New Construction of Differentially 4-Uniform Bijections

  • Claude Carlet
  • Deng Tang
  • Xiaohu Tang
  • Qunying Liao
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8567)


Block ciphers use Substitution boxes (S-boxes) to create confusion into the cryptosystems. For resisting the known attacks on these cryptosystems, the following criteria for functions are mandatory: low differential uniformity, high nonlinearity and not low algebraic degree. Bijectivity is also necessary if the cipher is a Substitution-Permutation Network, and balancedness makes a Feistel cipher lighter. It is well-known that almost perfect nonlinear (APN) functions have the lowest differential uniformity 2 (the values of differential uniformity being always even) and the existence of APN bijections over \(\mathbb {F}_{2^n}\) for even \(n\ge 8\) is a big open problem. In real practical applications, differentially 4-uniform bijections can be used as S-boxes when the dimension is even. For example, the AES uses a differentially 4-uniform bijection over \(\mathbb {F}_{2^8}\). In this paper, we first propose a method for constructing a large family of differentially 4-uniform bijections in even dimensions. This method can generate at least \(\big (2^{n-3}-\lfloor 2^{(n-1)/2-1}\rfloor -1\big )\cdot 2^{2^{n-1}}\) such bijections having maximum algebraic degree \(n-1\). Furthermore, we exhibit a subclass of functions having high nonlinearity and being CCZ-inequivalent to all known differentially 4-uniform power bijections and to quadratic functions.


Block cipher Substitution box Differential uniformity CCZ-equivalence Nonlinearity 



The authors wish to thank Sihem Mesnager for helpful information. The work of D. Tang was supported by the program of China Scholarships Council (No. 201207000049). The work of X.H. Tang was supported by the Youngth Innovative Research Team of Sichuan Province under Grant 2011JTD0007. The work of Q.Y. Liao was supported by the National Science Foundation of China (No. A10990011), the Ph.D. Programs Foundation of Ministry of Education of China(No. 20095134120001) and Sichuan Provincial Advance Research Program for Excellent Youth Leaders of Disciplines in Science of China (No. 2011JQ0037).


  1. 1.
    Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991)MathSciNetCrossRefMATHGoogle Scholar
  2. 2.
    Bracken, C., Leander, G.: A highly nonlinear differentially 4 uniform power mapping that permutes fields of even degree. Finite Fields Appl. 16(4), 231–242 (2010)MathSciNetCrossRefMATHGoogle Scholar
  3. 3.
    Browning, K.A., Dillon, J.F., McQuistan, M.T., Wolfe, A.J.: An APN permutation in dimension six. In: Postproceedings of the 9th International Conference on Finite Fields and their Applications Fq’9. Contemporary Mathematics Journal of American Mathematical Society, vol. 518, pp. 33–42 (2010)Google Scholar
  4. 4.
    Carlet, C.: On known and new differentially uniform functions. In: Parampalli, U., Hawkes, P. (eds.) ACISP 2011. LNCS, vol. 6812, pp. 1–15. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Carlet, C.: Relating three nonlinearity parameters of vectorial functions and building APN functions from bent functions. Des. Codes Cryptogr. 59(1–3), 89–109 (2011)MathSciNetCrossRefMATHGoogle Scholar
  6. 6.
    Carlet, C.: More constructions of APN and differentially 4-uniform functions by concatenation. Sci. China Math. 56(7), 1373–1384 (2013)MathSciNetCrossRefMATHGoogle Scholar
  7. 7.
    Knudsen, L.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  8. 8.
    Li, Y., Wang, M.: Constructing differentially 4-uniform permutations over \(GF(2^{2m+1})\) from quadratic APN permutations over \(GF(2^{2m})\). To appear in Des. Codes Cryptogr. (2012). doi: 10.1007/s10623-012-9760-9
  9. 9.
    MacWilliams, F.J., Sloane, N.J.: The Theory of Error-Correcting Codes. North Holland, Amsterdam (1977)MATHGoogle Scholar
  10. 10.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  11. 11.
    Nyberg, K.: Differentially uniform mappings for cryptography. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 55–64. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  12. 12.
    Shannon, C.E.: Communication theory of secrecy systems. Bell Syst. Tech. J. 28, 656–715 (1949)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Lachaud, G., Wolfmann, J.: The weights of the orthogonals of the extended quadratic binary Goppa codes. IEEE Trans. Inf. Theory 36(3), 686–692 (1990)MathSciNetCrossRefMATHGoogle Scholar
  14. 14.
    Qu, L., Tan, Y., Tan, C., Li, C.: Constructing Differentially 4-Uniform Permutations over \({\mathbb{F}}_{2}^{2k}\) via the Switching Method. IEEE Trans. Inf. Theory 59(7), 4675–4686 (2013)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Claude Carlet
    • 1
  • Deng Tang
    • 1
    • 2
  • Xiaohu Tang
    • 2
  • Qunying Liao
    • 3
  1. 1.LAGA, Department of MathematicsUniversity of Paris 8, CNRS, UMR 7539Saint-Denis Cedex 02France
  2. 2.Provincial Key Lab of Information Coding and TransmissionInstitute of Mobile Communications, Southwest Jiaotong UniversityChengduChina
  3. 3.Institute of Mathematics and Software ScienceSichuan Normal UniversityChengduChina

Personalised recommendations