1}\cap D_{2}\cap D_{4})$
	$\displaystyle=$	$\displaystyle\frac{1}{16}\sum_{b\in\mathbb{F}_{p^{n}}}((1+\eta(2b-2))(1+\eta(2b-1))(1-\eta(2b+1))(1-\eta(2b+2)))$
		$\displaystyle-\frac{1}{16}\sum_{b\in\{\pm 1,\pm\frac{1}{2}\}}((1+\eta(2b-2))(1+\eta(2b-1))(1-\eta(2b+1))(1-\eta(2b+2)))$
	$\displaystyle=$	$\displaystyle M_{1}-M_{2}.$

where $M_{1}$ and $M_{2}$ denote by the two summations above respectively.

It can be easy to see that $M_{2}=0$ . Expanding the expression of $M_{1}$ , then we have that

M_{1}=\frac{1}{16}(p^{n}+3\lambda_{p,n}^{(1)}+2\lambda_{p,n}^{(2)}+1)

after a calculation based on the fact in Lemmas 1, 2 and 4.
Therefore, ${}_{-1}\omega_{3}=M_{1}-M_{2}=\frac{1}{16}(p^{n}+3\lambda_{p,n}^{(1)}+2\lambda_{p,n}^{(2)}+1)$ .

Similarly, we have

(D_{1}\cap D_{2})\backslash D_{4}=\{b\in\mathbb{F}_{p^{n}}:\eta(2b-2)=\eta(2b\pm 1)=1,~{}\eta(2b+2)=-1\},

(D_{2}\cap D_{4})\backslash D_{1}=\{b\in\mathbb{F}_{p^{n}}:\eta(2b+2)=\eta(2b\pm 1)=-1,~{}\eta(2b-2)=1\},

and

	${}_{-1}\omega_{2}=$	$\displaystyle\#((D_{1}\cap D_{2})\backslash D_{4})+\#((D_{2}\cap D_{4})\backslash D_{1})$
	$\displaystyle=$	$\displaystyle\frac{1}{16}(p^{n}-\lambda_{p,n}^{(1)}-2\lambda_{p,n}^{(2)}+1)+\frac{1}{16}(p^{n}-\lambda_{p,n}^{(1)}-2\lambda_{p,n}^{(2)}+1)$
	$\displaystyle=$	$\displaystyle\frac{1}{8}(p^{n}-\lambda_{p,n}^{(1)}-2\lambda_{p,n}^{(2)}+1).$

Plugging ${}_{-1}\omega_{2}$ and ${}_{-1}\omega_{3}$ into Eq.(5), we get

\displaystyle\left\{\begin{array}[]{ll}_{-1}\omega_{1}=\frac{1}{16}(9p^{n}-5\lambda_{p,n}^{(1)}+2\lambda_{p,n}^{(2)}-7),\\ _{-1}\omega_{0}=\frac{1}{4}(p^{n}+\lambda_{p,n}^{(1)}+1).\end{array}\right.

In conclusion, which completes the proof.

Corollary 1.

Let $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$ , where $p^{n}\equiv 3\pmod{4}$ and $p\neq 3$ is an odd prime. Then

{}_{-1}\Delta_{f}

\displaystyle=\left\{\begin{array}[]{ll}2,&\hbox{if $p^{n}\in\{7,19,23\}$,}\\ 3,&\hbox{$\mathrm{otherwise}$.}\end{array}\right.

Proof.

By Lemma 3, we obtain

{}_{-1}\omega_{3}=\frac{1}{16}(p^{n}+3\lambda_{p,n}^{(1)}+2\lambda_{p,n}^{(2)}+1)\geq\frac{1}{16}(p^{n}-10p^{\frac{n}{2}}+1)>0

when $p^{n}\geq 103$ . Moreover, after calculation by Magma program, we find that the ${}_{-1}\Delta_{f}=2$ (resp. 3) for $p^{n}\in\{7,19,23\}$ (resp. $p^{n}\in\{11,31,43,47,59,67,71,83\}$ ).

Therefore, we get $f$ is an APcN power function when $p^{n}\in\{7,19,23\}$ , and a differentially $(-1,3)$ -uniform power function otherwise.

There are some examples as follows, which are consistent with that computed directly by Magma program.

Example 3.

Let $n=1$ . If $p=7,19,23$ , then $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p}$ is APcN for $c=-1$ with $(-1)$ -differential spectrum

	$\displaystyle\mathbb{S}$	$\displaystyle=\{_{-1}\omega_{0}=2,~{}{}_{-1}\omega_{1}=3,~{}{}_{-1}\omega_{2}=2\},$
	$\displaystyle\mathbb{S}$	$\displaystyle=\{_{-1}\omega_{0}=4,~{}{}_{-1}\omega_{1}=11,~{}{}_{-1}\omega_{2}=4\},$
	$\displaystyle\mathbb{S}$	$\displaystyle=\{_{-1}\omega_{0}=4,~{}{}_{-1}\omega_{1}=15,~{}{}_{-1}\omega_{2}=4\},$

respectively.

Example 4.

Let $p=7$ and $n=3$ . Then $f(x)=x^{173}$ over $\mathbb{F}_{7^{3}}$ is differentially $(-1,3)$ -uniform with $(-1)$ -differential spectrum

\mathbb{S}=\{_{-1}\omega_{0}=86,~{}{}_{-1}\omega_{1}=195,~{}{}_{-1}\omega_{2}=38,~{}{}_{-1}\omega_{3}=24\}.

3.2 $p^{n}\equiv 1\pmod{4}$ and $p\neq 3$

In this subsection, we will focus on studying the $(-1)$ -differential spectrum of the power function $f(x)=x^{d}$ over $\mathbb{F}_{p^{n}}$ , where $d=\frac{p^{n}+3}{2}$ , $p^{n}\equiv 1\pmod{4}$ and $p\neq 3$ . It is clear that

\gcd(\frac{p^{n}+3}{2},~{}p^{n}-1)=2\ \mathrm{or}\ 4.

This subsection adopts the method from [18, P.11-13], and we only provide a sketch due to the process is quite complicated and miscellaneous.

Note that $x_{0}$ is a solution of $(x+1)^{d}+x^{d}=b$ if and only if $-x_{0}-1$ is a solution of $(x+1)^{d}+x^{d}=b$ since $d$ is even. We assert that ${}_{-1}\delta_{f}(b)$ is even except for

b=(-\frac{1}{2}+1)^{d}+(-\frac{1}{2})^{d}=\frac{\eta(2)}{2}.

In the following, we will investigate the value of ${}_{-1}\delta_{f}(\frac{\eta(2)}{2})$ . Since the proof of Lemma 7 is similar to that of [18, Lemma 8], we omit the proof here.

Lemma 7.

With the notation as above, we have

{}_{-1}\delta_{f}(\frac{\eta(2)}{2})

\displaystyle=\left\{\begin{array}[]{ll}3,&\hbox{if $\eta(2)=\eta(3)=1$, $\eta(\frac{-1+\sqrt{-2}}{2})=-1$ or $\eta(2)=\eta(3)=-1$,}\\ 1,&\hbox{$\mathrm{otherwise}$.}\end{array}\right.

From the discussion above, one can immediately derive the values of ${}_{-1}\omega_{1}$ and ${}_{-1}\omega_{3}$ in the following corollary.

Corollary 2.

With the notation as above, we have ${}_{-1}\omega_{1}=0,{}_{-1}\omega_{3}=1$ if $\eta(2)=\eta(3)=1$ , $\eta(\frac{-1+\sqrt{-2}}{2})=-1$ or $\eta(2)=\eta(3)=-1$ , and ${}_{-1}\omega_{1}=1,{}_{-1}\omega_{3}=0$ otherwise.

To determine the $(-1)$ -differential spectrum of $f$ , it remains to calculate ${}_{-1}N_{4}$ in Eq.(7), and this calculation method is similar to that of [18, Theorem 11].

Moreover, when $c=-1$ , Eq.(7) can be rewritten as

\left\{\begin{array}[]{ll}x_{1}-(-x_{3})+(-x_{2})-x_{4}&=0,\\ x_{1}^{d}-(-x_{3})^{d}+(-x_{2})^{d}-x_{4}^{d}&=0,\end{array}\right.

so we use Lemma 5 to calculate that ${}_{-1}N_{4}$ is

{}_{-1}N_{4}=1+\frac{1}{8}(p^{n}-1)(21p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}+13),

where $\lambda^{(1)}_{p,n}$ and $\lambda^{(2)}_{p,n}$ are defined in Eqs.EQ.(2) and Eq.(3), respectively.

Based on the previous preparation work, we are now in a position to determine $\mathbb{S}$ of $f$ , where $\lambda^{(1)}_{p,n}$ and $\lambda^{(2)}_{p,n}$ are defined in Eqs.(2) and (3), respectively.

Theorem 2.

Let $f$ be defined as above. If $\gcd(d,~{}p^{n}-1)=$ 2 (resp. 4), then the $(-1)$ -differential spectrum of $f$ is

	$\displaystyle\mathbb{S}=\{{}_{-1}\omega_{0}$	$\displaystyle=\frac{1}{64}(37p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}+5),$
	$\displaystyle{}_{-1}\omega_{2}$	$\displaystyle=\frac{1}{32}(11p^{n}-7\lambda^{(1)}_{p,n}+2\lambda^{(2)}_{p,n}-21),$
	$\displaystyle{}_{-1}\omega_{3}$	$\displaystyle=1,$
	$\displaystyle{}_{-1}\omega_{4}$	$\displaystyle=\frac{1}{64}(5p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}-27)\}$

(resp.

	$\displaystyle\mathbb{S}=\{{}_{-1}\omega_{0}$	$\displaystyle=\frac{1}{64}(37p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}-11),$
	$\displaystyle{}_{-1}\omega_{2}$	$\displaystyle=\frac{1}{32}(11p^{n}-7\lambda^{(1)}_{p,n}+2\lambda^{(2)}_{p,n}-5),$
	$\displaystyle{}_{-1}\omega_{3}$	$\displaystyle=1,$
	$\displaystyle{}_{-1}\omega_{4}$	$\displaystyle=\frac{1}{64}(5p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}-43)\}$

when $\eta(2)=\eta(3)=1$ , $\eta(\frac{-1+\sqrt{-2}}{2})=-1$ or $\eta(2)=\eta(3)=-1$ , and is

	$\displaystyle\mathbb{S}=\{{}_{-1}\omega_{0}$	$\displaystyle=\frac{1}{64}(37p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}-27),$
	$\displaystyle{}_{-1}\omega_{1}$	$\displaystyle=1,$
	$\displaystyle{}_{-1}\omega_{2}$	$\displaystyle=\frac{1}{32}(11p^{n}-7\lambda^{(1)}_{p,n}+2\lambda^{(2)}_{p,n}-21),$
	$\displaystyle{}_{-1}\omega_{4}$	$\displaystyle=\frac{1}{64}(5p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}+5)\}$

(resp.

	$\displaystyle\mathbb{S}=\{{}_{-1}\omega_{0}$	$\displaystyle=\frac{1}{64}(37p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}-43),$
	$\displaystyle{}_{-1}\omega_{1}$	$\displaystyle=1,$
	$\displaystyle{}_{-1}\omega_{2}$	$\displaystyle=\frac{1}{32}(11p^{n}-7\lambda^{(1)}_{p,n}+2\lambda^{(2)}_{p,n}-5),$
	$\displaystyle{}_{-1}\omega_{4}$	$\displaystyle=\frac{1}{64}(5p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}-11)\}$

otherwise.

Corollary 3.

Let $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$ , where $p^{n}\equiv 1\pmod{4}$ and $p\neq 3$ is an odd prime. Then ${}_{-1}\Delta_{f}=4$ .

Proof.

By Lemma 3, we obtain

{}_{-1}\omega_{4}\geq\frac{1}{64}(5p^{n}+7\lambda^{(1)}_{p,n}-2\lambda^{(2)}_{p,n}-43)\geq\frac{1}{64}(5p^{n}-18p^{\frac{n}{2}}-43)>0

when $p^{n}\geq 29$ . The numerical results show that ${}_{-1}\omega_{4}\geq 1$ for $p^{n}\in\{13,17,25\}$ .

The case $p^{n}=5$ can be calculated by computing directly the $(-1)$ -differential spectrum of $f(x)=x^{4}$ over $\mathbb{F}_{5}$ , which is

\mathbb{S}=\{{}_{-1}\omega_{0}=3,~{}{}_{-1}\omega_{2}=1,~{}{}_{-1}\omega_{3}=1\},

and hence ${}_{-1}\Delta_{f}=4$ due to $\gcd(d,~{}p^{n}-1)=4$ .

Therefore, we conclude that the ${}_{-1}\Delta_{f}=4$ . This completes the proof.

Example 5.

Let $p=7$ and $n=4$ . Then $f(x)=x^{1202}$ over $\mathbb{F}_{7^{4}}$ is differentially $(-1,4)$ -uniform with $(-1)$ -differential spectrum

\mathbb{S}=\{_{-1}\omega_{0}=1374,~{}{}_{-1}\omega_{1}=1,~{}{}_{-1}\omega_{2}=852,~{}{}_{-1}\omega_{4}=174\}.

Example 6.

Let $p=29$ and $n=1$ . Then $f(x)=x^{16}$ over $\mathbb{F}_{29}$ is differentially $(-1,4)$ -uniform with $(-1)$ -differential spectrum

\mathbb{S}=\{_{-1}\omega_{0}=16,~{}{}_{-1}\omega_{2}=11,~{}{}_{-1}\omega_{3}=1,~{}{}_{-1}\omega_{4}=1\}.

The above two examples both are consistent with that computed directly by Magma program.

4 The $c$ -differential uniformity of $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$

In this section, we give the following result on the $c$ -differential uniformity of $f$ , and we omit the proof here since it is similar to that of [17, Theorem 12].

Theorem 3.

Let $f(x)=x^{d}$ be a power function over $\mathbb{F}_{p^{n}}$ , where $p$ is an odd prime and $d=\frac{p^{n}+3}{2}$ is a positive integer. For $\pm 1\neq c\in\mathbb{F}_{p^{n}}$ , we have ${}_{c}\Delta_{f}\leq 9$ .

5 Concluding remarks

In this paper, we first investigated the $(-1)$ -differential spectrum of $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$ , where $p\neq 3$ is an odd prime. In fact, we prove that if $p^{n}\equiv 3\pmod{4}$ , then ${}_{-1}\Delta_{f}=3$ except for $p^{n}\in\{7,19,23\}$ where $f$ is an APcN function, and if $p^{n}\equiv 1\pmod{4}$ , the $(-1)$ -differential uniformity of $f$ is equal to 4. The results indicate that the $(-1)$ -differential spectrum of $f$ has closely connection with two character sums $\lambda^{(1)}_{p,n}$ and $\lambda^{(2)}_{p,n}$ . Meanwhile, the character sums can be evaluated by employing the theory of elliptic curves over finite fields. Finally, we obtained an upper bound of the $c$ -differential uniformity of $f$ .

References

[1] Eli Biham and Adi Shamir. Differential cryptanalysis of DES-like cryptosystems. J. Cryptology, 4(1):3–72, 1991.
[2] Céline Blondeau, Anne Canteaut, and Pascale Charpin. Differential properties of power functions. Int. J. Inf. Coding Theory, 1(2):149–170, 2010.
[3] Nikita Borisov, Monica Chew, Robert Johnson, and David Wagner. Multiplicative differentials. In Fast Software Encryption, 9th International Workshop, FSE 2002, Leuven, Belgium, February 4-6, 2002, Revised Papers, pages 17–33, 2002.
[4] På l Ellingsen, Patrick Felke, Constanza Riera, Pantelimon Stănică, and Anton Tkachenko. $C$ -differentials, multiplicative uniformity, and (almost) perfect $c$ -nonlinearity. IEEE Trans. Inform. Theory, 66(9):5781–5789, 2020.
[5] Rudolf Lidl and Harald Niederreiter. Finite fields, volume 20 of Encyclopedia of Mathematics and its Applications. Cambridge University Press, Cambridge, second edition, 1997. With a foreword by P. M. Cohn.
[6] Sihem Mesnager, Bimal Mandal, and Mounira Msahli. Survey on recent trends towards generalized differential and boomerang uniformities. Cryptogr. Commun, 14(4):691–735, 2022.
[7] Sihem Mesnager, Constanza Riera, Pantelimon Stănică, Haode Yan, and Zhengchun Zhou. Investigations on $c$ -(almost) perfect nonlinear functions. IEEE Trans. Inform. Theory, 67(10):6916–6925, 2021.
[8] Kaisa Nyberg. Differentially uniform mappings for cryptography. In Advances in cryptology—EUROCRYPT ’93 (Lofthus, 1993), volume 765 of Lecture Notes in Comput. Sci., pages 55–64. Springer, Berlin, 1994.
[9] Tingting Pang, Nian Li, Xiangyong Zeng, and Haiying Zhu. A note on the $c$ -differential spectrum of an ${\rm AP}c{\rm N}$ function. Adv. Math. Commun, 16(4):935–945, 2022.
[10] Constanza Riera, Pantelimon Stanica, and Haode Yan. The $c$ -differential spectrum of $x\mapsto x^{\frac{p^{n}+1}{2}}$ in finite fields of odd characteristics, 2022.
[11] Joseph H. Silverman. The arithmetic of elliptic curves, volume 106 of Graduate Texts in Mathematics. Springer, Dordrecht, second edition, 2009.
[12] Ziran Tu, Nian Li, Yanan Wu, Xiangyong Zeng, Xiaohu Tang, and Yupeng Jiang. On the differential spectrum and the ${\rm AP}c{\rm N}$ property of a class of power functions over finite fields. IEEE Transactions on Information Theory, 69(1):582–597, 2023.
[13] Xiaoqiang Wang, Dabin Zheng, and Lei Hu. Several classes of ${\rm P}c{\rm N}$ power functions over finite fields. Discrete Appl. Math, 322:171–182, 2022.
[14] Zhexin Wang, Sihem Mesnager, Nian Li, and Xiangyong Zeng. On differential properties of a class of niho-type power function, 2023.
[15] Yanan Wu, Nian Li, and Xiangyong Zeng. New ${\rm P}c{\rm N}$ and ${\rm AP}c{\rm N}$ functions over finite fields. Des. Codes Cryptogr, 89(11):2637–2651, 2021.
[16] Haode Yan. On (-1)-differential uniformity of ternary APN power functions. Cryptogr. Commun, 14(2):357–369, 2022.
[17] Haode Yan, Sihem Mesnager, and Xiantong Tan. On the differential spectrum of a class of apn power functions over odd characteristic finite fields and their $c$ -differential properties, 2022.
[18] Haode Yan, Sihem Mesnager, and Xiantong Tan. The complete differential spectrum of a class of power permutations over odd characteristic finite fields. IEEE Transactions on Information Theory, 69(11):7426–7438, 2023.
[19] Haode Yan and Kun Zhang. On the $c$ -differential spectrum of power functions over finite fields. Des. Codes Cryptogr, 90(10):2385–2405, 2022.
[20] Zhengbang Zha and Lei Hu. Some classes of power functions with low $c$ -differential uniformity over finite fields. Des. Codes Cryptogr, 89(6):1193–1210, 2021.

The cc-differential properties of a class of power functions

Abstract

1 Introduction

Definition 1.

Definition 2.

2 Preliminaries

Lemma 1.

Lemma 2.

Example 1.

Example 2.

Lemma 3.

Lemma 4.

Proof.

Lemma 5.

3 The cc-differential properties of f​(x)=xpn+32f(x)=x^{\frac{p^{n}+3}{2}} over 𝔽pn\mathbb{F}_{p^{n}}

Lemma 6.

3.1 pn≡3(mod4)p^{n}\equiv 3\pmod{4} and p≠3p\neq 3

Theorem 1.

Proof.

Corollary 1.

Proof.

Example 3.

Example 4.

3.2 pn≡1(mod4)p^{n}\equiv 1\pmod{4} and p≠3p\neq 3

Lemma 7.

Corollary 2.

Theorem 2.

Corollary 3.

Proof.

Example 5.

Example 6.

4 The cc-differential uniformity of f​(x)=xpn+32f(x)=x^{\frac{p^{n}+3}{2}} over 𝔽pn\mathbb{F}_{p^{n}}

Theorem 3.

5 Concluding remarks

References

The $c$ -differential properties of a class of power functions

3 The $c$ -differential properties of $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$

3.1 $p^{n}\equiv 3\pmod{4}$ and $p\neq 3$

3.2 $p^{n}\equiv 1\pmod{4}$ and $p\neq 3$

4 The $c$ -differential uniformity of $f(x)=x^{\frac{p^{n}+3}{2}}$ over $\mathbb{F}_{p^{n}}$