Cryptographic Properties of Addition Modulo 2n2^n

The operation of modular addition modulo a power of two is one of the most applied operations in symmetric cryptography. For example, modular addition is used in RC6, MARS and Twofish block ciphers and RC4, Bluetooth and Rabbit stream ciphers. In this paper, we study statistical and algebraic properties of modular addition modulo a power of two. We obtain probability distribution of modular addition carry bits along with conditional probability distribution of these carry bits. Using these probability distributions and Markovity of modular addition carry bits, we compute the joint probability distribution of arbitrary number of modular addition carry bits. Then, we examine algebraic properties of modular addition with a constant and obtain the number of terms as well as algebraic degrees of component Boolean functions of modular addition with a constant. Finally, we present another formula for the ANF of the component Boolean functions of modular addition modulo a power of two. This formula contains more information than representations which are presented in cryptographic literature, up to now

Algebraic Properties of Modular Addition Modulo a Power of Two

Abstract; Modular addition modulo a power of two, is one of the most applicable operators in symmetric cryptography; therefore, investigating cryptographic properties of this operator has a significant role in design and analysis of symmetric ciphers. Algebraic properties of modular addition modulo a power of two have been studied for two operands by Braeken in fse’05. Also, the authors of this paper, have studied this operator, in some special cases, before. In this paper, taking advantage of previous researches in this area, we generalize algebraic properties of this operator for more than two summands. More precisely, we determine the algebraic degree of the component Boolean functions of modular addition of arbitrary number of summands modulo a power of two, as a vectorial Boolean function, along with the number of terms and variables in these component functions. As a result, algebraic degrees of the component Boolean functions of Generalized Pseudo-Hadamard Transforms are computed