From at Least n/3 to at Most 3n: Correcting the Algebraic Immunity of the Hidden Weight Bit Function: Algebraic Immunity Upper Bounds on Weightwise Degree-d Functions and Their Implications

peer reviewedWeightwise degree-d (WWdd) functions are Boolean functions that, on each set of fixed Hamming weight, coincide with a function of degree at most d. They generalize both symmetric functions and the Hidden Weight Bit Function (HWBF), which has been studied in cryptography for its favorable properties. In this work, we establish a general upper bound on the algebraic immunity of such functions, a key security parameter against algebraic attacks on stream ciphers like filtered Linear Feedback Shift Registers (LFSRs). We construct explicit low-degree annihilators for WWdd functions with small d, and show how to generalize these constructions. As an application, we prove that the algebraic immunity of the HWBF is upper bounded by 3n disproving a result from 2011 that claimed a lower bound of n/3. We then apply our technique to several generalizations of the HWBF proposed since 2021 for homomorphically friendly constructions and LFSR-based ciphers, refining or refuting results from six prior works

On the cryptographic properties of weightwise affine and weightwise quadratic functions

Weightwise degree-d functions are Boolean functions that take the values of a function of degree at most d on each set of fixed Hamming weight. The class of weightwise affine functions encompasses both the symmetric functions and the Hidden Weight Bit Function (HWBF). The good cryptographic properties of the HWBF, except for the nonlinearity, motivates to investigate a larger class with functions that share the good properties and have a better nonlinearity. Additionally, the homomorphic friendliness of symmetric functions exhibited in the context of hybrid homomorphic encryption and the recent results on homomorphic evaluation of Boolean functions make this class of functions appealing for efficient privacy-preserving protocols. In this article we realize the first study on weightwise degree-d functions, focusing on weightwise affine and weightwise quadratic functions. We show some properties on these new classes of functions, in particular on the subclass of cyclic weightwise functions. We provide balanced constructions and prove nonlinearity lower bounds for all cyclic weightwise affine functions and for a family of weightwise quadratic functions. We complement our work with experimental results, they show that other cyclic weightwise linear functions than the HWBF have better cryptographic parameters, and considering weightwise quadratic functions allows to reach higher algebraic immunity and substantially better nonlinearity

On the cryptographic properties of weightwise affine and weightwise quadratic functions

Weightwise degree-d functions are Boolean functions that take the values of a function of degree at most d on each set of fixed Hamming weight. The class of weightwise affine functions encompasses both the symmetric functions and the Hidden Weight Bit Function (HWBF). The good cryptographic properties of the HWBF, except for the nonlinearity, motivates to investigate a larger class with functions that share the good properties and have a better nonlinearity. Additionally, the homomorphic friendliness of symmetric functions exhibited in the context of hybrid homomorphic encryption and the recent results on homomorphic evaluation of Boolean functions make this class of functions appealing for efficient privacy-preserving protocols. In this article we realize the first study on weightwise degree-d functions, focusing on weightwise affine and weightwise quadratic functions. We show some properties on these new classes of functions, in particular on the subclass of cyclic weightwise functions. We provide balanced constructions and prove nonlinearity upper bounds for all cyclic weightwise affine functions and for a family of weightwise quadratic functions. We complement our work with experimental results, they show that other cyclic weightwise linear functions than the HWBF have better cryptographic parameters, and considering weightwise quadratic functions allows to reach higher algebraic immunity and substantially better nonlinearity

The Revisited Hidden Weight Bit Function

The Hidden Weight Bit Function (HWBF) has drawn considerable attention for its simplicity and cryptographic potential. Despite its ease of implementation and favorable algebraic properties, its low nonlinearity limits its direct application in modern cryptographic designs. In this work, we revisit the HWBF and propose a new weightwise quadratic variant obtained by combining the HWBF with a bent function. This construction offers improved cryptographic properties while remaining computationally efficient. We analyze the balancedness, nonlinearity, and other criteria of this function, presenting theoretical bounds and experimental results to highlight its advantages over existing functions in similar use cases. The different techniques we introduce to study the nonlinearity of this function also enable us to bound the nonlinearity of a broad family of weightwise quadratic functions, both theoretically and practically. We believe these methods are of independent interest.Preprin

From at Least n/3n/3 to at Most 3n3\sqrt{n}: Correcting the Algebraic Immunity of the Hidden Weight Bit Function

Weightwise degree-$d$ functions are Boolean functions that, on each set of fixed Hamming weight, coincide with a function of degree at most $d$. They generalize both symmetric functions and the Hidden Weight Bit Function (HWBF), which has been studied in cryptography for its favorable properties. In this work, we establish a general upper bound on the algebraic immunity of such functions, a key security parameter against algebraic attacks on stream ciphers like filtered Linear Feedback Shift Registers (LFSRs). We construct explicit low-degree annihilators for WWdd functions with small $d$, and show how to generalize these constructions. As an application, we prove that the algebraic immunity of the HWBF is upper bounded by $3\sqrt{n}$ disproving a result from 2011 that claimed a lower bound of $n/3$. We then apply our technique to several generalizations of the HWBF proposed since 2021 for homomorphically friendly constructions and LFSR-based ciphers, refining or refuting results from six prior works

The Revisited Hidden Weight Bit Function

The Hidden Weight Bit Function (HWBF) has drawn considerable attention for its simplicity and cryptographic potential. Despite its ease of implementation and favorable algebraic properties, its low nonlinearity limits its direct application in modern cryptographic designs. In this work, we revisit the HWBF and propose a new weightwise quadratic variant obtained by combining the HWBF with a bent function. This construction offers improved cryptographic properties while remaining computationally efficient. We analyze the balancedness, nonlinearity, and other criteria of this function, presenting theoretical bounds and experimental results to highlight its advantages over existing functions in similar use cases. The different techniques we introduce to study the nonlinearity of this function also enable us to bound the nonlinearity of a broad family of weightwise quadratic functions, both theoretically and practically. We believe these methods are of independent interest

Transparency order for Boolean functions: analysis and construction

The article of record as published may be found at https://doi.org/10.1007/s10623-019-00604-1The notion of transparency order, proposed by Prouff (DPA attacks and S-boxes, FSE 2005, LNCS 3557, Springer, Berlin, 2005) and then redefined by Chakraborty et al. (Des Codes Cryptogr 82:95–115, 2017), is a property that attempts to characterize the resilience of cryp- tographic algorithms against differential power analysis attacks. In this paper, we give a tight upper bound on the transparency order in terms of nonlinearity, inferring the worst possible transparency order of those functions with the same nonlinearity. We also give a lower bound between transparency order and nonlinearity. We study certain classes of Boolean functions for their transparency order and find that this parameter for some functions of low algebraic degree can be determined by their nonlinearity. Finally, we construct two infinite classes of balanced semibent Boolean functions with provably relatively good transparency order (this is the first time that an infinite class of highly nonlinear balanced functions with provably good transparency order is given).The first author would like to thank the financial support from the National Natural Science Foundation of China (Grant No. 61572189).The first author would like to thank the financial support from the National Natural Science Foundation of China (Grant No. 61572189)