51 research outputs found
Key differentiation attacks on stream ciphers
In this paper the applicability of differential cryptanalytic tool to stream
ciphers is elaborated using the algebraic representation similar to
early Shannon\u27s postulates regarding the concept of confusion. In
2007, Biham and Dunkelman \cite{BihDunk}
have formally introduced the concept of differential
cryptanalysis in stream ciphers by addressing the three different
scenarios of interest. Here we mainly consider the first scenario
where the key difference and/or IV difference influence the internal
state of the cipher .
We then show that under certain circumstances a chosen IV attack may
be transformed in the key chosen attack. That is,
whenever at some stage of the key/IV setup algorithm (KSA) we may
identify linear relations between some subset of key and IV bits,
and these key variables only appear through these linear relations, then
using the differentiation of internal state variables (through chosen
IV scenario of attack) we are able to
eliminate the presence of corresponding key variables. The method
leads to an attack whose complexity is beyond the exhaustive
search, whenever the cipher admits exact algebraic description of
internal state variables and the keystream computation is not
complex. A successful application is especially noted in the
context of stream ciphers whose keystream bits evolve relatively slow
as a function of secret state bits. A modification of the attack
can be applied to the TRIVIUM stream cipher \cite{Trivium}, in this case
12 linear relations could be identified but at the same time the same
12 key variables appear in another part of state register. Still, a
significant decrease in the degree and complexity of state bit
expressions after the KSA is achieved. Computer simulations,
currently in progress,
will answer the question for what number of
initialization rounds the attack is faster than exhaustive search
Improving the lower bound on the maximum nonlinearity of 1-resilient Boolean functions and designing functions satisfying all cryptographic criteria
In this paper, we improve the lower bound on the maximum nonlinearity of 1-resilient Boolean functions, for even, by proposing a method of constructing this class of functions attaining the best nonlinearity currently known. Thus for the first time, at least for small values of , the upper bound on nonlinearity can be reached in a deterministic manner in difference to some heuristic search methods proposed previously. The nonlinearity of these functions is extremely close to the maximum nonlinearity attained by bent functions and it might be the case that this is the highest possible nonlinearity of 1-resilient functions. Apart from this theoretical contribution, it turns out that the cryptographic properties of these functions are overall good apart from their moderate resistance to fast algebraic attacks (FAA). This weakness is repaired by a suitable modification of the original functions giving a class of balanced functions with almost optimal resistance to FAA whose nonlinearity is better than the nonlinearity of other methods
Design and analysis of bent functions using -subspaces
In this article, we provide the first systematic analysis of bent functions
on in the Maiorana-McFarland class
regarding the origin and cardinality of their -subspaces, i.e.,
vector subspaces on which the second-order derivatives of vanish. By
imposing restrictions on permutations of , we specify
the conditions, such that Maiorana-McFarland bent functions admit a unique -subspace of dimension . On the
other hand, we show that permutations with linear structures give rise to
Maiorana-McFarland bent functions that do not have this property. In this way,
we contribute to the classification of Maiorana-McFarland bent functions, since
the number of -subspaces is invariant under equivalence.
Additionally, we give several generic methods of specifying permutations
so that admits a unique -subspace. Most
notably, using the knowledge about -subspaces, we show that using
the bent 4-concatenation of four suitably chosen Maiorana-McFarland bent
functions, one can in a generic manner generate bent functions on
outside the completed Maiorana-McFarland class
for any even . Remarkably, with our construction
methods it is possible to obtain inequivalent bent functions on
not stemming from two primary classes, the partial spread
class and . In this way, we contribute to a better
understanding of the origin of bent functions in eight variables, since only a
small fraction, of which size is about , stems from and
, whereas the total number of bent functions on
is approximately
Cycle structure of generalized and closed loop invariants
This article gives a rigorous mathematical treatment of generalized and closed loop invariants (CLI) which extend the standard notion of (nonlinear) invariants used in the cryptanalysis of block ciphers. Employing the cycle structure of bijective S-box components, we precisely characterize the cardinality of both generalized and CLIs. We demonstrate that for many S-boxes used in practice quadratic invariants (especially useful for mounting practical attacks in cases when the linear layer is an orthogonal matrix) might not exist, whereas there are many quadratic invariants of generalized type (alternatively quadratic CLIs). In particular, it is shown that the inverse mapping over admits quadratic CLIs that additionally possess linear structures. The use of cycle structure is further refined through a novel concept of active cycle set, which turns out to be useful for defining invariants of the whole substitution layer. We present an algorithm for finding such invariants provided the knowledge about the cycle structure of the constituent S-boxes used
Construction of resilient S-boxes with higher-dimensional vectorial outputs and strictly almost optimal nonlinearity
Resilient substitution boxes (S-boxes) with high nonlinearity are important cryptographic primitives in the design of certain encryption algorithms. There are several trade-offs between the most important cryptographic parameters and their simultaneous optimization is regarded as a difficult task. In this paper we provide a construction technique to obtain resilient S-boxes with so-called strictly almost optimal (SAO) nonlinearity for a larger number of output bits than previously known. This is the first time that the nonlinearity bound of resilient S-boxes, where and denote the number of the input and output bits respectively, has been exceeded for . Thus, resilient S-boxes with extremely high nonlinearity and a larger output space compared to other design methods have been obtained
Permutations via linear translators
International audienceWe show that many infinite classes of permutations over finite fields can be constructedvia translators with a large choice of parameters. We first characterize some functionshaving linear translators, based on which several families of permutations are then derived. Extending the results of \cite{kyu}, we give in several cases thecompositional inverse of these permutations. The connection with complete permutations is also utilized to provide further infinite classes of permutations. Moreover, wepropose new tools to study permutations of the form and a few infinite classes of permutations of this form are proposed
- …