We address the question: How should N n-dimensional subspaces of m-dimensional Euclidean space be arranged so that they are as far apart as possible? The results of extensive computations for modest values of N; n; m are described, as well as a reformulation of the problem that was suggested by these computations. The reformulation gives a way to describe n- dimensional subspaces of m-space as points on a sphere in dimension (m \Gamma 1)(m+2), which provides a (usually) lowerdimensional representation than the Pl ucker embedding, and leads to a proof that many of the new packings are optimal. The results have applications to the graphical display of multidimensional data via Asimov's grand tour method.

Three of the most important criteria for cryptographically strong Boolean functions are the balancedness, the nonlinearity and the propagation criterion. The main contribution of this paper is to reveal a number of interesting properties of balancedness and nonlinearity, and to study systematic methods for constructing Boolean functions satisfying some or all of the three criteria. We showthat concatenating, splitting, modifying and multiplying (in the sense of Kronecker) sequences can yield balanced Boolean functions with a very high nonlinearity. In particular, we showthat balanced Boolean functions obtained by modifying and multiplying sequences achieve a nonlinearity higher than that attainable by anypreviously known construction method. We also present methods for constructing balanced Boolean functions that are highly nonlinear and satisfy the strict avalanche criterion (SAC). Furthermore we present methods for constructing highly nonlinear balanced Boolean functions satisfying the propagation criterion with respect to all but one or three vectors. A technique is developed to transform the vectors where the propagation criterion is not satis ed in such away that the functions constructed satisfy the propagation criterion of high degree while preserving the

Abstract. A Boolean function is said to be correlation immune if its output leaks no information about its input values. Such functions have many applications in computer security practices including the construction of key stream generators from a set of shift registers. Finding methods for easy construction of correlation immune functions has been an active research area since the introduction of the notion by Siegenthaler. In this paper we study balanced correlation immune functions using the theory of Hadamard matrices. First we present a simple method for directly constructing balanced correlation immune functions of any order. Then we prove that our method generates exactly the same set of functions as that obtained using a method by Camion, Carlet, Charpin and Sendrier. Advantages of our method over Camion et al's include (1) it allows us to calculate the nonlinearity, which is a crucial criterion for cryptographically strong functions, of the functions obtained, and (2) it enables us to discuss the propagation characteristics of the functions. Two examples are given to illustrate our construction method. Finally, we investigate methods for obtaining new correlation immune functions from known correlation immune functions. These methods provide us with a new avenue towards understanding correlation immune functions. 1

Abstract. We consider affine systems in Rn constructed from a given integral invertible and expansive matrix R, and a finite set B of translates, σbx: = R−1x + b; the corresponding measure µ on Rn is a probability measure and fixed by the selfsim-ilarity µ = |B|

Four Turyn type sequences of lengths 36, 36, 36, 35 are found by a computer search. These sequences give new base sequences of lengths 71, 71, 36, 36 and are used to generate a number of new T -sequences. The first order of many new Hadamard matrices constructible using these new T -sequences is 428.

In this article we investigate how we can employ the structure of combinatorial objects like Hadamard matrices and weighing matrices to device new quantum algorithms. We show how the properties of a weighing matrix can be used to construct a problem for which the quantum query complexity is significantly lower than the classical one. It is pointed out that this scheme captures both Bernstein & Vazirani’s inner-product protocol, as well as Grover’s search algorithm. In the second part of the article we consider Paley’s construction of Hadamard matrices to design a more specific problem that uses the Legendre symbol χ (which indicates if an element of a finite field GF(p k) is a quadratic residue or not). It is shown how for a shifted Legendre function fs(x) = χ(x+s), the unknown s ∈ GF(p k) can be obtained exactly with only two quantum calls to fs. This is in sharp contrast with the observation that any classical, probabilistic procedure requires at least k log p queries to solve the same problem. 1

The book, Orthogonal Designs: Quadratic Forms and Hadamard Matrices, Marcel Dekker, New York-Basel, 1979, by A. V. Geramita and Jennifer Seberry, has now been out of print for almost two decades. Many of the results on weighing matrices presented therein have been greatly improved. Here we review the theory, restate some results which are no longer available and expand on the existence of many new weighing matrices and orthogonal designs of order 2n where n is odd. We give a number of new constructions for orthogonal designs. Then using number theory, linear algebra and computer searches we find new weighing matrices and orthogonal designs. We have reviewed completely the weighing matrix conjecture for orders 2n, n 35, n odd. The previously known results for weighing matrices for n 21 are summarized here, and new result given, leaving 3 unresolved cases. The results for weighing matrices for n 23 are presented here for the first time. For orders n, 23 n 25, 3 remain...

. This paper studies the computationally difficult problem of finding a largest j-dimensional simplex in a given d-dimensional cube. The case in which j = d is of special interest, for it is equivalent to the Hadamard maximum determinant problem; it has been solved for infinitely many values of d but not for d = 14. (The subcase in which j = d j 3 (mod 4) subsumes the famous problem on the existence of Hadamard matrices.) The known results for the case j = d are here summarized and used, but the main focus is on fixed small values of j. When j = 1, the problem is trivial, and when j = 2 or j = 3 it is here solved completely (i.e., for all d). Beyond that, the results are fragmentary but numerous, and they lead to several attractive conjectures. Some other problems involving simplices in cubes are mentioned, and the relationship of largest simplices to D-optimal weighing designs is discussed. Introduction The setting for everything in this paper is a finite-dimensional Euclidean sp...

Abstract. It is a well known fact that the nonlinearity of a function f on the n-dimensional vector space Vn is bounded from above by 2 n−1 − 2 1 2 n−1. In cryptographic practice, nonlinear functions are usually constructively obtained in such a way that they support certain mathematical or cryptographic requirements. Hence an important question is how to calculate the nonlinearity of a function when extra information is available. In this paper we address this question in the context of auto-correlations, and derive four (two upper and two lower) bounds on the nonlinearity of a function (see Table 1). Strengths and weaknesses of each bound are also examined. In addition, a few examples are given to demonstrate the usefulness of the bounds in practical applications. We anticipate that these four bounds will be very useful in calculating the nonlinearity of a cryptographic function when certain extra information on the auto-correlations of the function is available. 1

Cyclotomy can be used to construct a variety of combinatorial designs, for example, supplementary difference sets, weighing matrices and T --matrices. These designs may be obtained by using linear combinations of the incidence matrices of the cyclotomic cosets. However, cyclotomy only works in the prime and prime power cases. We present a generalisation of cyclotomy and introduce generalised cosets. Combinatorial designs can now be obtained by a search through all linear combinations of the incidence matrices of the generalised cosets. We believe that this search method is new. The generalisation works for all cases and is not restricted to prime powers. The paper presents some new combinatorial designs. We give a new construction for T --matrices of order 87 and hence an OD(4 \Theta 87; 87; 87; 87; 87). We also give some D--optimal designs of order n = 2v = 2 \Theta 145; 2 \Theta 157; 2 \Theta 181. Keywords: Cyclotomy, Galois field, Galois domain, autocorrelation function, supplemen...