Affine equivalence for rotation symmetric Boolean

Affine equivalence for rotation symmetric Boolean functions with 2 k variables

Thomas W. Cusick & Younhwan Cheon

Designs, Codes and Cryptography An International Journal ISSN 0925-1022 Volume 63 Number 2 Des. Codes Cryptogr. (2012) 63:273-294 DOI 10.1007/s10623-011-9553-6

1 23

Your article is protected by copyright and all rights are held exclusively by Springer Science+Business Media, LLC. This e-offprint is for personal use only and shall not be selfarchived in electronic repositories. If you wish to self-archive your work, please use the accepted author’s version for posting to your own website or your institution’s repository. You may further deposit the accepted author’s version on a funder’s repository at a funder’s request, provided it is not made publicly available until 12 months after publication.

1 23

Author's personal copy Des. Codes Cryptogr. (2012) 63:273–294 DOI 10.1007/s10623-011-9553-6

Affine equivalence for rotation symmetric Boolean functions with 2 k variables Thomas W. Cusick · Younhwan Cheon

Received: 15 October 2010 / Revised: 6 February 2011 / Accepted: 25 July 2011 / Published online: 21 August 2011 © Springer Science+Business Media, LLC 2011

Abstract Rotation symmetric Boolean functions have been extensively studied in the last 10 years or so because of their importance in cryptography and coding theory. Until recently, very little was known about the basic question of when two such functions are affine equivalent. Even the case of quadratic functions is nontrivial, and this was only completely settled in a 2009 paper of Kim, Park and Hahn. The much more complicated case of cubic functions was solved for permutations using a new concept of patterns in a 2010 paper of Cusick, and it is conjectured that, as in the quadratic case, this solution actually applies for all affine transformations. The patterns method enables a detailed analysis of the affine equivalence classes for various special classes of cubic rotation symmetric functions in n variables. Here the case of functions with 2k variables (this number is especially relevant in computer applications) and generated by a single monomial is examined in detail, and in particular a formula for the number of classes is proved. Keywords Patterns

Boolean functions · Rotation symmetry · Cubic function · Affine equivalence ·

Mathematics Subject Classification (2000)

94C10 · 94A15 · 06E30

Communicated by J. Jedwab. T. W. Cusick (B) Department of Mathematics, University at Buffalo, 244 Mathematics Building, Buffalo, NY 14260, USA e-mail: [email protected] Y. Cheon Department of Mathematics, Korea Army Academy at Yeong-Cheon, 135-9 ChangHa GoGyeong, YeongCheon City, GyeongBuk 770-849, Korea e-mail: [email protected]

123

Author's personal copy 274

T. W. Cusick, Y. Cheon

1 Introduction Boolean functions have many applications in coding theory and cryptography. A detailed account of the latter applications can be found in the book [3]. If we define Vn to be the vector space of dimension n over the finite field G F(2) = {0, 1}, then an n variable Boolean function f (x1 , x2 , . . . , xn ) = f (x) is a map from Vn to G F(2). Every Boolean function f (x) has a unique polynomial representation (usually called the algebraic normal form [3, p. 6]), and the degree of f is the degree of this polynomial. A function of degree ≤ 1 is called affine, and if the constant term is 0 such a function is called linear. We let Bn denote the set of all Boolean functions in n variables, with addition and multiplication done mod 2. If we list the 2n elements of Vn as v0 = (0, . . . , 0), v1 = (0, . . . , 0, 1), . . . in lexicographic order, then the 2n -vector ( f (v0 ), f (v1 ), . . . , f (v2n −1 )) is called the truth table of f . The weight (also called Hamming weight) wt ( f ) of f is defined to be the number of 1’s in the truth table for f . In many cryptographic uses of Boolean functions, it is important that the truth table of each function f has an equal number of 0’s and 1’s; in that case, we say that the function f is balanced. The distance d( f, g) between two Boolean functions f and g is defined by d( f, g) = wt ( f + g) where the polynomial addition is done mod 2. An important concept in cryptography is the nonlinearity N ( f ) defined by N ( f ) = min wt ( f + a). aaffine

We say a Boolean function f (x) in Bn is rotation symmetric if the algebraic normal form of the function is unchanged by any cyclic permutation of the variables x 1 , x2 , . . . , xn . In recent years, rotation symmetric functions have proven to be very useful in several areas of cryptography [3, pp. 108–118]. This has led to many papers which study different aspects of the theory of rotation symmetric functions. We say that two Boolean functions f (x) and g(x) in Bn are affine equivalent if g(x) = f (Ax + b), where A is an n by n nonsingular matrix over the finite field G F(2) and b is an n-vector over G F(2). We say f (Ax + b) is a nonsingular affine transformation of f (x). It is easy to see that if f and g are affine equivalent, then wt ( f ) = wt (g) and N ( f ) = N (g). We say that the weight and nonlinearity are affine invariants. One basic question is to decide when two Boolean functions f (x) and g(x) in Bn are affine equivalent. This question is nontrivial even for quadratic functions (see [1, Sect. 2], [2] and [4]). Very little progress was made on the much more difficult case of cubic functions until the notion of patterns was introduced [1, p. 8]. That paper considered only the simplest cubic Boolean functions, namely those generated by cyclic permutations of the variables in a single monomial. We shall consider the same type of function in this paper also. The next section gives the definitions and results from [1] which we will need. If a result from [1] has a proof longer than a few lines, we omit the proof and simply refer to [1].

2 Affine equivalence for cubic rotation symmetric Boolean functions Almost nothing is in the literature concerning affine equivalence for cubic rotation symmetric Boolean functions. We shall consider the simplest of such functions f , namely those generated by cyclic permutations of the variables in a single monomial. We shall call these

123

Author's personal copy Affine equivalence for rotation symmetric Boolean functions

275

cubic monomial rotation symmetric (MRS) functions. Thus for some j and k, 1 < j < k, we have f (x) = x1 x j xk + x2 x j+1 xk+1 + · · · + xn x j−1 xk−1 .

(1)

We shall use the notation (1, j, k) for the function f (x) in (1), no matter how the terms on the right-hand side are written (so the order of the terms, and of the 3 variables in each term, does not matter). If (1, j, k) is written in the form (1) (so the first subscripts in the n terms are 1, 2, . . . , n in order, and the other two subscripts in order each give cyclic permutations of 1, 2, . . . , n, as shown), we say f is written in standard form. Note we do not require j < k, so there are two ways to write f (x) in standard form. If we specify the representation of f (x) ((1, j, k) or (1, k, j)), then the standard form is unique. Clearly each subscript j, 1 ≤ j ≤ n, appears in exactly 3 of the terms in any representation of f (x); we shall call these three terms the j-terms of f . We shall use the notation [i, j, k] = xi x j xk

(2)

as shorthand for the monomial on the right-hand side; note that the order of the variables matters, so, for example, the 6 permutations of i, j, k give 6 different representations of form (2) for the same monomial xi x j xk . Remark 1 Because every term [i, j, k] can be written in 6 different ways, many of the proofs below will involve 6 different cases, which can be thought of as 3 pairs of cases. The same was true in [1]. As in [1], if some of the 6 cases require more than a very short argument, we will often distinguish the cases by labeling them A1, A2, B1, B2, C1 and C2. If n is divisible by 3, then the function (1, n3 + 1, 2n 3 + 1) is exceptional because then the representation (1) has only n3 distinct terms, because the three j-terms for any j are all the same, apart from the order of their factors. Thus for n ≡ 0 mod 3 the representation (1) reduces to a sum of only n3 terms. Because of this, we shall call (1, n3 + 1, 2n 3 + 1) the short cubic function in n variables. Our goal is to study the affine equivalence classes for cubic rotation symmetric functions (1, j, k). In order to do this, we need to be able to identify all of the distinct functions (1, j, k). We define Dn = {(1, j, k) :

j < k ≤ n, and every function (1, j, k) is represented by the triple 1, j, k with least j, and given that, with least k}.

Every cubic monomial rotation symmetric function f is equal to exactly one function (1, j, k) in Dn , but of course f is also equal to (1, p, q), where [1, p, q] is either of the other two 1-terms in (1, j, k). Clearly we can determine Dn by making a list of all of the functions (1, j, k) with 1 < j < k ≤ n in lexicographic order and standard form, and then crossing out any function in the list which has a 1-term appearing in any earlier function in the list. The number of distinct functions which remain after this is given in the following lemma (as usual, |S| denotes the number of elements in the set S). Lemma 1 If n ≡ 0 mod 3, then |Dn | = (n 2 −3n +6)/6. Otherwise, |Dn | = (n 2 −3n +2)/6. Proof An equivalent formula was first computed by St˘anic˘a and Maitra [5, p. 302]. A direct counting proof is also possible. The “extra” function when n ≡ 0 mod 3 is the short function (1, n3 + 1, 2n 3 + 1), which is the last function produced when Dn is determined by the method above.

123



Remark 2 Capital mod notation. Throughout the paper the “capital mod” notation a Mod n means the unique integer b in {1, 2, . . . , n} such that b ≡ a mod n. Remark 3 Least representative. The “least representative” of an affine equivalence class is just the least function from Dn in the class, using the lexicographic ordering of the functions in Dn . We define the notion of pattern for any term [i, j, k]. The pattern of [i, j, k] is the integer vector ( j − i Mod n; k − i Mod n; k − j Mod n).

(3)

The semicolons in (3) distinguish a pattern from a function (i, j, k). When the modulus n is clear, we shall omit the Mod n in the notation (3). Every term [i, j, k] has 6 patterns (a; b; c), one for each of the orderings of the triple i, j, k. Lemma 2 Each function (1, j, k) in standard form has a unique pattern ( j − 1 Mod n; k − 1 Mod n; k − j Mod n), which is the same for all of the n terms [u, v, w] in the standard form of the function. Proof This is obvious since in the standard form (1) the subscripts in each term are obtained by adding 1 to each of the corresponding subscripts in the preceding term. Lemma 3 Suppose (1, j, k) in standard form and (1, p, q) are cubic monomial rotation symmetric functions in n variables. If μ((1, j, k)) = (1, p, q) for some permutation μ of the n variables, then all of the terms [μ(i), μ(i + j − 1), μ(i + k − 1)], 1 ≤ i ≤ n

(4)

can be rearranged to give a standard form of the function (1, p, q). All of these rearranged terms will have the same pattern. Proof We can order the terms in (4), permuting their entries as necessary, to get the function (1, p, q) in standard form. Then Lemma 3 follows from Lemma 2. We say a permutation σ of the n variables in a cubic function preserves rotation symmetry if, given any cubic MRS function f in Bn , σ ( f ) is also rotation symmetric. Our next theorem shows that if two cubic MRS functions in Bn are affine equivalent via a permutation of variables which preserves rotation symmetry, then there is a computationally efficient method to find such a permutation, even one with the extra property that the permutation fixes 1. The theorem is also true for more general permutations (not necessarily preserving rotation symmetry), but we do not need these permutations and the proof is more complicated, so we omit it. In applications using rotation symmetric functions, functions which do not have rotation symmetry are usually of no interest, so the permutations which preserve rotation symmetry are the only important ones. Before stating the theorem, it is useful to have a characterization of the permutations which preserve rotation symmetry. The next lemma gives this; note that the characterization is equivalent to (7) in the theorem below. There is no loss of generality in taking n > 4 in the next lemma and theorem, since the cases for smaller n are trivial. Lemma 4 A permutation μ preserves rotation symmetry for cubic MRS functions in n > 4 variables if and only if μ(i) = (i − 1)(μ(2) − 1) + 1 Mod n, 1 ≤ i ≤ n.

123

(5)


277

Proof See [1, Lemma 3.4].

Theorem 1 Suppose (1, j, k) in standard form and (1, p, q) are cubic monomial rotation symmetric functions in n > 4 variables. If μ((1, j, k)) = (1, p, q) for some permutation μ of the n variables which preserves rotation symmetry, then there exists a permutation σ such that σ ((1, j, k)) = (1, p, q), σ ([1, j, k]) = [1, pi , qi ] and σ (1) = 1, where [1, pi , qi ] (1 ≤ i ≤ 3) is one of the three 1-terms in (1, p, q). The pattern of the term [1, σ ( j), σ (k)] in σ ((1, j, k)) is (σ (2) − 1)( j − 1; k − 1; k − j),

(6)

where gcd(σ (2) − 1, n) = 1. Furthermore, σ satisfies σ (i) = (i − 1)(σ (2) − 1) + 1 Mod n, 1 ≤ i ≤ n.

(7)

Proof See [1, Theorem 3.5]. Let στ,n = στ denote the permutation defined by στ (i) = (i − 1)τ + 1 Mod n for i = 1, 2, . . . , n, where we assume gcd(τ, n) = gcd(στ (2) − 1, n) = 1. Then we have gcd(στ ( j) − 1, n) = gcd(( j − 1)τ, n) = 1 if and only if gcd( j − 1, n) = 1. Since στ σδ = σδ στ = στ δ for any δ with gcd(δ, n) = 1, we see that G n defined by G n = {στ,n : gcd(τ, n) = 1} is a group with the group operation of permutation composition. Theorem 2 The group G n is isomorphic to the group Un of units of Z∗n given by Un = {k : gcd(k, n) = 1} with group operation multiplication mod n. Proof The bijection στ ↔ τ is a group isomorphism.

Theorem 3 The group G n acts on the set Cn = {cubic M R S f unctions f (x) in n variables} by the definition στ,n ( f (x)) = στ,n ((1, j, k))

(8)

where f (x) has the unique standard form (1, j, k) in Dn . The orbits for this group action are exactly the affine equivalence classes for Cn under permutations which preserve rotation symmetry.

123



Proof The group action is defined by στ ([a, b, c]) = [στ (a), στ (b), στ (c)] for each term [a, b, c] in (1, j, k). It follows from Theorem 1 that if any cubic MRS function f (x) = (1, j, k) in standard form is affine equivalent to any cubic MRS function g(x) = (1, p, q) by a permutation which preserves rotation symmetry, then there exists a permutation στ,n in G n such that στ,n ((1, j, k)) = (1, p, q). Now the fact that the orbits are exactly the affine equivalence classes under permutations which preserve rotation symmetry follows from Lemmas 2 and 3. Theorem 4 For n ≥ 6, the group G n of order ϕ(n) is the smallest group whose action (8) gives the equivalence classes of Cn under permutations which preserve rotation symmetry.

Proof See [1, Theorem 3.11].

Remark 4 In [1, Remark 3.9] it is conjectured that if two cubic MRS functions in Bn are affine equivalent, then there is a permutation of the n variables which gives the equivalence. Computations quoted there verify the conjecture for n ≤ 32. If true, this conjecture implies that no two functions in different equivalence classes as given in Theorem 3 can be affine equivalent under any affine map which is not a permutation. The corresponding conjecture for quadratic functions was proved in [1, Theorem 2.7], but that proof does not extend to the much more complex cubic case. We believe that the proof of the conjecture in the cubic case will be difficult. 3 Equivalence classes for n = 2 k If the number of variables is a power of 2, then we can obtain a very detailed description of the equivalence classes. We begin with a few preliminary lemmas. We assume throughout this section that n denotes the number of variables for our cubic MRS functions. We shall use the notation (1, r, s) ≡ (1, a, b) to mean that the functions (1, r, s) and (1, a, b) in n variables are in the same affine equivalence class. Lemma 5 If n = 2k for k > 3, then σ3 fixes exactly 3 functions, namely f 1 and the functions in R1 , where f 1 = (1, 2k−2 + 1, 2k−1 + 1), R1 = {(1, 2k−3 + 1, 3 · 2k−3 + 1), (1, 2k−3 + 1, 6 · 2k−3 + 1)} in Dn . Proof Let στ be defined by στ (i) = (i − 1)τ + 1 Mod n for i = 1, 2, . . . , n If σ3 fixes (1, r, s) we have [1, r, s] = [1, 3r − 2, 3s − 2] or [1, 3(s − r ) + 1, n − 3r + 4] or [1, n − 3s + 4, n − 3(s − r ) + 1].

(9)

In the first case in (9) we have either r ≡ 3r −2 mod n and s ≡ 3s −2 mod n so r ≡ s ≡ 1 mod 2k−1 , which is impossible (we cannot have r ≡ s mod n, so we must have (assume r < s) r ≡ 2k−1 + 1 and s ≡ 2k + 1 ≡ 1 mod n (impossible) ); or r ≡ 3s − 2 mod n and s ≡ 3r − 2 mod n , which implies r ≡ s ≡ 1 mod 2k−3 , say r ≡ a · 2k−3 + 1 and s ≡ b · 2k−3 + 1. Now plugging in to the two congruences we get a ≡ 3b mod 8

123


279

and b ≡ 3a mod 8. This gives 4 cases; {a, b} is {1, 3} or {2, 6} or {4, 4} or {5, 7}. The first case is the function (1, 2k−3 + 1, 3 · 2k−3 + 1) in R1 . The second case is the function (1, 2 · 2k−3 + 1, 6 · 2k−3 + 1) ≡ (1, 2 · 2k−3 + 1, 4 · 2k−3 + 1) = f 1 (by adding 2 · 2k−3 ). The third case is impossible since it gives r ≡ s mod n. The fourth case is the function (1, 5 · 2k−3 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 6 · 2k−3 + 1) in R1 . In the second case in (9) we have either r ≡ 3s −3r +1 mod n and s ≡ −3r +4 mod n, so r ≡ s ≡ 1 mod n, which is impossible; or r ≡ −3r + 4 mod n and s ≡ 3s − 3r + 1 mod n, which implies r ≡ 1 mod 2k−2 , say r ≡ a · 2k−2 + 1. We consider a = 1 or 2 or 3. When a = 1, we have 2s ≡ 3 · 2k−2 + 2 mod 2k , so s ≡ 3 · 2k−3 + 1 mod 2k−1 , and we get (1, r, s) = (1, 2k−2 +1, 3·2k−3 +1) ≡ (1, 2k−3 +1, 6·2k−3 +1) (by adding 2k −2k−2 ), which is in R1 ; or we get (1, r, s) = (1, 2k−2 +1, 2k−1 +3·2k−3 +1) ≡ (1, 2k−3 +1, 3·2k−3 +1) (by adding 2k−3 ), which is in R1 . When a = 2, we have 2s ≡ 2k−1 + 2 mod 2k , which implies s ≡ 2k−2 + 1 mod 2k−1 , so we get (1, 2k−1 + 1, 2k−2 + 1), which is f 1 ; or we get (1, 2k−1 + 1, 2k−1 + 2k−2 + 1) ≡ (1, 2k−1 + 1, 2k−2 + 1) = f 1 (by adding 2k − 2k−1 ). When a = 3, we have s ≡ 2k−3 +1 mod 2k−1 , so we get (1, 3·2k−2 +1, 2k−3 +1) ≡ (1, 2k−3 +1, 6·2k−3 +1), which is in R1 ; or we get (1, 3 · 2k−2 + 1, 2k−1 + 2k−3 + 1) ≡ (1, 2k−3 + 1, 3 · 2k−3 + 1), which is in R1 . The third case in (9) is the same as the second case with r and s interchanged, so by the arguments above we again get either a contradiction or (1, r, s) equal to f 1 or to a function in R1 . Therefore σ3 fixes exactly 3 functions. Lemma 6 If n = 2k for k > 3, then σ5 fixes exactly 3 functions, namely f 1 and the functions in R2 , where f 1 = (1, 2k−2 + 1, 2k−1 + 1), R2 = {(1, 2k−3 + 1, 4 · 2k−3 + 1), (1, 2k−3 + 1, 5 · 2k−3 + 1)} in Dn . Proof Let στ be defined by στ (i) = (i − 1)τ + 1 Mod n for i = 1, 2, . . . , n If σ5 fixes (1, r, s) we have [1, 5r − 4, 5s − 4] = [1, r, s] or [1, (s − r ) + 1, n − r + 2] or [1, n − s + 2, n − (s − r ) + 1].

(10)

In the first case in (10), one possibility is 5r − 4 ≡ r mod n and 5s − 4 ≡ s mod n so r ≡ s ≡ 1 mod 2k−2 , say r ≡ a · 2k−2 + 1, s ≡ b · 2k−2 + 1, so the possible pairs (a, b) are (1, 2), (1, 3), (2, 3). When (a, b) = (1, 2), we get (1, 2k−2 + 1, 2 · 2k−2 + 1) = f 1 . When (a, b) = (1, 3), we get (1, 2k−2 + 1, 3 · 2k−2 + 1) ≡ (1, 2k−1 + 1, 2k−2 + 1), which is f 1 . When (a, b) = (2, 3), we get (1, 2 · 2k−2 + 1, 3 · 2k−2 + 1) ≡ (1, 2k−1 + 1, 2k−2 + 1), which is f 1 . The other possibility for the first case in (10) is 5r − 4 ≡ s mod n and 5s − 4 ≡ r mod n , which implies r ≡ s ≡ 1 mod 2k−3 , say r ≡ a · 2k−3 + 1 and s ≡ b · 2k−3 + 1. Now plugging in to the two congruences we get a ≡ 5b mod 8 and b ≡ 5a mod 8. This gives 5 cases; {a, b} is {1, 5} or {2, 2} or {3, 7} or {4, 4} or {6, 6}. The first case is the function (1, 2k−3 + 1, 5 · 2k−3 + 1) in R2 . The third case is the function (1, 3 · 2k−3 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 4 · 2k−3 + 1) (by adding 2k−3 ) in R2 . The other cases are impossible since they give r ≡ s mod n. In the second case in (10) we have either 5r −4 ≡ −s −r +1 mod n and 5s −4 ≡ −r +2 mod n, which implies s ≡ 1 mod n (impossible), or we have 5r − 4 ≡ −r + 2 mod n and 5s − 4 ≡ s − r + 1 mod n. This implies r ≡ 1 mod 2k−1 , so 4s ≡ 2k−1 + 4 mod 2k and s ≡ 2k−3 + 1 mod 2k−2 . We get 4 choices for s. The first two choices give (1, 2k−1 +

123



1, 2k−3 + 1) ≡ (1, 3 · 2k−3 + 1, 7 · 2k−3 ) (by adding 2k − 2k−3 ) ≡ (1, 2k−3 + 1, 4 · 2k−3 + 1), which is in R2 and (1, 2k−1 + 1, 2k−2 + 2k−3 + 1) ≡ (1, 2k−3 + 1, 5 · 2k−3 + 1) (by adding 2k − 3 · 2k−3 ), which is in R2 . The second two choices give (1, 2k−1 + 1, 2k−1 + 2k−3 + 1) ≡ (1, 3 · 2k−3 + 1, 7 · 2k−3 + 1) (by adding 2k − 5 · 2k−3 ; this is the same function as in the first choice) and (1, 2k−1 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 5 · 2k−3 + 1) (by adding 2k − 3), which is in R2 . The third case in (10) is the same as the second case with r and s interchanged, so the arguments above for the second case apply. Therefore σ5 fixes exactly 3 functions. Note that σn−3 fixes f 1 and R2 and σn−5 fixes f 1 and R1 . Lemma 7 If n = 2k for k > 3, then there is a unique equivalence class of size 1, and it has representative f 1 = (1, 2k−2 + 1, 2k−1 + 1) in Dn . Proof By Lemmas 5 and 6, f 1 is the only function fixed by all permutations for all n = 2k . Lemma 8 Suppose n = 2k and f = (1, r, s) is in an equivalence class of size 2 j = v( j), say, for 1 ≤ j ≤ k − 2. Then for every τ not divisible by 2 we have (r − 1)τ v( j) + 1 ≡ r

mod 2k and (s − 1)τ v( j) + 1 ≡ s

mod 2k

(11)

and r ≡ s ≡ 1 mod 2k− j−2 .

(12)

Proof Our hypotheses imply that for every τ not divisible by 2 we have στv (1, r, s) = (1, (r − 1)τ v + 1, (s − 1)τ v + 1) = (1, r, s)

(13)

with v = v( j) = and for at least one τ (13) is not true for any v such that 0 < v < v( j). Equation (13) gives six cases A1, A2, B1, B2, C1 and C2. Equation (11) simply says that Case A1 applies, so we shall show (12) is true in Case A1 and that none of the other cases are possible. In Case A1 the first congruence in (11) gives (τ v( j) − 1)r ≡ τ v( j) − 1 mod 2k , which implies r ≡ 1 mod 2k− j−2 since 2j

τ v( j) ≡ 1 mod 2 j+1 by Euler’s theorem, and since j

(τ 2 )2 ≡ τ 2

j+1

≡ 1 mod 2 j+2 , this implies τ v( j) ≡ 1

mod 2 j+2 .

(14)

Similarly, the second congruence in (11) gives s ≡ 1 mod 2k− j−2 , so (12) holds. Case A2 gives τ v( j) r − (τ v( j) − 1) ≡ s mod 2k and τ v( j) s − (τ v( j) − 1) ≡ r mod 2k . Substituting the second congruence into the first gives (τ 2v( j) − 1)s ≡ (τ 2v( j) − 1) mod 2k , which implies s ≡ 1 mod 2k− j−2 by (14). By symmetry also r ≡ 1 mod 2k− j−2 , so if we put r = a · 2k− j−2 + 1 and s = b · 2k− j−2 + 1, say, then the first congruence implies a ≡ b mod 2 j+2 . This gives r ≡ s mod 2k , which is impossible. Case B1 gives τ v( j) r −(τ v( j) −1) ≡ s −r +1 mod 2k and τ v( j) s −(τ v( j) −1) ≡ −r +2 mod 2k . The first congruence gives s ≡ (τ v( j) + 1)r − τ v( j)

mod 2k ,

and substituting this into the second congruence gives (τ 2v( j) + τ v( j) + 1)r ≡ τ 2v( j) + τ v( j) + 1

123

mod 2k .

(15)


281

Since 2 does not divide τ and τ 2v( j) + τ v( j) + 1 is odd, (15) gives r ≡ 1 mod 2k , which is impossible. Case B2 gives τ v( j) r −(τ v( j) −1) ≡ −r +2 mod 2k and τ v( j) s −(τ v( j) −1) ≡ s −r +1 mod 2k , and the first congruence implies (τ v( j) + 1)r ≡ τ v( j) + 1 mod 2k . This gives r ≡ s ≡ 1 mod 2k−1 , since τ v( j) + 1 ≡ 2 mod 2 j+2 by (14), and then this gives s ≡ 1 mod 2k , which is impossible. Cases C1 and C2 are the same as cases B2 and B1, respectively, with r and s interchanged, so by the arguments above these cases are also impossible. Lemma 9 For n > 3, the function (1, 2, 3) is always in an affine equivalence class of size ϕ(n)/2. The identity e and σn−1 are the only elements of G n which fix the functions in this class. Proof This lemma applies even if n is not of the form 2k . For the convenience of the reader, we repeat the proof from [1, Lemma 4.4]. We have σn−1 ( (1, 2, 3) ) = (1, n, n − 1) = (1, 2, 3), so σn−1 fixes (1, 2, 3). Since G n is Abelian, this means σn−1 fixes all of the elements in the equivalence class of (1, 2, 3). Now suppose that for some τ relatively prime to n we have στ ( (1, 2, 3) ) = (1, τ + 1, 2τ + 1) = (1, 2, 3). This means that the term [1, τ + 1, 2τ + 1] satisfies [1, τ + 1, 2τ + 1] = [1, 2, 3] or [1, 2, n] or [1, n − 1, n].

(16)

In the first case in (16) we have either τ + 1 ≡ 2 mod n and 2τ + 1 ≡ 3 mod n (so τ = 1 and σ1 = e) or τ + 1 ≡ 3 mod n and 2τ + 1 ≡ 2 mod n (so τ = 2 and 3 ≡ 0 mod n, which gives n = 3). In the second case in (16) we have either τ + 1 ≡ 2 mod n and 2τ + 1 ≡ 0 mod n (so τ = 1 and 3 ≡ 0 mod n, which gives n = 3) or τ + 1 ≡ 0 mod n and 2τ + 1 ≡ 2 mod n (so τ = n − 1 and 3 ≡ 0 mod n, which gives n = 3). In the third case in (16) we have either τ + 1 ≡ n − 1 mod n and 2τ + 1 ≡ 0 mod n (so τ = n − 2 and 3 ≡ 0 mod n, which gives n = 3) or τ + 1 ≡ 0 mod n and 2τ + 1 ≡ n − 1 mod n (so τ = n − 1; we already saw that σn−1 fixes (1, 2, 3)). Thus there are exactly two elements of G n which fix (1, 2, 3), that is, the stabilizer of (1, 2, 3) has order 2. Since |G n | = ϕ(n), by elementary group theory the orbit of (1, 2, 3) (which is the same as its equivalence class) has length ϕ(n)/2. Lemma 10 For n = 2k , k > 2, the function (1, 2, 2k−1 ) is always in an affine equivalence class of size ϕ(n)/2. The identity e and σ2k−1 −1 are the only elements of G n which fix the functions in this class. Proof We have σ2k−1 −1 ( (1, 2, 2k−1 ) ) = (1, 2, 2k−1 ), so σ2k−1 −1 fixes (1, 2, 2k−1 ). Since G n is Abelian, this means σ2k−1 −1 fixes all of the elements in the equivalence class of (1, 2, 2k−1 ). Now suppose that for some τ relatively prime to n we have στ ( (1, 2, 2k−1 ) ) = (1, τ + 1, (2k−1 − 1)τ + 1) = (1, 2, 2k−1 ). This means that the term [1, τ + 1, (2k−1 − 1)τ + 1] satisfies [1, τ + 1, (2k−1 − 1)τ + 1] = [1, 2, 2k−1 ] or [1, 2k−1 − 1, n] or [1, 2k−1 + 2, 2k−1 + 3].

(17)

In the first case in (17) we have either τ + 1 ≡ 2 mod n and (2k−1 − 1)τ + 1 ≡ 2k−1 mod n (so τ = 1 and σ1 = e) or τ + 1 ≡ 2k−1 mod n and (2k−1 − 1)τ + 1 ≡ 2 mod n

123



(so τ = 2k−1 − 1; we already saw that σ2k−1 −1 fixes (1, 2, 2k−1 )). In the second case in (17) we have either τ + 1 ≡ 2k−1 − 1 mod n and (2k−1 − 1)τ + 1 ≡ 0 mod n (so τ = 2k−1 − 2 and 2k−1 + 3 ≡ 0 mod n, which is impossible, since 2k−1 + 3 is odd.) or τ +1 ≡ 0 mod n and (2k−1 −1)τ +1 ≡ 2k−1 −1 mod n (so τ = n −1 and 3 ≡ 0 mod n, which gives n = 3). In the third case in (17) we have either τ + 1 ≡ 2k−1 + 2 mod n and (2k−1 − 1)τ + 1 ≡ 2k−1 + 3 mod n (so τ = 2k−1 + 1 and 2k−1 + 3 ≡ 0 mod n, which is impossible) or τ + 1 ≡ 2k−1 + 3 mod n and (2k−1 − 1)τ + 1 ≡ 2k−1 + 2 mod n (so τ = 2k−1 + 2 and 4 ≡ 0 mod n, which gives n = 4). Thus there are exactly two elements of G n which fix (1, 2, 2k−1 ), that is, the stabilizer of (1, 2, 2k−1 ) has order 2. Since |G n | = ϕ(n), by elementary group theory the orbit of (1, 2, 2k−1 ) (which is the same as its equivalence class) has length ϕ(n)/2 = 2k−2 . Lemma 11 For n = 2k , k > 2, the function (1, 2, 2k−1 + 1) is always in an affine equivalence class of size ϕ(n)/2. The identity e and σ2k−1 +1 are the only elements of G n which fix the functions in this class. Proof We have σ2k−1 +1 ( (1, 2, 2k−1 + 1) ) = (1, 2k−1 + 1, 2k−1 + 2) = (1, 2, 2k−1 + 1), so σ2k−1 +1 fixes (1, 2, 2k−1 + 1). Since G n is Abelian, this means σ2k−1 +1 fixes all of the elements in the equivalence class of (1, 2, 2k−1 + 1). Now suppose that for some τ relatively prime to n we have στ ( (1, 2, 2k−1 + 1) ) = (1, τ + 1, 2k−1 τ + 1) = (1, 2, 2k−1 + 1). This means that the term [1, τ + 1, 2k−1 τ + 1] satisfies [1, τ +1, 2k−1 τ + 1] = [1, 2, 2k−1 +1] or [1, 2k−1 , n] or [1, 2k−1 +1, 2k−1 + 2]. (18) In the first case in (18) we have either τ + 1 ≡ 2 mod n and 2k−1 τ + 1 ≡ 2k−1 + 1 mod n (so τ = 1 and σ1 = e) or τ + 1 ≡ 2k−1 + 1 mod n and 2k−1 τ + 1 ≡ 2 mod n (so τ = 2k−1 and 1 ≡ 0 mod n, which gives n = 1). In the second case in (18) we have either τ + 1 ≡ 2k−1 mod n and 2k−1 τ + 1 ≡ 0 mod n (so τ = 2k−1 − 1 and 2k−1 + 1 ≡ 0 mod n, which is impossible, since 2k−1 + 1 is odd) or τ + 1 ≡ 0 mod n and 2k−1 τ + 1 ≡ 2k−1 mod n (so τ = n − 1 and 1 ≡ 0 mod n, which gives n = 1). In the third case in (18) we have either τ + 1 ≡ 2k−1 + 1 mod n and 2k−1 τ +1 ≡ 2k−1 + 2 mod n (so τ = 2k−1 and 2k−1 +1 ≡ 0 mod n, which is impossible) or τ + 1 ≡ 2k−1 + 2 mod n and 2k−1 τ + 1 ≡ 2k−1 + 1 mod n (so τ = 2k−1 + 1; we already saw that σ2k−1 +1 fixes (1, 2, 2k−1 + 1)). Thus there are exactly two elements of G n which fix (1, 2, 2k−1 + 1), that is, the stabilizer of (1, 2, 2k−1 + 1) has order 2. Since |G n | = ϕ(n), by elementary group theory the orbit of (1, 2, 2k−1 + 1) (which is the same as its equivalence class) has length ϕ(n)/2 = 2k−2 . Lemma 12 If n = 2k for k > 3, then every function (1, 2, u) is in an equivalence class of size 2k−2 or 2k−1 . The only equivalence classes containing a function (1, 2, u) and of size 2k−2 are the three classes whose least representatives are (1, 2, 3), (1, 2, 2k−1 ) and (1, 2, 2k−1 + 1). Proof Since |G n | = 2k−1 , every equivalence class has a size which divides 2k−1 . Now suppose that for some τ relatively prime to n we have στ ( (1, 2, u) ) = (1, τ + 1, (u − 1)τ + 1) = (1, 2, u)

123

(19)


283

This means that the term [1, τ + 1, (u − 1)τ + 1] satisfies [1, τ + 1, (u − 1)τ + 1] = [1, 2, u] or [1, u − 1, n] or [1, n − u + 2, n − u + 3]

(20)

We need to consider six cases in (20). In the first case, we have τ + 1 ≡ 2 and (u − 1)τ + 1 ≡ u, so τ ≡ 1 and (19) holds for every u. If (19) holds only for τ ≡ 1, then (1, 2, u) is in an equivalence class of size 2k−1 . By considering the remaining 5 cases in (20), we show that this is true except for the functions with u = 3, 2k−1 or 2k−1 + 1 and other functions (1, 2, v) which are equivalent to one of these three. In the second case, we have τ + 1 ≡ u mod n and (u − 1)τ + 1 ≡ 2 mod n, so τ 2 ≡ 1 mod 2k , which implies that τ ≡ 1, n − 1, 2k−1 − 1 or 2k−1 + 1. If τ ≡ 1, then u ≡ 2 (contradiction). If τ ≡ n − 1, then u ≡ n and (1, 2, n) ≡ (1, 2, 3) (which has class size 2k−2 ). If τ ≡ 2k−1 − 1, then u ≡ 2k−1 and (1, 2, 2k−1 ) (which has class size 2k−2 ). If τ ≡ 2k−1 + 1, then u ≡ 2k−1 + 2 and (1, 2, 2k−1 + 2) which has class size 2k−2 because (1, 2, 2k−1 + 2) is equivalent to (1, 2, 2k−1 + 1). In the third case, we have τ + 1 ≡ u − 1 and (u − 1)τ + 1 ≡ n, so τ 2 + τ + 1 ≡ 0 mod 2 (which is impossible, since τ 2 + τ + 1 is odd). In the fourth case, we have τ + 1 ≡ n and (u − 1)τ + 1 ≡ u − 1, so 2u ≡ 3 mod 2 (which is impossible). In the fifth case, we have τ + 1 ≡ n − u + 2 and (u − 1)τ + 1 ≡ n − u + 3, so τ 2 + τ + 1 ≡ 0 mod 2 (which is impossible). In the sixth case, we have τ + 1 ≡ n − u + 2 mod n and (u − 1)τ + 1 ≡ n − u + 3 mod n, so τ 2 ≡ 1 mod 2k . This implies that τ ≡ 1, n − 1, 2k−1 − 1 or 2k−1 + 1. If τ ≡ 1, then u ≡ 1 (contradiction). If τ ≡ n − 1, then u ≡ 3 and (1, 2, 3) which has class size 2k−2 . If τ ≡ 2k−1 − 1, then u ≡ 2k−1 + 3. We get (1, 2, 2k−1 + 3) which has class size 2k−2 because (1, 2, 2k−1 + 3) is equivalent to (1, 2, 2k−1 ). Finally, if τ ≡ 2k−1 + 1, then u ≡ 2k−1 + 1 and we get (1, 2, 2k−1 + 1), which has class size 2k−2 . Lemma 13 Suppose gk = (1, r, s) with s > r is a function in 2k variables and gk−1 = (1, [r/2] + 1, [s/2] + 1) is a function in 2k−1 variables. Then gk belongs to an equivalence class of size v( j) = 2 j for some j, 1 ≤ j ≤ k − 3, if and only if gk−1 belongs to an equivalence class of the same size v( j). Proof First we suppose gk has 2k variables and belongs to an equivalence class of size v( j). By Lemma 8, (11) and (12) hold for the given j, so it follows that if τ ≡ 0 mod 2, then (τ v( j) − 1)(r − 1)/2 ≡ 0

mod 2k−1 and (τ v( j) − 1)(s − 1)/2 ≡ 0

mod 2k−1

(21)

Clearly (21) is equivalent to saying that if τ ≡ 0 mod 2, then the function h k−1 = (1, (r + 1)/2, (s + 1)/2) in 2k−1 variables satisfies στv( j) (1, (r + 1)/2, (s + 1)/2) = (1, τ v( j) (r − 1)/2 + 1, τ v( j) (s − 1)/2 + 1) = (1, (r + 1)/2, (s + 1)/2)

(22)

(the second equality follows from (21)). Since h k−1 = gk−1 by (12), (22) shows that the equivalence class of gk−1 has size ≤ v( j). If (22) were true with v( j) replaced by some proper divisor of v( j), then (21) would also be true with that replacement, contradicting our hypothesis that the class of gk has size v( j). Thus the class of gk−1 must have size v( j). For the converse, we assume gk−1 in 2k−1 variables belongs to an equivalence class of size v( j), 1 ≤ j ≤ k − 3. Then reversing the above argument shows that gk in 2k variables belongs to an equivalence class of the same size v( j). Lemma 14 If n = 2k for k ≥ 3, there are 2k − 3 functions of the form (1, 2, u) in Dn , namely those with 3 ≤ u ≤ 2k − 1.

123



Proof The function (1, 2, v) for v ≥ 3 satisfies (1, 2, v) = (1, v − 1, 2k ) = (1, 2k − v + 2, 2k − v + 3). When we form Dn by looking at the functions (1, 2, v) in order for v = 3, 4, . . ., clearly no 1-term for a function (1, 2, v) can appear as a 1-term for any function (1, 2, w) with w < v until we get to v = 2k , when (1, 2, 2k ) = (1, 2, 3). Thus all of the functions (1, 2, u) with 3 ≤ u ≤ 2k − 1 are in Dn . We remind the reader that the notation (1, r, s) ≡ (1, a, b) means that the functions (1, r, s) and (1, a, b) in n variables are in the same affine equivalence class. Lemma 15 For n = 2k for k ≥ 3, Dn contains exactly 5 functions (1, 2, u) in n variables which are in any class of size 2k−2 . The classes have least representatives (1, 2, 3) (this class contains only one function (1, 2, u)), (1, 2, 2k−1 ) (this class contains only one other function (1, 2, u), with u = 2k−1 + 3) and (1, 2, 2k−1 + 1) (this class contains only one other function (1, 2, u), with u = 2k−1 + 2). Proof By Lemma 12, the only equivalence classes containing a function (1, 2, u) and of size 2k−2 are the three classes whose least representatives are (1, 2, 3), (1, 2, 2k−1 ) and (1, 2, 2k−1 + 1). By Lemma 9, the only nonidentity element of G n which fixes the elements in the class containing (1, 2, 3) is σn−1 . Hence if some function (1, 2, j) belongs to the class of (1, 2, 3), we have σn−1 (1, 2, j) = (1, n − j + 2, n) = (1, 2, j). The function (1, 2, j) satisfies (1, 2, j) = (1, j − 1, n) = (1, n − j + 2, n − j + 3),

(23)

so we have three possibilities: If (1, n − j + 2, n) = (1, 2, j), then either j = n (so (1, 2, j) = (1, 2, 3)) or 2 ≡ n mod n (impossible). If (1, n − j + 2, n) = (1, j − 1, n) then n − j + 2 ≡ j − 1 mod n and 2 j ≡ 1 mod n (impossible). If (1, n − j + 2, n) = (1, n − j + 2, n − j + 3), then j = 3. Thus the class of (1, 2, 3) contains just one function of form (1, 2, j). By Lemma 10, the only nonidentity element of G n which fixes the elements in the class containing (1, 2, 2k−1 ) is σ2k−1 −1 . Hence if some function (1, 2, j) belongs to the class of (1, 2, 2k−1 ), we have σ2k−1 −1 (1, 2, j) = (1, 2k−1 , ( j − 1)(2k−1 − 1) + 1) = (1, 2, j). The function (1, 2, j) satisfies Eq. 23, so we have three possibilities: If (1, 2k−1 , ( j − 1) (2k−1 − 1) + 1) = (1, 2, j), then either j = 2k−1 (so (1, 2, j) = (1, 2, 2k−1 )) or 2 ≡ 2k−1 mod n (impossible). If (1, 2k−1 , ( j −1)(2k−1 −1)+1) = (1, j −1, n), then 2k−1 = n (impossible) or 2k−1 ≡ j −1 mod n (now j = 2k−1 +1 implies 2k−1 +1 ≡ n, which is impossible). If (1, 2k−1 , ( j − 1)(2k−1 − 1) + 1) = (1, n − j + 2, n − j + 3), then 2k−1 = n − j + 2 (so j = 2k−1 + 2 implies 0 ≡ 2k−1 + 1 which is impossible) or 2k−1 = n − j + 3 (so (1, 2, j) = (1, 2, 2k−1 + 3) ≡ (1, 2, 2k−1 )). Thus the class of (1, 2, 2k−1 ) contains just two functions of form (1, 2, j). By Lemma 11, the only nonidentity element of G n which fixes the elements in the class containing (1, 2, 2k−1 + 1) is σ2k−1 +1 . Hence if some function (1, 2, j) belongs to the class of (1, 2, 2k−1 + 1), we have σ2k−1 +1 (1, 2, j) = (1, 2k−1 + 2, ( j − 1)(2k−1 + 1) + 1) = (1, 2, j).

123


285

The function (1, 2, j) satisfies (23), so we have three possibilities: If (1, 2k−1 + 2, ( j − 1)(2k−1 + 1) + 1) = (1, 2, j), then either j = 2k−1 + 2 (so (1, 2, j) = (1, 2, 2k−1 + 2) ≡ (1, 2, 2k−1 +1)) or 2 ≡ 2k−1 +2 mod n (impossible). If (1, 2k−1 +2, ( j −1)(2k−1 +1)+1) = (1, j − 1, n), then 2k−1 + 2 = n(impossible) or 2k−1 + 2 ≡ j − 1 mod n (now j = 2k−1 + 3 implies 2k−1 + 3 ≡ n, which is impossible). If (1, 2k−1 + 2, ( j − 1)(2k−1 + 1) + 1) = (1, n − j + 2, n − j + 3), then 2k−1 + 2 = n − j + 2 (so j = 2k−1 implies n ≡ 2k−1 + 3 which is impossible) or 2k−1 + 2 = n − j + 3 (so (1, 2, j) = (1, 2, 2k−1 + 1)). Thus the class of (1, 2, 2k−1 + 1) contains just two functions of form (1, 2, j). For the next lemma, if x is odd we use the notation x −1 to denote the solution y of the linear congruence x y ≡ 1 mod n. Lemma 16 For n = 2k , each class of size 2k−1 with a representative (1, 2, u) has exactly 4 functions of form (1, 2, v) in 2k variables. If u is odd, these four functions are (1, 2, u), (1, 2, n − u + 3), (1, 2, (u − 3)(u − 2)−1 ) and (1, 2, (2u − 3)(u − 2)−1 ). If u is even, these four functions are (1, 2, u), (1, 2, n − u + 3), (1, 2, u(u − 1)−1 ) and (1, 2, (2u − 3)(u − 1)−1 ). Proof We know the classes of size 2k−1 for n = 2k are mapped to themselves one-to-one by every στ with τ odd. We prove that for any odd τ and given value of u στ ((1, 2, u)) = (1, 2, v) is only possible for at most 4 values of v, and for any given u exactly 4 values of v occur as τ varies. Now suppose that for some odd τ we have στ (1, 2, u) = (1, τ + 1, (u − 1)τ + 1) = (1, 2, v). This means that the term [1, τ + 1, (u − 1)τ + 1] satisfies [1, τ + 1, (u − 1)τ + 1] = [1, 2, v] or [1, v − 1, n] or [1, n − v + 2, n − v + 3]. Case A1 gives τ + 1 ≡ 2 and (u − 1)τ + 1 ≡ v, so τ = 1 and u = v, which implies (1, 2, u) = (1, 2, v). Case A2 gives τ +1 ≡ v and (u −1)τ +1 ≡ 2, so τ = v −1 (this implies v is even and u is even) and v = u(u − 1)−1 , which implies (1, 2, u) ≡ (1, 2, u(u − 1)−1 ). Case B1 gives τ +1 ≡ v −1 and (u −1)τ +1 ≡ n, so τ = v −2 (this implies v is odd and u is even) and v = (2u − 3)(u − 1)−1 , which implies (1, 2, u) ≡ (1, 2, (2u − 3)(u − 1)−1 ). Case B2 gives τ + 1 ≡ n and (u − 1)τ + 1 ≡ v − 1, so τ = n − 1 and v = n − u + 3, which implies (1, 2, u) ≡ (1, 2, n − u + 3). Case C1 gives τ + 1 ≡ n − v + 2 and (u − 1)τ + 1 ≡ n − v + 3, so τ = n − v + 1 (this implies v is even and u is odd) and v = (u − 3)(u − 2)−1 , which implies (1, 2, u) ≡ (1, 2, (u − 3)(u − 2)−1 ). Case C2 gives τ + 1 ≡ n − v + 3 and (u − 1)τ + 1 ≡ n − v + 2, so τ = n − v + 2 (this implies v is odd and u is odd) and v = (2u − 3)(u − 2)−1 , which implies (1, 2, u) ≡ (1, 2, (2u − 3)(u − 2)−1 ). Combining our results above gives the assertions in the lemma. Lemma 17 If n = 2k for k > 3 and f = (1, i, j) with i < j is a function in n variables in an equivalence class of any size, then g = (1, i, n + i − j + 1) is a function in the same equivalence class for any i > 1. We have f = g if and only if neither i + 1 ≡ 2 j mod n nor j + 1 ≡ 2i mod n holds. Proof If f = (1, i, j) is in an equivalence class of size α, then for any odd τ we have στα (1, i, j) = (1, (i − 1)τ α + 1, ( j − 1)τ α + 1) = (1, i, j)

123



Also we can find some odd τ such that [1, (i − 1)τ α + 1, ( j − 1)τ α + 1] = [1, i, j], since some odd τ exists such that τ α = τ · τ α−1 ≡ 1 mod 2k , so (i − 1)τ α + 1 = i. Hence we have στα (1, i, n + i − j + 1) = (1, (i − 1)τ α + 1, (n + i − j)τ α + 1) = (1, i, n + i − j + 1) since (n + i − j)τ α + 1 = (n + {i − 1} − { j − 1})τ α + 1 =

nτ α + {(i − 1)τ α + 1} − {( j − 1)τ α + 1} + 1 = n + i − j + 1 (because i < j). Therefore, the function g = (1, i, n+i − j +1) is in the same equivalence class as f . If f = g, then (1, i, j) ≡ (1, n−i + j +1, n−i +2) = f = g = (1, i, n+i − j +1), so j ≡ n+i − j +1 mod n or n−i + j +1 ≡ i. This implies i +1 ≡ 2 j mod n or j +1 ≡ 2i mod n. If i +1 ≡ 2 j mod n or j +1 ≡ 2i mod n, then (1, i, n+i − j +1) ≡ (1, i, n+(2 j −1)− j +1) ≡ (1, i, j) or (1, i, n+i − j +1) ≡ (1, i, n+i −(2i −1)+1) ≡ (1, i, n−i +2) ≡ (1, i, 2i −1) ≡ (1, i, j). Lemma 18 If (1, 2, s) is a least representative for an equivalence class of size 2k−2 when n = 2k−1 , then (1, 3, 2s − 1) is a representative for an equivalence class of size 2k−2 when n = 2k . Each of these functions (1, 3, 2s − 1) is in a different equivalence class. Proof We assume (1, 2, s) is a least representative for an equivalence class of size 2k−2 when n = 2k−1 . By Lemma 17, we have 4 ≤ s ≤ 2k−2 + 1. Now suppose that for some odd τ we have στ2

k−2

((1, 2, s)) = (1, τ 2

k−2

+ 1, (s − 1)τ 2

k−2

+ 1) = (1, 2, s)

(24)

and this does not hold for any smaller power of στ . Then the function (1, 3, 2s − 1) in 2k variables satisfies στ2

k−2

((1, 3, 2s − 1)) = (1, 2τ 2

k−2

+ 1, (2s − 2)τ 2

k−2

+ 1) = (1, 3, 2s − 1),

(25)

2k−2

since from Eq. (14) we have τ ≡ 1 mod 2k . So Eq. (25) shows that (1, 3, 2s − 1) for k n = 2 is in an equivalence class of size ≤ 2k−2 . Now we observe that if (25) holds with 2k−2 replaced by a smaller power of 2, then (24) would hold for that smaller power also (contradiction to our assumption that (1, 2, s) is in a class of size 2k−2 for n = 2k−1 ). So (1, 3, 2s − 1) for n = 2k is in a class of size equal to 2k−2 , as we want. Also (1, 3, 2s − 1) is not equivalent to any one of (1, 2, 3), (1, 2, 2k−1 ), (1, 2, 2k−1 + 1) (which is easy to check, so we omit it). Next we want to show that if (1, 2, s) and (1, 2, t) are two representatives of different classes of size 2k−2 when n = 2k−1 , then (1, 3, 2s − 1) and (1, 3, 2t − 1) cannot be in the same equivalence class for n = 2k . Because (1, 2, s) and (1, 2, t) are in two different classes of size 2k−2 when n = 2k−1 , we have for all odd τ στ ((1, 2, s)) = (1, τ + 1, (s − 1)τ + 1) = (1, 2, t).

(26)

Now we must have στ ((1, 3, 2s − 1)) = (1, 2τ + 1, 2(s − 1)τ + 1) = (1, 3, 2t − 1) for all odd τ , since by (26), either τ + 1 ≡ 2 mod 2k−1 or (s − 1)τ + 1 ≡ t mod 2k−1 . This implies either 2τ + 1 ≡ 3 mod 2k or 2(s − 1)τ + 1 ≡ 2t − 1 mod 2k , so we get the result. In fact, we can show that the functions (1, 3, 2s − 1) in Lemma 18 are the least representatives in their equivalence classes, but we do not need this.

123


287

Theorem 5 Suppose n = 2k for some k > 3. Then E(2k ) = 2k−1 + k − 3.

(27)

There is at least one equivalence class of size d for every divisor d of φ(n) = 2k−1 , and there is exactly one equivalence class of size 1. There are 3 equivalence classes of size 2. If d = 2 j , 2 ≤ j ≤ k − 2, there are exactly 2 j−1 + 1 equivalence classes of size 2 j , and finally there are 2k−2 − 2 equivalence classes of size 2k−1 . Proof The assertions about the equivalence classes of sizes 1 and 2 are in Lemmas 7 and 19. We now prove the Theorem by induction. Suppose we have all the assertions in the Theorem for the cases n = 2 j−1 , 4 ≤ j ≤ k. We want to prove the case n = 2k . Computations verify the Theorem for k ≤ 6, so we assume n = 2k ≥ 27 . The induction hypothesis and Lemma 13 show that if d = 2 j , 2 ≤ j ≤ k − 3, then for n = 2k there are exactly 2 j−1 + 1 equivalence classes of size 2 j . Recall U ( j, k) = number of equivalence classes of size 2 j for n = 2k , then it remains to show that U (k − 2, k) = 2k−3 + 1 and U (k − 1, k) = 2k−2 − 2.

(28)

Recall that F(2k ) = |Dn | = (22k−1 − 3 · 2k−1 + 1)/3. By the induction hypothesis and Lemma 13 if we define Q = F(2k ) − F(2k−1 ) then we have Q = 22k−3 − 2k−2 = 2k−2 R + 2k−1 U (k − 1, k) where R = number of “extra” classes of size 2k−2 present for n = 2k Here “extra” means beyond the number 2k−3 − 2 which are provided by “lifting” classes of size 2k−2 for n = 2k−1 , using the induction hypothesis and Lemma 18. Thus R = U (k − 2, k) − (2k−3 − 2). By Lemmas 9, 10 and 11, we know that the three classes with least representatives (1, 2, 3), (1, 2, 2k−1 ) and (1, 2, 2k−1 + 1) are “extra” classes counted in R. Thus we must have R = 3 + 2t and U (k − 1, k) = 2k−2 − 2 − t for some integer t ≥ 0. By Lemma 12, every function for n = 2k of form (1, 2, u) is in an equivalence class of size k−2 2 or 2k−1 , and only the three “extra” classes mentioned above are of size 2k−2 and contain any element (1, 2, u). These three classes contain exactly 5 elements (1, 2, u) (Lemma 15) and every class of size 2k−1 which contains any elements (1, 2, u) contains exactly 4 such elements (Lemma 16). There are 2k − 3 elements (1, 2, u) in Dn (Lemma 14), so there are at least (2k − 3 − 5)/4 = 2k−2 − 2 classes of size 2k−1 (every one of these has exactly 4 elements (1, 2, u)). Hence U (k − 1, k) ≥ 2k−2 − 2, so t ≤ 0. This implies t = 0, so (28) holds. Below we give some lemmas which can be proved using the methods of this paper. If a proof is lengthy, we omit it. The next lemma gives a detailed description of the 3 equivalence classes of size 2 mentioned in Theorem 5. Note the sets R1 and R2 already occurred in Lemmas 5 and 6. Lemma 19 If n = 2k for k ≥ 3, then the 3 equivalence classes of size 2 are the sets {(1, 2k−3 + 1, 3 · 2k−3 + 1), (1, 2k−3 + 1, 6 · 2k−3 + 1)}, {(1, 2k−3 + 1, 4 · 2k−3 + 1), (1, 2k−3 + 1, 5 · 2k−3 + 1)}, {(1, 2k−3 + 1, 2 · 2k−3 + 1), (1, 2 · 2k−3 + 1, 5 · 2k−3 + 1)}, say R1 , R2 and R3 , respectively. Let S2 denote the union of these three sets.

123



Proof Recall f 1 = (1, 2k−2 + 1, 2k−1 + 1) from Lemma 7. We suppose that for some function (1, r, s) with r < s we have στ2 ( (1, r, s) ) = (1, (r − 1)τ 2 + 1, (s − 1)τ 2 + 1) = (1, r, s). We take τ = 3, and then it follows that [1, 9r − 8, 9s − 8] = [1, r, s] or [1, s − r + 1, 2k − r + 2] or [1, 2k − s + 2, 2k + r − s + 1]. Case A1 gives 9r − 8 ≡ r and 9s − 8 ≡ s and then r ≡ s ≡ 1 mod 2k−3 , say r ≡ a·2k−3 +1, s ≡ b·2k−3 +1. Then (a, b) has 21 possible cases: (1, 2), (1, 3), (1, 4), (1, 5), (1, 6), (1, 7), (2, 3), (2, 4), (2, 5), (2, 6), (2, 7), (3, 4), (3, 5), (3, 6), (3, 7), (4, 5), (4, 6, ), (4, 7), (5, 6), (5, 7), (6, 7). Obviously 6 cases are in S2 , so we consider the remaining 15 cases. When (a, b) = (1, 7), we get (1, 2k−3 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 2 · 2k−3 + 1) (by adding 2k−3 ), which is in R3 . When (a, b) = (2, 3), we get (1, 2·2k−3 +1, 3·2k−3 +1) ≡ (1, 2k−3 + 1, 6 · 2k−3 + 1) (by adding 6 · 2k−3 ), which is in R1 . When (a, b) = (2, 4), we get (1, 2 · 2k−3 + 1, 4 · 2k−3 + 1) ≡ (1, 2k−2 + 1, 2k−1 + 1), which is f 1 . When (a, b) = (2, 6), we get (1, 2·2k−3 +1, 6·2k−3 +1) ≡ (1, 2·2k−3 +1, 4·2k−3 +1) (by adding 2·2k−3 ), which is f 1 . When (a, b) = (2, 7), we get (1, 2 · 2k−3 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 3 · 2k−3 + 1) (by adding 2k−3 ), which is in R1 . When (a, b) = (3, 4), we get (1, 3·2k−3 +1, 4·2k−3 +1) ≡ (1, 2k−3 + 1, 5 · 2k−3 + 1) (by adding 5 · 2k−3 ), which is in R2 . When (a, b) = (3, 5), we get (1, 3·2k−3 +1, 5·2k−3 +1) ≡ (1, 2·2k−3 +1, 5·2k−3 +1) (by adding 5·2k−3 ), which is in R3 . When (a, b) = (3, 6), we get (1, 3 · 2k−3 + 1, 6 · 2k−3 + 1) ≡ (1, 2 · 2k−3 + 1, 5 · 2k−3 + 1) (by adding 2 · 2k−3 ), which is in R3 . When (a, b) = (3, 7), we get (1, 3 · 2k−3 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 4 · 2k−3 + 1) (by adding 2k−3 ), which is in R2 . When (a, b) = (4, 5), we get (1, 4 · 2k−3 + 1, 5 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 4 · 2k−3 + 1) (by adding 4 · 2k−3 ), which is in R2 . When (a, b) = (4, 6), we get (1, 4 · 2k−3 + 1, 6 · 2k−3 + 1) ≡ (1, 2 · 2k−3 + 1, 4 · 2k−3 + 1) (by adding 4 · 2k−3 ), which is f 1 . When (a, b) = (4, 7), we get (1, 4 · 2k−3 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 5 · 2k−3 + 1) (by adding 2k−3 ), which is in R2 . When (a, b) = (5, 6), we get (1, 5 · 2k−3 + 1, 6 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 3 · 2k−3 + 1) (by adding 3 · 2k−3 ), which is in R1 . When (a, b) = (5, 7), we get (1, 5 · 2k−3 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 6 · 2k−3 + 1) (by adding 2k−3 ), which is in R1 . When (a, b) = (6, 7), we get (1, 6 · 2k−3 + 1, 7 · 2k−3 + 1) ≡ (1, 2k−3 + 1, 2 · 2k−3 + 1) (by adding 2 · 2k−3 ), which is in R3 . Case A2 gives 9r − 8 ≡ s and 9s − 8 ≡ r and then r ≡ s ≡ 1 mod 2k−4 . This implies r = a · 2k−4 + 1 and s = b · 2k−4 + 1 for some a and b, Substituting into the first congruence, we obtain 9a ≡ b mod 24 , so we get (1, r, s) = (1, a · 2k−4 + 1, 9a · 2k−4 + 1) = (8a · 2k−4 + 1, a · 2k−4 + 1, 9a · 2k−4 + 1). Hence we have 8a · 2k−4 + 1 ≡ 1 mod 2k . This implies a · 2k−1 ≡ 0 mod 2k , which means a is even (also b is even). Let a = 2 · α and b = 2 · β for some α and β, then r = α · 2k−3 + 1 and s = β · 2k−3 + 1. Now plugging in to the first congruence we get α ≡ β mod 8, which implies r ≡ s (impossible). Case B1 gives 9r − 8 ≡ n − r + 2 and 9s − 8 ≡ s − r + 1 and then r ≡ s ≡ 1 mod 2k−1 , which is impossible (if r ≡ 2k−1 + 1, s ≡ 2 · 2k−1 + 1 ≡ 2k + 1, then s ≡ 1 mod 2k ). Case B2 gives 9r − 8 ≡ s − r + 1 and 9s − 8 ≡ n − r + 2, which implies r ≡ s ≡ 1 mod 2k (impossible).

123


289

Cases C1 and C2 are the same as B1 and B2 with r and s interchanged, so both are impossible. Lemma 20 If n = 2k for k > 3, then the 3 equivalence classes of size 4 are the sets {(1, 2k−4 + 1, 2 · 2k−4 + 1), (1, 2 · 2k−4 + 1, 9 · 2k−4 + 1), (1, 3 · 2k−4 + 1, 6 · 2k−4 + 1), (1, 5 · 2k−4 + 1, 10 · 2k−4 + 1)}, {(1, 2k−4 + 1, 7 · 2k−4 + 1), (1, 2k−4 + 1, 10 · 2k−4 + 1), (1, 2 · 2k−4 + 1, 5 · 2k−4 + 1), (1, 2 · 2k−4 + 1, 13 · 2k−4 + 1)}, {(1, 2k−4 + 1, 8 · 2k−4 + 1), (1, 2k−4 + 1, 9 · 2k−4 + 1), (1, 3 · 2k−4 + 1, 8 · 2k−4 + 1), (1, 3 · 2k−4 + 1, 11 · 2k−4 + 1)}.

Proof We omit the lengthy proof.

Lemma 21 For any fixed k ≥ 3, the function (1, 2k−( j+2) + 1, 2 · 2k−( j+2) + 1) is always in a affine equivalence class of size 2 j , for 0 ≤ j ≤ k − 2.

Proof We use induction and Lemmas 7 and 9.

Lemma 22 For k ≥ 5, if gk−1 (1, r, s) is in an equivalence class of size 2k−2 in 2k−1 variables, then gk (1, r, s) is in an equivalence class of size 2k−1 in 2k variables. Proof We assume gk−1 (1, r, s) in 2k−1 variables belongs to an equivalence class of size 2k−2 . Then στ2

k−2

(1, r, s) = (1, (r − 1)τ 2 k−2

k−2

+ 1, (s − 1)τ 2

k−2

+ 1) = (1, r, s).

k−1

k−1

Since by (14) τ 2 ≡ 1 mod 2k , we have στ2 (1, r, s) = (1, (r − 1)τ 2 + 1, (s − 1) k−1 k−2 k−2 τ 2 + 1) = (1, (r − 1)(τ 2 )2 + 1, (s − 1)(τ 2 )2 + 1) = (1, r, s). Hence gk (1, r, s) in 2k variables belongs to an equivalence class of the size 2k−1 . Lemma 23 For n = 2k , an equivalence class of size 2 j , j ≥ 1, can occur only if n ≥ 2 j+1 . If U ( j, k) denotes the number of equivalence classes of size 2 j when n = 2k , then U ( j, k) = U ( j, j + 2) for all k ≥ j + 2. Proof The first sentence of the lemma follows from the fact that if n = 2k , then the size of any equivalence class must be a divisor of |G n | = φ(2k ) = 2k−1 . If there are U ( j, j + 2) equivalence classes of size 2 j when n = 2k , then Theorem 5 shows that there are exactly U ( j, j + 2) equivalence classes of size 2 j when n = 2k for any k ≥ j + 2.

A Appendix See Tables 1, 2, 3, 4 Table 1 Affine equivalence classes for cubic MRS functions in 8 variables

Class

Size

Functions

Class 1

2

(1, 2, 3)

(1, 3, 6)

Class 2

2

(1, 2, 4)

(1, 2, 7)

Class 3

2

(1, 2, 5)

(1, 2, 6)

Class 4

1

(1, 3, 5)

123



Table 2 Affine equivalence classes for cubic MRS functions in 16 variables

Class

Size

Functions

Class 1

4

(1, 2, 3)

(1, 3, 10)

(1, 4, 7)

(1, 6, 11)

Class 2

8

(1, 2, 4)

(1, 2, 7)

(1, 2, 12)

(1, 2, 15)

(1, 3, 8)

(1, 3, 12)

(1, 4, 10)

(1, 4, 11) (1, 2, 14)

Class 3

8

(1, 2, 5)

(1, 2, 6)

(1, 2, 13)

(1, 4, 8)

(1, 4, 13)

(1, 5, 10)

(1, 5, 12)

Class 4

4

(1, 2, 8)

(1, 2, 11)

(1, 3, 6)

(1, 3, 14)

Class 5

4

(1, 2, 9)

(1, 2, 10)

(1, 4, 9)

(1, 4, 12)

Class 6

2

(1, 3, 5)

(1, 5, 11)

Class 7

2

(1, 3, 7)

(1, 3, 13)

Class 8

2

(1, 3, 9)

(1, 3, 11)

Class 9

1

(1, 5, 9)

Table 3 Affine equivalence classes for cubic MRS functions in 32 variables Class

Size

Class 1

8

Class 2

Class 3

Class 4

Class 5

Class 6

Class 7

16

16

16

16

16

16

Class 8

8

Class 9

8

Class 10

4

Class 11

8

123

Functions (1, 2, 3)

(1, 3, 18)

(1, 4, 7)

(1, 7, 20)

(1, 8, 15)

(1, 10, 19)

(1, 6, 11) (1, 11, 22)

(1, 2, 4)

(1, 2, 12)

(1, 2, 23)

(1, 2, 31)

(1, 3, 16)

(1, 3, 20)

(1, 4, 10)

(1, 4, 27)

(1, 6, 15)

(1, 6, 16)

(1, 6, 23)

(1, 6, 24)

(1, 7, 14)

(1, 7, 26)

(1, 8, 19)

(1, 8, 22)

(1, 2, 5)

(1, 2, 13)

(1, 2, 22)

(1, 2, 30)

(1, 4, 13)

(1, 4, 24)

(1, 5, 10)

(1, 5, 12)

(1, 5, 18)

(1, 5, 20)

(1, 5, 26)

(1, 5, 28)

(1, 6, 18)

(1, 6, 21)

(1, 8, 20)

(1, 8, 21)

(1, 2, 6)

(1, 2, 14)

(1, 2, 21)

(1, 2, 29)

(1, 4, 8)

(1, 4, 16)

(1, 4, 21)

(1, 4, 29)

(1, 5, 14)

(1, 5, 16)

(1, 5, 22)

(1, 5, 24)

(1, 6, 13)

(1, 6, 26)

(1, 10, 21)

(1, 10, 22)

(1, 2, 7)

(1, 2, 15)

(1, 2, 20)

(1, 2, 28)

(1, 3, 8)

(1, 3, 12)

(1, 3, 24)

(1, 3, 28)

(1, 4, 11)

(1, 4 ,18)

(1, 4, 19)

(1, 4, 26)

(1, 7, 18)

(1, 7, 22)

(1, 10, 20)

(1, 10, 23)

(1, 2, 8)

(1, 2, 11)

(1, 2, 24)

(1, 2, 27)

(1, 3, 6)

(1, 3, 14)

(1, 3, 22)

(1, 3, 30)

(1, 4, 15)

(1, 4, 22)

(1, 6, 19)

(1, 6, 20)

(1, 7, 16)

(1, 7, 24)

(1, 8, 18)

(1, 8, 23)

(1, 2, 9)

(1, 2, 10)

(1, 2, 25)

(1, 2, 26)

(1, 4, 9)

(1, 4, 12)

(1, 4, 25)

(1, 4, 28)

(1, 6, 14)

(1, 6, 25)

(1, 8, 16)

(1, 8, 25)

(1, 9, 18)

(1, 9, 20)

(1, 9, 22)

(1, 9, 24)

(1, 2, 16)

(1, 2, 19)

(1, 3, 10)

(1, 3, 26)

(1, 4, 14)

(1, 4, 23)

(1, 6, 12)

(1, 6, 27)

(1, 2, 17)

(1, 2, 18)

(1, 4, 17)

(1, 4, 20)

(1, 6, 17)

(1, 6, 22)

(1, 8, 17)

(1, 8, 24)

(1, 3, 5)

(1, 5, 19)

(1, 7, 13)

(1, 11, 21)

(1, 3, 7)

(1, 3, 13)

(1, 3, 23)

(1, 3, 29)

(1, 5, 15)

(1, 5, 23)

(1, 7, 19)

(1, 7, 21)


291

Table 3 continued Class

Size

Class 12

8

Functions (1, 3, 9)

(1, 3, 11)

(1, 3, 25)

(1, 7, 15)

(1, 7, 25)

(1, 9, 19)

(1, 3, 27) (1, 9, 23)

Class 13

4

(1, 3, 15)

(1, 3, 21)

(1, 5, 11)

(1, 5, 27)

Class 14

4

(1, 3, 17)

(1, 3, 19)

(1, 7, 17)

(1, 7, 23)

Class 15

2

(1, 5, 9)

(1, 9, 21)

Class 16

2

(1, 5, 13)

(1, 5, 25)

Class 17

2

(1, 5, 17)

(1, 5, 21)

Class 18

1

(1, 9, 17)

Table 4 Affine equivalence classes for cubic MRS functions in 64 variables Class

Size

Class 1

16

Class 2

Class 3

Class 4

Class 5

32

32

32

32

Functions (1, 2, 3)

(1, 3, 34)

(1, 4, 7)

(1, 6, 11)

(1, 7, 36)

(1, 8, 15)

(1, 10, 19)

(1, 11, 38)

(1, 12, 23)

(1, 4, 27)

(1, 15, 40)

(1, 16, 31)

(1, 18, 35)

(1, 19, 42)

(1, 20, 39)

(1, 22, 43)

(1, 2, 4)

(1, 2, 23)

(1, 2, 44)

(1, 2, 63)

(1, 3, 32)

(1, 3, 36)

(1, 4, 10)

(1, 4, 59)

(1, 6, 16)

(1, 6, 24)

(1, 6, 47)

(1, 6, 55)

(1, 7, 30)

(1, 7, 42)

(1, 8, 22)

(1, 8, 27)

(1, 8, 46)

(1, 8, 51)

(1, 10, 28)

(1, 10, 47)

(1, 11, 28)

(1, 11, 48)

(1, 12, 26)

(1, 12, 34)

(1, 12, 43)

(1, 12, 51)

(1, 14, 31)

(1, 14, 39)

(1, 14, 40)

(1, 14, 48)

(1, 16, 35)

(1, 16, 46)

(1, 2, 5)

(1, 2, 22)

(1, 2, 45)

(1, 2, 62)

(1, 4, 13)

(1, 4, 56)

(1, 5, 18)

(1, 5, 20)

(1, 5, 34)

(1, 5, 36)

(1, 5, 50)

(1, 5, 52)

(1, 6, 21)

(1, 6, 29)

(1, 6, 42)

(1, 6, 50)

(1, 8, 20)

(1, 8, 29)

(1, 8, 44)

(1, 8, 53)

(1, 10, 37)

(1, 10, 38)

(1, 12, 32)

(1, 12, 37)

(1, 12, 40)

(1, 12, 45)

(1, 13, 26)

(1, 13, 36)

(1, 13, 42)

(1, 13, 52)

(1, 18, 38)

(1, 18, 45)

(1, 2, 6)

(1, 2, 14)

(1, 2, 53)

(1, 2, 61)

(1, 4, 16)

(1, 4, 29)

(1, 4, 40)

(1, 4, 53)

(1, 5, 16)

(1, 5, 22)

(1, 5, 32)

(1, 5, 38)

(1, 5, 48)

(1, 5, 54)

(1, 6, 26)

(1, 6, 45)

(1, 8, 28)

(1, 8, 36)

(1, 8, 37)

(1, 8, 45)

(1, 10, 21)

(1, 10, 29)

(1, 10, 46)

(1, 10, 54)

(1, 13, 30)

(1, 13, 32)

(1, 13, 46)

(1, 13, 48)

(1, 14, 37)

(1, 14, 42)

(1, 21, 42)

(1, 21, 44)

(1, 2, 7)

(1, 2, 15)

(1, 2, 52)

(1, 2, 60)

(1, 3, 12)

(1, 3, 24)

(1, 3, 44)

(1, 3, 56)

(1, 4, 19)

(1, 4, 26)

(1, 4, 43)

(1, 4, 50)

(1, 6, 31)

(1, 6, 40)

(1, 7, 34)

(1, 7, 38)

(1, 8, 30)

(1, 8, 35)

(1, 8, 38)

(1, 8, 43)

(1, 10, 20)

(1, 10, 55)

(1, 11, 24)

(1, 11, 52)

(1, 12, 27)

(1, 12, 50)

(1, 15, 34)

(1, 15, 46)

(1, 18, 36)

(1, 18, 39)

(1, 18, 44)

(1, 18, 47)

123




Size

Class 6

32

Class 7

Class 8

Class 9

Class 10

Class 11

Class 12

123

32

32

32

32

32

32

Functions (1, 2, 8)

(1, 2, 11)

(1, 2, 56)

(1, 2, 59)

(1, 3, 14)

(1, 3, 22)

(1, 3, 46)

(1, 3, 54)

(1, 4, 22)

(1, 4, 31)

(1, 4, 38)

(1, 4, 47)

(1, 6, 20)

(1, 6, 35)

(1, 6, 36)

(1, 6, 51)

(1, 7, 32)

(1, 7, 40)

(1, 8, 23)

(1, 8, 50)

(1, 10, 27)

(1, 10, 48)

(1, 11, 34)

(1, 11, 42)

(1, 12, 30)

(1, 12, 47)

(1, 14, 28)

(1, 14, 51)

(1, 16, 39)

(1, 16, 42)

(1, 18, 40)

(1, 18, 43)

(1, 2, 9)

(1, 2, 10)

(1, 2, 57)

(1, 2, 58)

(1, 4, 25)

(1, 4, 28)

(1, 4, 41)

(1, 4, 44)

(1, 6, 25)

(1, 6, 30)

(1, 6, 41)

(1, 6, 46)

(1, 8, 16)

(1, 8, 57)

(1, 9, 18)

(1, 9, 24)

(1, 9, 26)

(1, 9, 32)

(1, 9, 34)

(1, 9, 40)

(1, 9, 42)

(1, 9, 48)

(1, 9, 50)

(1, 9, 56)

(1, 12, 25)

(1, 12, 36)

(1, 12, 41)

(1, 12, 52)

(1, 14, 38)

(1, 14, 41)

(1, 20, 41)

(1, 20, 44)

(1, 2, 12)

(1, 2, 31)

(1, 2, 36)

(1, 2, 55)

(1, 3, 16)

(1, 3, 20)

(1, 3, 48)

(1, 3, 52)

(1, 4, 27)

(1, 4, 34)

(1, 4, 35)

(1, 4, 42)

(1, 6, 15)

(1, 6, 23)

(1, 6, 48)

(1, 6, 56)

(1, 7, 14)

(1, 7, 26)

(1, 7, 46)

(1, 7, 58)

(1, 8, 19)

(1, 8, 54)

(1, 10, 36)

(1, 10, 39)

(1, 11, 32)

(1, 11, 44)

(1, 15, 38)

(1, 15, 42)

(1, 16, 38)

(1, 16, 43)

(1, 19, 40)

(1, 19, 44)

(1, 2, 13)

(1, 2, 30)

(1, 2, 37)

(1, 2, 54)

(1, 4, 24)

(1, 4, 32)

(1, 4, 37)

(1, 4, 45)

(1, 5, 10)

(1, 5, 12)

(1, 5, 26)

(1, 5, 28)

(1, 5, 42)

(1, 5, 44)

(1, 5, 58)

(1, 5, 60)

(1, 6, 18)

(1, 6, 53)

(1, 8, 21)

(1, 8, 52)

(1, 10, 30)

(1, 10, 45)

(1, 13, 28)

(1, 13, 34)

(1, 13, 44)

(1, 13, 50)

(1, 14, 29)

(1, 14, 50)

(1, 18, 37)

(1, 18, 46)

(1, 20, 40)

(1, 20, 45)

(1, 2, 16)

(1, 2, 19)

(1, 2, 48)

(1, 2, 51)

(1, 3, 10)

(1, 3, 26)

(1, 3, 42)

(1, 3, 58)

(1, 4, 14)

(1, 4, 23)

(1, 4, 46)

(1, 4, 55)

(1, 6, 12)

(1, 6, 27)

(1, 6, 44)

(1, 6, 59)

(1, 7, 28)

(1, 7, 44)

(1, 8, 31)

(1, 8, 42)

(1, 10, 35)

(1, 10, 40)

(1, 11, 30)

(1, 11, 46)

(1, 12, 38)

(1, 12, 39)

(1, 14, 36)

(1, 14, 43)

(1, 15, 32)

(1, 15, 48)

(1, 16, 34)

(1, 16, 47)

(1, 2, 17)

(1, 2, 18)

(1, 2, 49)

(1, 2, 50)

(1, 4, 17)

(1, 4, 20)

(1, 4, 49)

(1, 4, 52)

(1, 6, 17)

(1, 6, 22)

(1, 6, 49)

(1, 6, 54)

(1, 8, 17)

(1, 8, 24)

(1, 8, 49)

(1, 8, 56)

(1, 10, 26)

(1, 10, 49)

(1, 12, 28)

(1, 12, 49)

(1, 14, 30)

(1, 14, 49)

(1, 16, 32)

(1, 16, 49)

(1, 17, 34)

(1, 17, 36)

(1, 17, 38)

(1, 17, 40)

(1, 17, 42)

(1, 17, 44)

(1, 17, 46)

(1, 17, 48)

(1, 2, 20)

(1, 2, 28)

(1, 2, 39)

(1, 2, 47)

(1, 3, 8)

(1, 3, 28)

(1, 3, 40)

(1, 3, 60)

(1, 4, 11)

(1, 4, 18)

(1, 4, 51)

(1, 4, 58)

(1, 6, 32)

(1, 6, 39)

(1, 7, 18)

(1, 7, 22)

(1, 7, 50)

(1, 7, 54)

(1, 10, 23)

(1, 10, 31)

(1, 10, 44)

(1, 10, 52)

(1, 11, 36)

(1, 11, 40)

(1, 12, 35)

(1, 12, 42)

(1, 14, 32)

(1, 14, 47)

(1, 15, 30)

(1, 15, 50)

(1, 20, 42)

(1, 20, 43)


293


Size

Class 13

32

Class 14

Class 15

Class 16

Class 17

Class 18 Class 19

Class 20

Class 21

Class 22

Class 23

32

32

16

16

8 16

16

16

16

16

Functions (1, 2, 21)

(1, 2, 29)

(1, 2, 38)

(1, 2, 46)

(1, 4, 8)

(1, 4, 21)

(1, 4, 48)

(1, 4, 61)

(1, 5, 14)

(1, 5, 24)

(1, 5, 30)

(1, 5, 40)

(1, 5, 46)

(1, 5, 56)

(1, 6, 13)

(1, 6, 34)

(1, 6, 37)

(1, 6, 58)

(1, 10, 22)

(1, 10, 53)

(1, 12, 24)

(1, 12, 29)

(1, 12, 48)

(1, 12, 53)

(1, 13, 38)

(1, 13, 40)

(1, 14, 34)

(1, 14, 45)

(1, 16, 36)

(1, 16, 37)

(1, 16, 44)

(1, 16, 45)

(1, 2, 24)

(1, 2, 27)

(1, 2, 40)

(1, 2, 43)

(1, 3, 6)

(1, 3, 30)

(1, 3, 38)

(1, 3, 62)

(1, 4, 15)

(1, 4, 54)

(1, 6, 19)

(1, 6, 52)

(1, 7, 16)

(1, 7, 24)

(1, 7, 48)

(1, 7, 56)

(1, 8, 18)

(1, 8, 34)

(1, 8, 39)

(1, 8, 55)

(1, 10, 32)

(1, 10, 43)

(1, 11, 26)

(1, 11, 50)

(1, 12, 31)

(1, 12, 46)

(1, 14, 35)

(1, 14, 44)

(1, 15, 36)

(1, 15, 44)

(1, 19, 38)

(1, 19, 46)

(1, 2, 25)

(1, 2, 26)

(1, 2, 41)

(1, 2, 42)

(1, 4, 9)

(1, 4, 12)

(1, 4, 57)

(1, 4, 60)

(1, 6, 14)

(1, 6, 57)

(1, 8, 25)

(1, 8, 32)

(1, 8, 41)

(1, 8, 48)

(1, 9, 20)

(1, 9, 22)

(1, 9, 28)

(1, 9, 30)

(1, 9, 36)

(1, 9, 38)

(1, 9, 44)

(1, 9, 46)

(1, 9, 52)

(1, 9, 54)

(1, 10, 25)

(1, 10, 34)

(1, 10, 41)

(1, 10, 50)

(1, 16, 40)

(1, 16, 41)

(1, 18, 41)

(1, 18, 42)

(1, 2, 32)

(1, 2, 35)

(1, 3, 18)

(1, 3, 50)

(1, 4, 30)

(1, 4, 39)

(1, 6, 28)

(1, 6, 43)

(1, 7, 20)

(1, 7, 52)

(1, 8, 26)

(1, 8, 47)

(1, 10, 24) (1, 2, 33)

(1, 10, 51) (1, 2, 34)

(1, 11, 22) (1, 4, 33)

(1, 11, 54) (1, 4, 36)

(1, 6, 33)

(1, 6, 38)

(1, 8, 33)

(1, 8, 40)

(1, 10, 33)

(1, 10, 42)

(1, 12, 33)

(1, 12, 44)

(1, 14, 33)

(1, 14, 46)

(1, 16, 33)

(1, 16, 48) (1, 11, 21)

(1, 3, 5)

(1, 5, 35)

(1, 7, 13)

(1, 13, 39)

(1, 15, 29)

(1, 19, 37)

(1, 21, 43)

(1, 3, 7)

(1, 3, 23)

(1, 3, 45)

(1, 3, 61)

(1, 5, 31)

(1, 5, 39)

(1, 7, 19)

(1, 7, 53)

(1, 11, 29)

(1, 11, 31)

(1, 11, 45)

(1, 11, 47)

(1, 13, 27)

(1, 13, 51)

(1, 15, 37)

(1, 15, 43)

(1, 3, 9)

(1, 3, 25)

(1, 3, 43)

(1, 3, 59)

(1, 7, 25)

(1, 7, 47)

(1, 9, 19)

(1, 9, 23)

(1, 9, 35)

(1, 9, 39)

(1, 9, 51)

(1, 9, 55)

(1, 11, 35)

(1, 11, 41)

(1, 15, 39)

(1, 15, 41)

(1, 3, 11)

(1, 3, 27)

(1, 3, 41)

(1, 3, 57)

(1, 7, 15)

(1, 7, 31)

(1, 7, 41)

(1, 7, 57)

(1, 9, 27)

(1, 9, 31)

(1, 9, 43)

(1, 9, 47)

(1, 11, 25)

(1, 11, 51)

(1, 19, 41)

(1, 19, 43)

(1, 3, 13)

(1, 3, 29)

(1, 3, 39)

(1, 3, 55)

(1, 5, 15)

(1, 5, 23)

(1, 5, 47)

(1, 5, 55)

(1, 7, 21)

(1, 7, 35)

(1, 7, 37)

(1, 7, 51)

(1, 13, 35)

(1, 13, 43)

(1, 19, 39)

(1, 19, 45)

(1, 3, 15)

(1, 3, 21)

(1, 3, 47)

(1, 3, 53)

(1, 5, 11)

(1, 5, 27)

(1, 5, 43)

(1, 5, 59)

(1, 7, 29)

(1, 7, 43)

(1, 11, 37)

(1, 11, 39)

(1, 13, 31)

(1, 13, 47)

(1, 15, 35)

(1, 15, 45)

123




Size

Class 24

16

Functions (1, 3, 17)

(1, 3, 19)

(1, 3, 49)

(1, 3, 51)

(1, 7, 17)

(1, 7, 23)

(1, 7, 49)

(1, 7, 55)

(1, 11, 27)

(1, 11, 49)

(1, 15, 31)

(1, 15, 49)

(1, 17, 35)

(1, 17, 39)

(1, 17, 43)

(1, 17, 47)

(1, 3, 31)

(1, 3, 37)

(1, 5, 19)

(1, 5, 51)

(1, 7, 27)

(1, 7, 45)

(1, 11, 23)

(1, 11, 53)

(1, 3, 33)

(1, 3, 35)

(1, 7, 33)

(1, 7, 39)

Class 25

8

Class 26

8

(1, 11, 33)

(1, 11, 43)

(1, 15, 33)

(1, 15, 47)

Class 27

4

(1, 5, 9)

(1, 9, 37)

(1, 13, 25)

(1, 21, 41)

Class 28

8

(1, 5, 13)

(1, 5, 25)

(1, 5, 45)

(1, 5, 57)

(1, 9, 29)

(1, 9, 45)

(1, 13, 37)

(1, 13, 41)

Class 29

8

(1, 5, 17)

(1, 5, 21)

(1, 5, 49)

(1, 5, 53)

(1, 13, 29)

(1, 13, 49)

(1, 17, 37)

(1, 17, 45)

Class 30

4

(1, 5, 29)

(1, 5, 41)

(1, 9, 21)

(1, 9, 53)

Class 31

4

(1, 5, 33)

(1, 5, 37)

(1, 13, 33)

(1, 13, 45)

Class 32

2

(1, 9, 17)

(1, 17, 41)

Class 33

2

(1, 9, 25)

(1, 9, 49)

Class 34

2

(1, 9, 33)

(1, 9, 41)

Class 35

1

(1, 17, 33)

References 1. Cusick T.W.: Affine equivalence of cubic homogeneous rotation symmetric Boolean functions. Inform. Sciences 181, 5067–5083 (2011). 2. Cusick T.W., St˘anic˘a P.: Fast evaluation, weights and nonlinearity of rotation symmetric functions. Discrete Math. 258, 289–301 (2002). 3. Cusick T.W., St˘anic˘a P.: Cryptographic Boolean Functions and Applications. Academic Press, San Diego (2009). 4. Kim H., Park S-M., Hahn S.G.: On the weight and nonlinearity of homogeneous rotation symmetric Boolean functions of degree 2. Discrete Appl. Math. 157, 428–432 (2009). 5. St˘anic˘a P., Maitra S.: A constructive count of rotation symmetric functions. Inform. Process. Lett. 88, 299–304 (2003).

123