New developments in the theory of Gröbner bases and applications to formal verification

Abstract: a b s t r a c tWe present foundational work on standard bases over rings and on Boolean Gröbner bases in the framework of Boolean functions. The research was motivated by our collaboration with electrical engineers and computer scientists on problems arising from formal verification of digital circuits. In fact, algebraic modelling of formal verification problems is developed on the word-level as well as on the bit-level. The word-level model leads to Gröbner basis in the polynomial ring over Z/2 n while the b… Show more

“…, x n ] such that every variable x i occurs with exponent 0 or 1. In [13] it is described, how to apply classical Gröbner basis theory for polynomial rings to this quotient ring. On the description and principles of the PolyBoRi framework the reader is referred to [11].…”

“…Solving the final system with the key variables is done with the symmgbGF2 algorithm [13] (an advanced version of SlimGB: [9]) implemented in PolyBoRi. Here t red time needed to do the reductions, t sol time needed to solve the final system in key variables only, t total is the total time of a computation, "memory" shows the memory peaks for the computations.…”

Obtaining and Solving Systems of Equations in Key Variables Only for the Small Variants of AES

“…, x n ] such that every variable x i occurs with exponent 0 or 1. In [13] it is described, how to apply classical Gröbner basis theory for polynomial rings to this quotient ring. On the description and principles of the PolyBoRi framework the reader is referred to [11].…”

“…Solving the final system with the key variables is done with the symmgbGF2 algorithm [13] (an advanced version of SlimGB: [9]) implemented in PolyBoRi. Here t red time needed to do the reductions, t sol time needed to solve the final system in key variables only, t total is the total time of a computation, "memory" shows the memory peaks for the computations.…”

Obtaining and Solving Systems of Equations in Key Variables Only for the Small Variants of AES

“…Since we only consider the univariate case our summary is fairly elementary and straightforward. We choose the textbook [1] as our guide since it is general enough to include modules over a ring R, see also [2], [3], [28]. In this paper we focus on properties of Gröbner bases rather than construction of Gröbner bases.…”

“…In this paper we focus on properties of Gröbner bases rather than construction of Gröbner bases. For more details on construction of Gröbner bases the reader is referred to [1], [28], [2]. In the sequel we assume that R[x] is a noetherian ring, that is, all of its ideals are finitely generated.…”

Gröbner bases and behaviors over finite rings

“…The first impressive demonstra tion of their possibilities was the breaking the first challenge for the HFE (Hidden Fields Equations) cryptosystem with an open key described in [4] and computing a Boolean Gröbner basis for a system of quadratic Boolean polynomials in 80 variables. Since then, the application range of Boolean Gröbner bases has been significantly expanded, and, currently, there are a number of examples [5] when these bases are suc cessfully used to solve problems of Boolean satisfiabil ity (SAT).…”

BIBasis, a package for reduce and Macaulay2 computer algebra systems to compute Boolean involutive and Gröbner bases