Generating S-Boxes from Semi-fields Pseudo-extensions

Block ciphers, such as the AES, correspond to a very important family of secret-key cryptosystems. The security of such systems partly relies on what is called the S-box. This is a vectorial Boolean function f : F n 2 ֒→ F n 2 , where n is the size of the blocks. It is often the only non linear opera-tion in the algorithm. The most well-known attacks against block ciphers algorithms are the known-plaintext attacks called differential cryptanal-ysis [4, 10] and linear cryptanalysis [11]. To protect such cryptosystems against linear and differential attacks, S-boxes are designed to fulfill some cryptographic criteria (balancedness, high nonlinearity, high algebraic de-gree, avalanche, or transparency [2, 12]) and are usually defined on finite fields, like F2n [7, 3]. Unfortunately, it seems difficult to find good S-Boxes, at least for bijective ones: random generation does not work [8, 9] and the one used in the AES or Camellia are actually variations around a single function, the inverse function in F2n . Would the latter function have an unforeseen weakness (for instance if more practical algebraic attacks are developped), it would be desirable to have some replacement candidates. For that matter, we propose to weaken a little bit the algebraic part of the design of S-Boxes and use finite semi-fields instead of finite fields to build such S-Boxes. Finite semi-fields relax the associativity and com-mutativity of the multiplication law. While semi-fields of a given order are unique up to isomorphism, on the contrary semi-fields of a given order can be numerous: nowadays, on the one hand, it is for instance easy to generate all the 36 semi-fields of order 2 4 , but, on the other hand, it is not even known how many semi-fields are there of order 2 8 . Therefore, we propose to build S-Boxes via semi-fields pseudo extensions of the form S 2 2 4 , where S 2 4 is any semi-field of order 2 4 , and mimic in this structure the use of the inverse function in a finite field. We report here the construction of 10827 S-Boxes, 7052 non CCZ-equivalent, with maximal nonlinearity, differential invariants, degrees and bit interdependency. Among the latter 2963 had fix points, and among the ones without fix points, 3846 had the avalanche level of AES and 243 1 the better avalanche level of Camellia. Among the latter 232 have a better transparency level than the inverse function on a finite field

Improving the Statistical Qualities of Pseudo Random Number Generators

Pseudo random and true random sequence generators are important components in many scientific and technical fields, playing a fundamental role in the application of the Monte Carlo methods and stochastic simulation. Unfortunately, the quality of the sequences produced by these generators are not always ideal in terms of randomness for many applications. We present a new nonlinear filter design that improves the output sequences of common pseudo random generators in terms of statistical randomness. Taking inspiration from techniques employed in symmetric ciphers, it is based on four seed-dependent substitution boxes, an evolving internal state register, and the combination of different types of operations with the aim of diffusing nonrandom patterns in the input sequence. For statistical analysis we employ a custom initial battery of tests and well-regarded comprehensive packages such as TestU01 and PractRand. Analysis results show that our proposal achieves excellent randomness characteristics and can even transform nonrandom sources (such as a simple counter generator) into perfectly usable pseudo random sequences. Furthermore, performance is excellent while storage consumption is moderate, enabling its implementation in embedded or low power computational platforms.This research was funded by the Spanish Ministry of Science, Innovation and Universities (MCIU), the State Research Agency (AEI), and the European Regional Development Fund (ERDF) under project RTI2018-097263-B-I00 (ACTIS)

Randomness analysis and generation of key-derived s-boxes

Although many ciphers use fixed, close to ideal, s-boxes (like AES e.g.), random s-boxes offer an interesting alternative since they have no underlying structure that can be exploited in cryptanalysis. For this reason, some cryptosystems generate pseudorandom s-boxes as a function of the key (key-derived). We analyse the randomness properties of key-derived s-boxes generated by some popular cryptosystems like the RC4 stream cipher, and the Blowfish and Twofish block ciphers with the aim of establishing if this kind of s-boxes are indistinguishable from purely random s-boxes. For this purpose we have developed a custom software framework to generate and evaluate random and key-derived s-boxes. We also detail and analyse several mechanisms for the generation of proper key-derived s-boxes, including fixed-point filtering and different sizes based on 8 × 8 s-boxes.Partially supported by grants TIN2011-25452 (TUERI) and TEC2014-54110-R (CASUS)