# A New Class of Invertible Mappings

- 50 Citations
- 3.8k Downloads

## Abstract

Invertible transformations over *n*-bit words are essential ingredients in many cryptographic constructions. When *n* is small (e.g., *n* = 8) we can compactly represent any such transformation as a lookup table, but when *n* is large (e.g., *n* = 64) we usually have to represent it as a composition of simpler operations such as linear mappings, S-P networks, Feistel structures, etc. Since these cryptographic constructions are often implemented in software on standard microprocessors, we are particularly interested in invertible univariate or multivariate transformations which can be implemented as small compositions of basic machine instructions on 32 or 64 bit words. In this paper we introduce a new class of provably invertible mappings which can mix arithmetic operations (negation, addition, subtraction, multiplication) and boolean operations (not, xor, and, or), are highly efficient, and have desirable cryptographic properties. In particular, we show that for any *n* the mapping *x* → *x* + (*x* ^{2} *V C*) (*mod* 2^{n}) is a permutation with a single cycle of length 2^{n} iff both the least significant bit and the third least significant bit in the constant *C* are 1.

## Keywords

Boolean Operation Block Cipher Pseudo Random Number Generator Machine Instruction Primitive Function## References

- 1.V. S. Anashin, “Uniformly distributed sequences over p-adic integers”, Proceedings of the Int’l Conference on Number Theoretic and Algebraic Methods in Computer Science (A. J. van der Poorten, I. Shparlinsky and H. G. Zimmer, eds.), World Scientific, 1995.Google Scholar
- 2.E. Biham, “A Fast New DES Implementation in Software”, Fast Software Encryption Workshop, 1997Google Scholar
- 3.H. Feistel, “Cryptography and Computer Privacy,” Scientific American, v. 228, n. 5, May 1973, pp. 15–23.Google Scholar
- 4.V. Furman, “Differential Cryptanalysis of Nimbus”, Fast Software Encryption Workshop, 2001Google Scholar
- 5.H. Lipmaa, S. Moriai, “Efficient Algorithms for Computing Differential Properties of Addition”, 2001. Available from http://citeseer.nj.nec.com/lipmaa01efficient.html
- 6.A. W. Machado, “The nimbus cipher: A proposal for NESSIE”, NESSIE Proposal, 2000.Google Scholar
- 7.National Bureau of Standards, NBS FIPS PUB 46, “Data Encryption Standard,” National Bureau of Standards, U.S. Department of Commerce, Jan 1977.Google Scholar
- 9.J. Daemen, V. Rijmen, “AES Proposal: Rijndael”, version 2, 1999Google Scholar
- 11.R. Rivest, M. Robshaw, R. Sidney, and Y. L. Yin, “The RC6 block cipher”. Available from http://www.rsa.com/rsalabs/rc6/
- 12.R. Rivest, “Permutation Polynomials Modulo 2ω”, 1999.Google Scholar
- 13.B. Schneier and J. Kelsey, “Unbalanced Feistel Networks and Block Cipher Design”, in Proceedings of the Third International Workshop on Fast Software Encryption, Cambridge, UK, February 1996, Springer, LNCS 1039, pp.121–144.Google Scholar
- 14.A. Shamir, “Efficient Signature Schemes Based on Birational Permutations”, in Proceedings of CRYPTO 93, LNCS 773, 1–12.Google Scholar