1. Introduction
With this manuscript, we pursue the goal of exploring the connection between rotations of binary vectors and
cycles. Theorem 3 and its generalization in
Section 9 mainly contribute to this exploration, since they narrow down the conditions for the sought divisibilities and for the cycle existences. The starting point of our research is a divisibility feature of rotated binary numbers, which has been discovered by Darrell Cox [
1] and taken further, analyzed, and visualized for numerous cases using the Python programming language by Eldar Sultanow [
2]. This investigation is motivated by the use case of information encryption and efficiency improvement of cryptographic algorithms, especially of those algorithms that are implemented by a linear feedback shifting register (LFSR) as demonstrated by Grosek and Hromada [
3]. In the following we will develop a computational base for the binary rotation, its related cycles and generalize the divisibility feature. Definition 1 specifies the term “left-rotational distance” as follows:
Definition 1. The left-rotational distance r of a binary number B is the number of rotations, which lead from to .
Let us take a binary number
B of length
l with
ones (and
zeros), for example
,
and
, the minimum that is obtainable by rotating
B is
and the maximum is
. The left-rotational distance is
, since we obtain the maximum 11011010 by three left rotates of the minimum 01011011. The maximum
can be obtained directly using Equation (
1) as follows:
Vice versa, we calculate the minimum directly as
. Moreover, we can calculate the length
l (See Sedgewick and Wayne [
4], p. 185) and the Hamming weight
using
(see Weisstein [
5] and Allouche and Shallit [
6], p. 74) directly:
It is briefly mentioned that
denotes the greatest dividing exponent of the base 2 with respect to a number
n, which is the largest integer value of
k such that
with
, see [
7].
By applying these formulas to our example, we obtain and . The divisibility can be written in our example as . In our example the divisibility holds, since is true.
Our question is: Under which circumstances is this divisibility generally granted? The paper aims to describe the rotational behavior allowing us to unveil its connection to cycles and related concepts and to generalize the cycles to cycles. The approach to the question of divisibility behavior can be summarized as follows:
Describing the rotational behavior: Starting point is the diophantine Equation (
2). Showing that this diophantine equation always has solutions
would answer the question of whether the divisibility holds.
Unveiling the connection between rotations, cycles, and related concepts: By introducing a boundary feature with Function (
6), Halbeisen and Hungerbühler lay the foundation for this, which Cox et al. supplemented with another feature by Function (
7). The cycle’s existence depends on this divisibility as stated by Theorem 3.
Generalizing from
to
cycles: With this generalization, we broaden the field to study the divisibility behavior.
Section 9 makes the key contribution to this. We could generalize Theorem 3 for restricting the existence of cycles depending on the divisibility. A proof of this divisibility remains still open.
Theorems in the body of this paper, notably the referred work of Halbeisen and Hungerbühler [
8] provide ways of describing the rotational behavior, but no proof of this divisibility. The diophantine Equation (
2) is strongly related to this question: To prove that this divisibility holds, we need to show that there always exist integers
a and
b that solve the diophantine equation, which we deduce from Equation (
1):
In our example provide a solution: to solve we substitute and solve the linear congruence , which is solvable if and there is a unique solution if 91 and the modulus are coprime . This coprimality is given here. The solution is and resubstitution of Y leads to , which brings us to the solutions and so on. All these r values enables us to find solutions for . In order that the divisibility is given, we must show that and .
Based on the fact that binary rotations lead to
cycles,
Section 3 contributes as well to the question under which conditions the divisibility is granted. Although we can illustrate and exemplify this divisibility behavior for many such cycles, we have not succeeded in providing a proof. At least we were able to identify and compile connections, limitations, and references to related/relevant concepts. The generalization of binary rotations to
cycles in
Section 9 expands the field of the investigated divisibility behavior.
2. Fields of Application
In today’s world, or rather in today’s digital age, cryptographic methods have become increasingly important in order to ensure confidentiality, secrecy, and integrity of data in the presence of an adversary. Our results have the potential to contribute to existing approaches of encrypting information and moreover to provide new ways to perform encryption possibly more efficiently. Currently, LFSR is one of the main methods for cryptography (see Grosek and Hromada [
3]) and they possess already an efficiency. Our idea consists in utilizing the findings given in the following sections to make LFSR’s more efficient (due to lowering memory requirements) by abbreviating shifting algorithms with the Collatz method.
We reduce the amount of electrical calculation to the number of equivalence classes instead of the number of binaries
, since we will see that the characteristics within such a class are constant (see in
Section 7). Therefore we only have to calculate any equation once for an equivalence class and can simply shift it by an e.g., LFSR afterward. In
Section 8 we will also calculate the amount of all equivalence classes for a given length
l and therefore the ratio of computational power reduction.
Moreover we will generalize our given
cycles to
cycles for a more generic version of cycle representation (see in
Section 9). This possesses a novelty value of our work too and provides the most practical application, such as for example the field of application for randomness. The importance of Collatz sequences for randomness has been elaborated extensively in the literature, which we want to take up briefly with the following digression. If we take any odd integer, let’ say
as an input for the repeatedly called function
(which is function (
4)). We can assume that the function
f is “sufficiently mixing”, since
is called repeatedly an the output
becomes due to the additional variable
k more and more obfuscated.
We clearly see the potential of those procedures and, furthermore, even Apple decided to submit for a patent [
9] in order to use Collatz as a one-way hashing function, since the algorithms become increasingly important.
3. Binary Rotations Lead Us to 3n + c Cycles
Take a binary number
B with a Hamming weight
as input for a function
z, which Darrel Cox [
1] defined as follows, where
are the positions (indexing is zero-based) in
B occupied by 1:
This function
z is adapted from Halbeisen’s and Hungerbühler’s function
, see [
8]. In the introductory example
we have
and the five positions in our binary number
that are occupied by 1 are
:
Similarly we can calculate
. Both integers, the 319 and the 864 belong to a
cycle that is given by the following function whose parameter in this case is
:
Note that 319 is the smallest member and 864 is the largest member of this sequence and the binary representation of
reflects the course of this cycle starting with its smallest member 319, where the ones represent odd members and the zeros represent even members:
Table 1 shows the left-rotational distances of a binary number that we obtain from the integer
x in the first column using the reverse function
to another number located in the same row of
v. For example the left-rotational distance of
to
is six, which we highlighted blue.
Table 1 highlights our case of the rotational distance from
to
using the color green. The integer
is the only rotational distance value that provides a solution for the divisibility
.
4. What We Know about Cycles
Starting point of our considerations is the function
given by Equation (
4). Below we introduce a monoidal description of cycles. And as part of our own contribution, we develop a formula for calculating the smallest member in such a cycle.
Let
S be a set containing two elements
and
, which are bijective functions over
:
Let a binary operation be the left-to-right composition of functions
, where
.
is the composition monoid (transformation monoid), which is freely generated by
S. The identity element is the identity function
. We call
e an
empty string.
consists of all expressions (strings) that can be concatenated from the generators
and
. Every string can be written in precisely one way as product of factors
and
and natural exponents
:
These uniquely written products are called
reduced words over
S. Using exponents
, we construct strings
and concatenate these to a larger string:
Note that each string
is a reduced word, since
. Let us evaluate this (large) string by inputting a natural number
. If the result is again
then we obtain a cycle:
We write the sums briefly as and . The cycle contains elements. Example 2 illustrates, how bit rotations relate to compositions of the two functions and . We summarize this fact to the following Definition 2:
Definition 2. A cycle consists of elements, where is the number of its odd members and the number of its even members.
Moreover we define
with
We introduced this Definition 2 to prepare or allow us for the formulation of Theorem 1, which calculates the smallest member of the cycle, which in line with Definition 2 consists of odd and even members:
Theorem 1. The smallest number belonging to a cycle having odd and even members is: This Theorem 1 corresponds to Theorem 5 provided and proved by Anant Gupta [
10]. Note that we stick to our notation since it is aligned with Weisstein’s (and Allouche’s and Shallit’s) established formalism.
Example 1. We consider a cycle that has elements and choose and . Its smallest element is and we obtain all elements by evaluating the strings: , , and and so forth. It applies: This cycle is . We calculate directly as follows: In this case : Theorem 2. The maximum odd element in a cycle occurs immediately before the maximum even element.
Proof. The maximum even element of the cycle cannot succeed an even element as the preceding element would be twice the element taken. The maximum odd element occurs before the maximum even element is equivalent to saying that the maximum even element follows the maximum odd element. Let be odd elements in the cycle with , then the elements after will be and . Since and , the element after the maximum odd element is greater than the element after any other odd element. Therefore the maximum odd element of the cycle precedes the maximum even element of the cycle. □
In conformity with Definition 2, let us consider a cycle consisting of odd integers and even integers. Let us consider a binary parity vector (it is synonymous to a binary sequence or binary non-reduced word) consisting of elements, which has a 1 at position i, if is odd, and otherwise 0. Theorem 3 specifies several cycle restrictions:
Theorem 3. For a cycle with odd and even members applies:
- (a)
A cycle only exists if the inequality holds, see [11]. - (b)
The condition for a cycle’s existence can be detailed as follows [11]: A non-inherited cycle only exists if . - (c)
Let be all positions (the indexing is zero-based) in the parity vector occupied by 1. A cycle only exists if the divisibility holds, where z is the function given by (3), see [11,12]. - (d)
The number of cycles is always less than or equal to the number of cycles, where a is an odd number (this can be deduced from the work of Darrell Cox [11] as well).
Example 2. We refer to the cycle again. The corresponding parity vector is and the non-reduced word is .
The indices are and therefore .
Correctly it applies that , more specifically it is and .
Theorem 4. Two different primitive cycles, and , can never share a common parity vector.
Proof. A
cycle with a given parity vector first appears at:
Let there exist cycles and with the same parity vector, this implies that the values of A and as defined in Definition 2 are the same for both cycles. Therefore using the formula, a cycle can exist iff is an integer, i.e., divides . The cycle will originate for the minimum such value of c. Therefore there can only be one value of c for which the parity vector produces a cycle that is not inherited. □
5. Boundary Features of Cycles
Halbeisen and Hungerbühler [
8] introduced a boundary feature for cycles as a function
, where
l is the cycle length and
n the number of its odd members. Let
denote the set of all binary words of length
l containing exactly
n ones and otherwise only zeros. This set contains exactly
words—exactly the number of ways in which we may select
n elements out of
l total where the order is irrelevant. In Halbeisen’s and Hungerbühler’s notation, the Hamming weight is denoted by
n, which corresponds to our notation
following Wolfram Math [
5], that is
. In the example given by
Table 2, the elements of the set
are all listed in the first column.
The second column of
Table 2 contains all binary words that result from left-rotating the binary word
B in the first column up to
l times:
In generalized terms, this set is denoted as
. Remembering that
z is the function (
3), the third column of
Table 2 contains the corresponding output of this function when inputting the rotated binary words:
The last column contains the minimum of these values. Finally, the largest of all these minima is
or generally, see [
8]:
Additionally to Halbeisen’s and Hungerbühler’s boundary feature
Darrell Cox et al. [
1] introduced another boundary feature as a function
. Let
, the function
is defined as follows:
Example 3. We choose a cycle given by of length having odd members, where . Let us choose the binary words 11000 and 10100 and calculate the smallest member of the corresponding cycle in each case.
In the first case, namely 11000
synonymous with we obtain . The resulting cycle is which is given by the first row and third column in Table 2. In the second case, 10100
that is synonymous with we obtain . The resulting cycle is which is given by the second row and third column in Table 2. Table 2 exhibits how is calculated, which in our concrete case is . Additionally we calculate . 6. Constructing One Cycle from Another
Cycles may interrelate, which means they have the same length and an equal amount of odd members. We refer to Example 3 and consider the
cycle
. A cycle, which interrelates to this
cycle is for example the
cycle
. The latter is a non-primitive cycle (see definition in
Appendix A).
If we go back to Example 1, then we can provide two interrelated cycles as well. For we obtain and the cycle is (11609, 22325, 38399, 62510, 31255, 51794, 25897, 43757, 70547, 110732, 55366, 27683, 46436, 23218).
When we divide the parameter c and all cycle members by 893, then we obtain the reduced interrelated cycle .
Theorem 5. Let a cycle of length has odd and even members, where . It always applies that is greater than the smallest member and is less than the largest odd member of this cycle. Recall that we can take and n to be synonymous, since Halbeisen and Hungerbühler denote the Hamming weight by n.
If c is divisible by an odd integer a, then for the (reduced) interrelated cycle it applies that is greater than the smallest member and is less than the largest odd member of this reduced cycle.
The upper bound
has been unveiled and proved by Halbeisen and Hungerbühler [
8] and the lower bound
was discovered and empirically verified by Cox et al. [
1].
7. Constant Sums of 3n + c Cycle Members
For a compact visualization of our cycle member, we will collect all cycle elements from all shifted versions of a given vector B in so-called equivalence classes. The reason why we declare those equivalence classes is that any member within such a class can be calculated also over the equivalence class representative. As we will see in this section, we can utilize this phenomenon due to the constancy within the equivalence classes.
Let us consider the set of all possible binary words of the length . This set contains elements. There exist 8 different periodic sequences, whereby we consider two sequences to be the same, if one of them can be obtained by left or right rotations from the other. Therefore different sequences do not share any sequence member. The members of these different sequences do not depend on the binary word’s value, but from its length l and Hamming weight . A set of elements with the same sequence is called equivalence class.
Now, let us regard a set of the same (periodic) sequences and the number of its members is not equal to l. In this case the members of these sequences additionally depend from the left-rotational distance r of to . In those cases the set may contain , or sequences.
Let
B be a binary number of length
l and with a Hamming weight
. We use this binary number
B to create a
sequence
by performing left-rotations and applying the function
z as we did in
Section 5:
Moreover, we define a function
Z that uses the binary number
B as an input and yields the sum of all the members belonging to the periodic sequence
which we generated from
B:
Example 4. We choose and this results in and . The length and the Hamming weight . This is a really trivial case of periodic sequence generation. Each row in Table 3 depicts the periodic sequence which we generated from B. This Table 3 illustrates that the generated cycles are not only reflected (horizontally) by rows, but also (vertically) by columns. That is because the digit 1 appears on every position within our rotated binary number B only once. Finally always . Note that and are identical for the (rotated) B in each table row, since rotating a binary number generally does not affect the corresponding and . Halbeisen’s and Hungerbühler’s set which we introduced in Section 5 contains in the present case l words: . Therefore our equivalence class for and the Hamming weight has the size of 5 elements. This behavior is exactly the same for , since the binary number 11110 behaves in the same way as 00001.
Now let us consider less trivial cases. The number of possible Hamming weights is odd for a binary word having an even length. For instance, if the binary number’s length then this binary number can have a Hamming weight . If the binary number’s length then this binary number can have a Hamming weight .
Example 5. We choose which results in and . The length is even and the Hamming weight is . Table 4 shows that for the periodic sequence which we generated from B represents a concatenation of the cycle , in which this cycle occurs exactly twice. In other words, this sequence has periods. We have distinct words and therefore 3 distinct equivalence class members in this periodic sequence which we generated from B. When we invert the binary number by replacing 0 with 1 (and vice versa) we obtain the binary number 110110. This inverted binary number has the Hamming weight and exhibits the same behavior as . Generally spoken, the cases for behave as same as .
Example 6. We choose which results in and . The length is again and the Hamming weight is . Table 5 shows that for the periodic sequence which we generated from B represents a concatenation of the cycle , in which this cycle occurs exactly three times. In other words, this sequence has periods. Here we have distinct words and therefore 2 distinct equivalence class members in this periodic sequence which we generated from B. Also here, inverting the binary number B leads to the same behavior, i.e., the cases for behave the same as .
It is important to note in conclusion that the amount of cycles that we can generate from a given binary number B is deterministic and not random. The Hamming weight affects the binary combinatorics and it affects together with the length l the number of possible cycles that we are able to generate from B.
For a given binary number B of length l with a Hamming weight the cases behave as same as for the inverted binary number (having the Hamming weight ). For a given binary number B the possibilities for generating periodic sequences from B are limited as well.
8. Equivalence Classes for a Binary B of Length l
In the previous section, we took a look at the construct within one equivalence class. In this section we will analyze the construct from all different equivalence classes to each other for all possible binary input values B of a given length l.
It is important to understand how many equivalence classes there exist, or in other words, how many different constants
we have for any given length
l with all possible binaries
B. Grosek and Hromada [
3] provide us a formula to obtain the amount of equivalence classes for a given length
l.
returns how many equivalence classes we have for our input parameters
l, the hamming weight
and the cardinality
d of an equivalence class. In trivial cases the size and therefore the cardinality of any class is always
and also for a Hamming weight of
or
the cardinality is always
since we only have one sequence with only ones ore zeros. But due to the periodicity in non-trivial cases we also have different sizes for our classes and therefore also different cardinalities for each class. We collect different cardinalities for a given length
l and hamming weight
in
.
Example 7. Now let us find out how many equivalence classes we have for a binary word of length . First we need all cardinalities for each possible Hamming weight with . The cardinalities are as followed , , since this counts for all trivial cases. and are non trivial cases and have therefor more than one equivalence class with different sizes. In Table 4 and Table 5 we already saw the different sizes of the equivalence classes for those cardinalities. Now we can start applying our input parameters to formula (8). First let us look at the sum function in our equation. The sum has three conditions , and . Since k has to be less than d but also be an element out of it is necessary to have at least two elements in to hit the sum. In trivial cases it is otherwise always zero. After calculating our trivial cases we clearly see that we end with only one specific equivalence class for those given input variables.
Now let us look at one non trivial case with the input parameter , and . The first equation has again zero for the sum function, since is indeed an element of but not smaller than the cardinality . On the other hand for in we do have a possible value for the sum index k. In fact fulfills all three conditions and has therefore as an additional subtrahend in our equation.
If we do the same for and we end up with , , and . After counting the cases we end up with 14 different constants, like we already mentioned in the previous chapter.
9. Generalizations to kn + c Cycles
First we generalize the function (
4) by introducing the following function:
9.1. Generalization of Theorem 1
We can generalize Theorem 1 by replacing 3 by
k. The smallest number
belonging to a
cycle having
odd and
even members is:
9.2. Generalization of Theorem 2
Theorem 2 applies equally to cycles as it does to cycles. The proof provided for Theorem 2 is trivially generalizable to cycles. This applies to the proof of the generalized Theorem 1 too.
9.3. Generalization of Theorem 3
Leaving the task of prove to the reader, we simply generalize Theorem 3 for cycles having odd and even members:
- (a)
A cycle only exists if the inequality holds.
- (b)
A cycle only exists if the integer c and the difference are not coprime: .
- (c)
Let
be all positions (the indexing is zero-based) in the parity vector occupied by 1. A cycle only exists if the divisibility
holds, where
z is the function (
3).
- (d)
The number of cycles is always less than or equal to the number of cycles, where a is an odd number.
9.4. Generalization of Theorem 4
We generalize Theorem 4 by stating that two different primitive cycles, and , can never share a common parity vector.
Proof. A
cycle with a given parity vector first appears at:
Let there exist cycles and with the same parity vector, this implies that the values of A and as defined in Definition 2 are same for both the cycles. Therefore using the formula, a cycle can exist if is an integer, i.e., divides . The cycle will originate for the minimum such value of c. Therefore there can only be one value of c for which the parity vector produces a cycle that is not inherited. □
9.5. Generalizing the Binary Rotations to kn + c Cycles
Let
B be a binary number. The divisibility feature
, demonstrated in
Section 3 holds for the generalized
cycles. For this we set
and generalize function (
3) as follows:
Here again are the positions (indexing is zero-based) in B occupied by 1. It should be noted that this divisibility is an observation that remains to be proven. Possibly such a proof would contribute significantly to a proof of the Collatz conjecture.
9.6. More Theorems for kn + c Cycles
A positive integer
k is called a
Crandall number, if there exists a
cycle. The following very fundamental Theorem 6 is well known, see [
13,
14]:
Theorem 6. Every Wieferich number is a Crandall number. In other words, if k is a Wieferich number, then a cycle cycle exists.
Franco and Pomerance provided a proof for Theorem 6 in their paper [
14].
Theorem 7. If and are coprime, then for a given k both functions and do not have any common non-trivial cycle (cycle with the same parity vector).
A proof is given by Anant Gupta [
10]. The idea can be sketched as follows: Let
i be an integer. Since
does not divide
, all
cycles where
will require
to divide
A (recall that
A is specified by Definition 2), which is the same condition for
cycles. This implies that all cycles of
are equal to the cycles of
. Similarly all cycles of
are equal to the cycles of
.
10. Conclusions
In this paper, we investigated the behavior of rotating binary numbers. We found out that a rotation by r digits to the left of a binary number B exhibits in particular cases the divisibility , where l is the bit-length of B and is the Hamming weight of B and r is the left-rotational distance as specified by Definition 1. We investigated the connection between this rotational distance, the bit length, and the Hamming weight. A core property is, that only under certain circumstances the above-mentioned divisibility becomes true – namely, this divisibility occurs for cycles.
Additionally, we reduce the amount of electrical calculation for the cycle calculations to the number of equivalence classes instead of the number of binaries . The cycle generation is exactly the same for any member within such a class and can therefore be resolved from the other members that have been already calculated.
Furthermore, we defined a more generic version of sufficiently mixing with more cryptography power, since we generalize cycles to cycles by introducing another variable k. Therefore, the range of all possible values becomes expanded and more obfuscated.