Abstract
In this paper, we study some properties of a certain kind of permutation σ over \(\mathbb {F}_{2}^{n}\), where n is a positive integer. The desired properties for σ are: (1) the algebraic degree of each component function is n − 1; (2) the permutation is unicyclic; (3) the number of terms of the algebraic normal form of each component is at least 2n− 1. We call permutations that satisfy these three properties simultaneously unicyclic strong permutations. We prove that our permutations σ always have high algebraic degree and that the average number of terms of each component function tends to 2n− 1. We also give a condition on the cycle structure of σ. We observe empirically that for n even, our construction does not provide unicylic permutations. For n odd, n ≤ 11, we conduct an exhaustive search of all σ given our construction for specific examples of unicylic strong permutations. We also present some empirical results on the difference tables and linear approximation tables of σ.
Similar content being viewed by others
References
Bacher, A., Bodini, O., Hwang, H.-K., Tsai, T.-H.: Generating random permutations by coin tossing: Classical algorithms, new analysis, and modern implementation. ACM Trans. Algor. 13(2), 1–43 (2017)
Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991)
Brassard, G., Kannan, S.: The generation of random permutations on the fly. Inf. Process. Lett., 28(4) (1988)
Carlet, C.: Boolean functions for cryptography and error correcting codes. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering. monography’s chapter, pp 257–397. Cambridge University Press (2010)
Carlet, C.: Vectorial boolean functions for cryptography. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering. monography’s chapter, pp 398–469. Cambridge University Press (2010)
Daemen, J., Vincent, R.: The Design of Rijndael: AES-the Advanced Encryption Standard. Springer Science & Business Media (2013)
Flajolet, P., Odlyzko, A.M.: Random mapping statistics. In: Quisquater, J.-J., Vandewalle, J. (eds.) Advances in Cryptology — EUROCRYPT ’89, vol. 434, pp 329–354. LNCS (1990)
Flajolet, P., Sedgewick, R.: Analytic Combinatorics, 1st edn. Cambridge University Press (2009)
Hansen, T., Mullen, G.L.: Primitive polynomials over finite fields. Math. Comput. 59(200), 639–643 (1992)
Xiao, G.-Z., Massey, L., James: A spectral characterization of correlation-immune combining functions. IEEE Trans. Inf. Theory 34(3), 569–571 (1988)
Matsui, M.: Linear cryptanalysis method for DES cipher. In: Workshop on the Theory and Application of of Cryptographic Techniques, pp 386–397. Springer (1993)
Mullen, G.L., Panario, D: Handbook of Finite Fields. Chapman & Hall/CRC (2013)
Nyberg, K.: Statistical and linear independence of binary random variables. Cryptology ePrint Archive Report 2017/432 (2017)
Siegenthaler, T.: Correlation-immunity of nonlinear combining functions for cryptographic applications. IEEE Trans. Info. Th. 30, 776–780 (1984)
Szpankowski, W.: Average Case Analysis of Algorithms on Sequences. Wiley (2001)
Wan, D.: Generators and irreducible polynomials over finite fields. Math. Comput. 66(219), 1195–1212 (1997)
Acknowledgments
The authors are grateful for the very careful reviews and the constructive suggestions received from the referees.
Author information
Authors and Affiliations
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the Topical Collection on Special Issue on Boolean Functions and Their Applications
Appendices
Appendix A: Empirical evidence for Assumption 1
In Tables 8, 9, 10, and 11, the column entitled i refers to the coefficients of Xi of an irreducible polynomial of degree d. The column entitled “Ratios” gives the ratios of the number of irreducible polynomials of degree d with a Xi term.
In order to make this article concise, we jump from degree 13 to 26 up to 29 inclusively.
Appendix B: Differentials and correlations
Example 1 gives two unicyclic permutations that are APN except for a fixed set of 215 pairs giving differentials of size 215.
Example 1
The following two examples give unicyclic permutations σ that are APN aside from 215 (c, d) pairs each giving 215 solutions to σ(X ⊕ c) ⊕ σ(X) = d. A summary of both difference tables is given in Table 12. We present these examples for interest and further study, but we make no claims on their suitability for cryptography.
Example 2
Let n = 17 and let Q and Pb be as follows,
The difference table for σ defined with Q and Pb is
Example 3
Let n = 19 and let Q and Pb be as follows,
The difference table for σ defined with Q and Pb is
Differentials | Counts |
---|---|
0 | 137444193323 |
2 | 137428735987 |
4 | 4977558 |
6 | 75 |
524288 | 1 |
Example 4 gives a comparison of a particular unicyclic permutation with a uniformly randomly sampled permutation.
Example 4
Let n = 15 and let Q and Pb be as follows,
The linear approximation table for σ defined with Q and Pb is
Comparing with a uniform random permutation, we obtain
Appendix C: An example with intermediate round computations
For 1 ≤ i ≤ n, let
In Table 13, we give the sequence a = a(0) → a(1) →⋯ → a(n); columns entitled a(i) contain the output of the partial computations a(i) = σi− 1σi− 2⋯σ0. In each column, we give an underlined boldfaced entry that signifies a cycle that is not of maximal length up to the given column/round. For instance, after two rounds, we have a fixed point since σ1σ0(59) = 59, and after four rounds we have a cycle of length three since σ3σ2σ1σ0(0) = 23, σ3σ2σ1σ0(23) = 35, and σ3σ2σ1σ0(35) = 0.
As expected, since the degree is even (n = 6), the resulting composition is not unicyclic although the initial round corresponding to σ0 is unicyclic.
Rights and permissions
About this article
Cite this article
Gravel, C., Panario, D. & Thomson, D. Unicyclic strong permutations. Cryptogr. Commun. 11, 1211–1231 (2019). https://doi.org/10.1007/s12095-019-00384-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12095-019-00384-4