The extended Toda hierarchy

Using construction of logarithm of a difference operator, we present the Lax pair formalism for certain extension of the continuous version of the classical Toda lattice hierarchy, provide a well defined notion of tau function for its solutions, and give an explicit formulation of the relationship between the CP1 topological sigma model and the extended Toda hierarchy. We also establish an equivalence of the latter with certain extension of the nonlinear Schrodinger hierarchy

The Extended Bigraded Toda hierarchy

We generalize the Toda lattice hierarchy by considering N+M dependent variables. We construct roots and logarithms of the Lax operator which are uniquely defined operators with coefficients that are $\epsilon$-series of differential polynomials in the dependent variables, and we use them to provide a Lax pair definition of the extended bigraded Toda hierarchy. Using R-matrix theory we give the bihamiltonian formulation of this hierarchy and we prove the existence of a tau function for its solutions. Finally we study the dispersionless limit and its connection with a class of Frobenius manifolds on the orbit space of the extended affine Weyl groups of the $A$ series.Comment: 32 pages, corrected typo

A construction of bent functions from plateaued functions

In this presentation, a technique for constructing bent functions from plateaued functions is introduced and analysed. This generalizes earlier techniques for constructing bent from near-bent functions. Using this construction, we obtain a big variety of inequivalent bent functions, some weakly regular and some non-weakly regular. Classes of bent function with some additional properties that enable the construction of strongly regular graphs are constructed, and explicit expressions for bent functions with maximal degree are presented

Additive Autocorrelation of Resilient Boolean Functions

Abstract. In this paper, we introduce a new notion called the dual func-tion for studying Boolean functions. First, we discuss general properties of the dual function that are related to resiliency and additive autocor-relation. Second, we look at preferred functions which are Boolean func-tions with the lowest 3-valued spectrum. We prove that if a balanced preferred function has a dual function which is also preferred, then it is resilient, has high nonlinearity and optimal additive autocorrelation. We demonstrate four such constructions of optimal Boolean functions using the Kasami, Dillon-Dobbertin, Segre hyperoval and Welch-Gong Transformation functions. Third, we compute the additive autocorrela-tion of some known resilient preferred functions in the literature by using the dual function. We conclude that our construction yields highly non-linear resilient functions with better additive autocorrelation than the Maiorana-McFarland functions. We also analysed the saturated func-tions, which are resilient functions with optimized algebraic degree and nonlinearity. We show that their additive autocorrelation have high peak values, and they become linear when we fix very few bits. These potential weaknesses have to be considered before we deploy them in applications.

Cryptanalysis of a Theorem: Decomposing the Only Known Solution to the Big APN Problem

The existence of Almost Perfect Non-linear (APN) permutations operating on an even number of bits has been a long standing open question until Dillon et al., who work for the NSA, provided an example on 6 bits in 2009. In this paper, we apply methods intended to reverse-engineer S-Boxes with unknown structure to this permutation and find a simple decomposition relying on the cube function over GF(2^3) . More precisely, we show that it is a particular case of a permutation structure we introduce, the butterfly. Such butterflies are 2n-bit mappings with two CCZ-equivalent representations: one is a quadratic non-bijective function and one is a degree n+1 permutation. We show that these structures always have differential uniformity at most 4 when n is odd. A particular case of this structure is actually a 3-round Feistel Network with similar differential and linear properties. These functions also share an excellent non-linearity for n=3,5,7. Furthermore, we deduce a bitsliced implementation and significantly reduce the hardware cost of a 6-bit APN permutation using this decomposition, thus simplifying the use of such a permutation as building block for a cryptographic primitive

Tornado: Automatic Generation of Probing-Secure Masked Bitsliced Implementations

International audienceCryptographic implementations deployed in real world devices often aim at (provable) security against the powerful class of side-channel attacks while keeping reasonable performances. Last year at Asiacrypt, a new formal verification tool named tightPROVE was put forward to exactly determine whether a masked implementation is secure in the well-deployed probing security model for any given security order t. Also recently, a compiler named Usuba was proposed to automatically generate bitsliced implementations of cryptographic primitives.This paper goes one step further in the security and performances achievements with a new automatic tool named Tornado. In a nutshell, from the high-level description of a cryptographic primitive, Tornado produces a functionally equivalent bitsliced masked implementation at any desired order proven secure in the probing model, but additionally in the so-called register probing model which much better fits the reality of software implementations. This framework is obtained by the integration of Usuba with tightPROVE+, which extends tightPROVE with the ability to verify the security of implementations in the register probing model and to fix them with inserting refresh gadgets at carefully chosen locations accordingly.We demonstrate Tornado on the lightweight cryptographic primitives selected to the second round of the NIST competition and which somehow claimed to be masking friendly. It advantageously displays performances of the resulting masked implementations for several masking orders and prove their security in the register probing model

Some Results on the Known Classes of Quadratic APN Functions

In this paper, we determine the Walsh spectra of three classes of quadratic APN functions and we prove that the class of quadratic trinomial APN functions constructed by Gölo\u glu is affine equivalent to Gold functions

Making Masking Security Proofs Concrete - Or How to Evaluate the Security of any Leaking Device

We investigate the relationships between theoretical studies of leaking cryptographic devices and concrete security evaluations with standard side-channel attacks. Our contributions are in four parts. First, we connect the formal analysis of the masking countermeasure proposed by Duc et al. (Eurocrypt 2014) with the Eurocrypt 2009 evaluation framework for side-channel key recovery attacks. In particular, we re-state their main proof for the masking countermeasure based on a mutual information metric, which is frequently used in concrete physical security evaluations. Second, we discuss the tightness of the Eurocrypt 2014 bounds based on experimental case studies. This allows us to conjecture a simplified link between the mutual information metric and the success rate of a side-channel adversary, ignoring technical parameters and proof artifacts. Third, we introduce heuristic (yet well-motivated) tools for the evaluation of the masking countermeasure when its independent leakage assumption is not perfectly fulfilled, as it is frequently encountered in practice. Thanks to these tools, we argue that masking with non-independent leakages may provide improved security levels in certain scenarios. Eventually, we consider the tradeoff between measurement complexity and key enumeration in divide-and-conquer side-channel attacks, and show that it can be predicted based on the mutual information metric, by solving a non-linear integer programming problem for which efficient solutions exist. The combination of these observations enables significant reductions of the evaluation costs for certification bodies