Advertisement

Designs, Codes and Cryptography

, Volume 87, Issue 1, pp 31–56 | Cite as

Involutory differentially 4-uniform permutations from known constructions

  • Shihui Fu
  • Xiutao Feng
Article
  • 181 Downloads

Abstract

Substitution boxes (S-boxes) are important components of block ciphers that can cause confusion in cryptosystems. The functions used as S-boxes should have low differential uniformity, high nonlinearity and high algebraic degree. When \(k>3\), due to the lack of knowledge about the existence of almost perfect nonlinear permutations over \(\mathbb {F}_{2^{2k}}\), which can offer optimal resistance to the differential cryptanalysis, S-boxes are often constructed from differentially 4-uniform permutations. To date, many infinite families of such functions have been constructed. In addition, the lower hardware implementation cost of S-boxes is an important criterion in the design of block ciphers. If the S-box is an involution, which means that the permutation is its own compositional inverse, then the implementation cost for its inverse can be saved. The same hardware circuit can thus be used for both encryption and decryption, which is an advantage in hardware implementation. In this paper, we investigate all of the differentially 4-uniform permutations that are known in the literature and determine whether they can be involutory. We find that some involutory differentially 4-uniform permutations with high nonlinearity and algebraic degree can be given from these known constructions. We also give some partial results and computer experiments to consider the problem of whether a permutation can be affine equivalent to an involution or it will become an involution upon adding an affine function. Some new families of differentially 4-uniform involutions constructed by composing the inverse function and cycles with length 3 are also given. This family of constructions has a high nonlinearity and a maximum algebraic degree.

Keywords

Involution Differentially 4-uniform permutation Nonlinearity Permutation Algebraic degree 

Mathematics Subject Classification

06E30 14G50 94A60 

Notes

Acknowledgements

The authors would like to thank the anonymous reviewers and editors for their comments and suggestions, which significantly improved the quality and presentation of this paper. This work was supported by the National Natural Science Foundation of China (No. 61572491 and 11688101), the National Key Research and Development Program of China (No. 2016YFB0800401), and Science and Technology on Communication Security Laboratory (No. 6142103010701).

References

  1. 1.
    Banik S., Bogdanov A., Isobe T., Shibutani K., Hiwatari H., Akishita T., Regazzoni F.: Midori: a block cipher for low energy. In: Advances in Cryptology—ASIACRYPT 2015—21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29–December 3, 2015, Proceedings, Part II, pp. 411–436 (2015).Google Scholar
  2. 2.
    Borghoff J., Canteaut A., Güneysu T., Kavun E.B., Knezevic M., Knudsen L.R., Leander G., Nikov V., Paar C., Rechberger C., Rombouts P., Thomsen S., Yalçin T.: PRINCE—a low-latency block cipher for pervasive computing applications—extended abstract. In: Advances in Cryptology—ASIACRYPT 2012—18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, December 2–6, 2012. Proceedings, pp. 208–225 (2012).Google Scholar
  3. 3.
    Browning K.A., Dillon J.F., McQuistan M.T., Wolfe A.J.: An APN permutation in dimension six. In: Postproceedings of the 9th International Conference on Finite Fields and Their Applications Fq’9. Contemporary Mathematics, vol. 518, pp. 33–42. AMS (2010).Google Scholar
  4. 4.
    Biryukov A.: Analysis of involutional ciphers: Khazad and Anubis. In: 10th International Workshop Fast Software Encryption, FSE 2003, Lund, Sweden, February 24–26, 2003, Revised Papers, pp. 45–53 (2003).Google Scholar
  5. 5.
    Bracken C., Leander G.: A highly nonlinear differentially 4 uniform power mapping that permutes fields of even degree. Finite Fields Appl. 16(4), 231–242 (2010).MathSciNetzbMATHGoogle Scholar
  6. 6.
    Biham E., Shamir A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991).MathSciNetzbMATHGoogle Scholar
  7. 7.
    Bracken C., How Tan C., Tan Y.: Binomial differentially 4 uniform permutations with high nonlinearity. Finite Fields Appl. 18(3), 537–546 (2012).MathSciNetzbMATHGoogle Scholar
  8. 8.
    Carlet C.: Vectorial Boolean functions for cryptography. In: Crama Y., Hammer P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering, vol. 134, pp. 398–471. Encyclopedia of Mathematics and its Applications, Chapter 9Cambridge University Press, New York (2010).Google Scholar
  9. 9.
    Carlet C.: On known and new differentially uniform functions. In: Proceedings of the 16th Australasian Conference Information Security and Privacy, ACISP 2011, Melbourne, Australia, July 11–13, 2011, pp. 1–15 (2011).Google Scholar
  10. 10.
    Carlet C., Charpin P., Zinoviev V.: Codes, bent functions and permutations suitable for DES-like cryptosystems. Des. Codes Cryptogr. 15(2), 125–156 (1998).MathSciNetzbMATHGoogle Scholar
  11. 11.
    Canteaut A., Duval S., Perrin L.: A generalisation of Dillon’s APN permutation with the best known differential and nonlinear properties for all fields of size \(2^{4k+2}\). IEEE Trans. Inf. Theory 63(11), 7575–7591 (2017).zbMATHGoogle Scholar
  12. 12.
    Chen X., Deng Y., Zhu M., Qu L.: An equivalent condition on the switching construction of differentially 4-uniform permutations on from the inverse function. Int. J. Comput. Math. 94, 1–16 (2016).MathSciNetGoogle Scholar
  13. 13.
    Canteaut A., Roué J.: On the behaviors of affine equivalent sboxes regarding differential and linear attacks. In: Proceedings of the 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology (EUROCRYPT 2015), Sofia, Bulgaria, April 26–30, 2015, Part I, pp. 45–74 (2015).Google Scholar
  14. 14.
    Carlet C., Tang D., Tang X., Liao Q.: New construction of differentially 4-uniform bijections. In: Lin D. et al. (eds.) Proceedings of the 9th International Conference on Information Security and Cryptology (Inscrypt 2013), Guangzhou, China, November 27–30, 2013, pp. 22–38. Springer, New York (2014).Google Scholar
  15. 15.
    Chabaud F., Vaudenay S.: Links between differential and linear cryptanalysis. In: Advances in Cryptology—EUROCRYPT’94, Workshop on the Theory and Application of Cryptographic Techniques, Perugia, Italy, May 9–12, 1994, Proceedings, pp. 356–365 (1994).Google Scholar
  16. 16.
    Dobbertin H.: One-to-one highly nonlinear power functions on GF(\(2^n\)). Appl. Algebra Eng. Commun. Comput. 9(2), 139–152 (1998).MathSciNetzbMATHGoogle Scholar
  17. 17.
    Fu S., Feng X., Wu B.: Differentially 4-uniform permutations with the best known nonlinearity from butterflies. IACR Trans. Symmetric Cryptol. 2017(2), 228–249 (2017).Google Scholar
  18. 18.
    Grosso V., Leurent G., Standaert F.-X., Varici K., Durvaux F., Gaspar L., Kerckhof S.: SCREAM & iSCREAM side-channel resistant authenticated encryption with masking. Submission to CAESAR, 2014. https://competitions.cr.yp.to/round1/screamv1.pdf.
  19. 19.
    Gold R.: Maximal recursive sequences with 3-valued recursive cross-correlation functions. IEEE Trans. Inf. Theory 14(1), 154–156 (1968).zbMATHGoogle Scholar
  20. 20.
    Hirschfeld J.W.P.: Projective Geometries Over Finite Fields, 2nd edn. Oxford Mathematical Monographs, Oxford University Press, Oxford (1998).Google Scholar
  21. 21.
    Kasami T.: The weight enumerators for several classes of subcodes of the 2nd order binary reed-muller codes. Inf. Control 18(4), 369–394 (1971).zbMATHGoogle Scholar
  22. 22.
    Knudsen L.R.: Truncated and higher order differentials. In: Proceedings of the Second International Workshop on Fast Software Encryption, Leuven, Belgium, 14–16 December 1994, pp. 196–211 (1994).Google Scholar
  23. 23.
    Kyureghyan G.M.M., Suder V.: On inverses of APN exponents. In: Proceedings of the 2012 IEEE International Symposium on Information Theory, ISIT 2012, Cambridge, MA, USA, July 1–6, 2012, pp. 1207–1211 (2012).Google Scholar
  24. 24.
    Lai X.: Higher order derivatives and differential cryptanalysis. In: Blahut R.E., Costello D.J., Maurer U., Mittelholzer T. (eds.) Communications and Cryptography: Two Sides of One Tapestry, vol. 276, pp. 227–233. The Springer International Series in Engineering and Computer ScienceSpringer, Boston (1994).Google Scholar
  25. 25.
    Li Y., Wang M.: On EA-equivalence of certain permutations to power mappings. Des. Codes Cryptogr. 58(3), 259–269 (2011).MathSciNetzbMATHGoogle Scholar
  26. 26.
    Li Y., Mingsheng W.: Permutation polynomials EA-equivalent to the inverse function over GF(\(2^n\)). Cryptogr. Commun. 3(3), 175–186 (2011).MathSciNetzbMATHGoogle Scholar
  27. 27.
    Li Y., Wang M.: Constructing differentially 4-uniform permutations over GF(\(2^{2m}\)) from quadratic APN permutations over GF(\(2^{2m+1})\). Des. Codes Cryptogr. 72(2), 249–264 (2014).MathSciNetzbMATHGoogle Scholar
  28. 28.
    Li Y., Wang M., Yu Y.: Constructing differentially 4-uniform permutations over GF(\(2^{2k}\)) from the inverse function revisited. IACR Cryptology ePrint Archive: Report 2013/731, 2013. https://eprint.iacr.org/2013/731.
  29. 29.
    Matsui M.: Linear cryptanalysis method for DES cipher. In: Advances in Cryptology—EUROCRYPT’93, Workshop on the Theory and Application of of Cryptographic Techniques, Proceedings, Lofthus, Norway, May 23–27, 1993, pp. 386–397 (1993).Google Scholar
  30. 30.
    MacWilliams F.J., Sloane N.J.A.: The Theory of Error-correcting Codes. North-Holland Mathematical LibraryNorth-Holland Pub. Co., New York (1977).zbMATHGoogle Scholar
  31. 31.
    Nyberg K.: Differentially uniform mappings for cryptography. InL Advances in Cryptology—EUROCRYPT’93, Workshop on the Theory and Application of of Cryptographic Techniques, Proceedings, Lofthus, Norway, May 23–27, 1993, pp. 55–64 (1993).Google Scholar
  32. 32.
    Peng J., Tan C.H.: New explicit constructions of differentially 4-uniform permutations via special partitions of \(\mathbb{F}_{2^{2k}}\). Finite Fields Appl. 40, 73–89 (2016).MathSciNetzbMATHGoogle Scholar
  33. 33.
    Peng J., Tan C.H.: New differentially 4-uniform permutations by modifying the inverse function on subfields. Cryptogr. Commun. 9(3), 363–378 (2017).MathSciNetzbMATHGoogle Scholar
  34. 34.
    Peng J., Tan C.H., Wang Q.: A new family of differentially 4-uniform permutations over \(\mathbb{F}_{2^{2k}}\) for odd \(k\). Sci. China Math. 59(6), 1221–1234 (2016).MathSciNetzbMATHGoogle Scholar
  35. 35.
    Perrin L., Udovenko A., Biryukov A.: Cryptanalysis of a theorem: decomposing the only known solution to the big APN problem. In: Advances in Cryptology—CRYPTO 2016—36th Annual International Cryptology Conference, Proceedings, Santa Barbara, CA, USA, August 14–18, 2016, Part II, pp. 93–122 (2016).Google Scholar
  36. 36.
    Qu L., Tan Y., Li C., Gong G.: More constructions of differentially 4-uniform permutations on \(\mathbb{F}_{2^{2k}}\). Des. Codes Cryptogr. 78(2), 391–408 (2016).MathSciNetzbMATHGoogle Scholar
  37. 37.
    Qu L., Tan Y., Tan C.H., Li C.: Constructing differentially 4-uniform permutations over \(\mathbb{F}_{2^{2k}}\) via the switching method. IEEE Trans. Inf. Theory 59(7), 4675–4686 (2013).zbMATHGoogle Scholar
  38. 38.
    Tang D., Carlet C., Tang X.: Differentially 4-uniform bijections by permuting the inverse function. Des. Codes Cryptogr. 77(1), 117–141 (2015).MathSciNetzbMATHGoogle Scholar
  39. 39.
    Yuyin Y., Wang M., Li Y.: Constructing differentially 4 uniform permutations from known ones. Chin. J. Electron. 22(3), 495–499 (2013).Google Scholar
  40. 40.
    Zha Z., Lei H., Sun S.: Constructing new differentially 4-uniform permutations from the inverse function. Finite Fields Appl. 25, 64–78 (2014).MathSciNetzbMATHGoogle Scholar
  41. 41.
    Zha Z., Lei H., Sun S., Shan J.: Further results on differentially 4-uniform permutations over \(\mathbb{F}_{2^{2m}}\). Sci. China Math. 58(7), 1577–1588 (2015).MathSciNetzbMATHGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Key Laboratory of Mathematics Mechanization, Academy of Mathematics and Systems ScienceChinese Academy of SciencesBeijingChina
  2. 2.School of Mathematical SciencesUniversity of Chinese Academy of SciencesBeijingChina
  3. 3.Science and Technology on Communication Security LaboratoryChengduChina

Personalised recommendations