The Multiplicative Complexity of Boolean Functions on Four and Five Variables

  • Meltem Turan SönmezEmail author
  • René Peralta
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8898)


A generic way to design lightweight cryptographic primitives is to construct simple rounds using small nonlinear components such as 4\(\,\times \,\)4 S-boxes and use these iteratively (e.g., PRESENT [1] and SPONGENT [2]). In order to efficiently implement the primitive, efficient implementations of its internal components are needed. Multiplicative complexity of a function is the minimum number of AND gates required to implement it by a circuit over the basis (AND, XOR, NOT). It is known that multiplicative complexity is exponential in the number of input bits \(n\). Thus it came as a surprise that circuits for all \(65 536\) functions on four bits were found which used at most three AND gates [3]. In this paper, we verify this result and extend it to five-variable Boolean functions. We show that the multiplicative complexity of a Boolean function with five variables is at most four.


Affine transformation Boolean functions Circuit complexity Multiplicative complexity 



We thank Çağdaş Çalık, Joan Boyar, and Magnus Find for helpful discussions and suggestions. We also thank our colleagues Yi-Kai Liu, Ray Perlner, Lily Chen, and the anonymous reviewers for their useful comments.


  1. 1.
    Bogdanov, A.A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  2. 2.
    Bogdanov, A., Knezevic, M., Leander, G., Toz, D., Varici, K., Verbauwhede, I.: SPONGENT: the design space of lightweight cryptographic hashing. IEEE Trans. Comput. 62(10), 2041–2053 (2013)CrossRefMathSciNetGoogle Scholar
  3. 3.
    Peralta, R.: Circuit minimization work, January 2014.
  4. 4.
    Feldhofer, M., Wolkerstorfer, J., Rijmen, V.: AES implementation on a grain of sand. IEE Proc. Inf. Secur. 152(1), 13–20 (2005)CrossRefGoogle Scholar
  5. 5.
    Hamalainen, P., Alho, T., Hannikainen, M., Hamalainen, T.D.: Design and implementation of low-area and low-power AES encryption hardware core. In: Proceedings of the 9th EUROMICRO Conference on Digital System Design, DSD ’06, pp. 577–583. IEEE Computer Society, Washington, DC (2006)Google Scholar
  6. 6.
    Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the limits: a very compact and a threshold implementation of AES. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 69–88. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  7. 7.
    Boyar, J., Peralta, R.: A small depth-16 circuit for the AES S-box. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 287–298. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  8. 8.
    Saarinen, M.-J.O.: Chosen-IV statistical attacks on estream ciphers. In: Malek, M., Fernández-Medina, E., Hernando, J. (eds.) SECRYPT, pp. 260–266. INSTICC Press (2006)Google Scholar
  9. 9.
    Boyar, J., Peralta, R.: A new combinational logic minimization technique with applications to cryptology. In: Festa, P. (ed.) SEA 2010. LNCS, vol. 6049, pp. 178–189. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  10. 10.
    Courtois, N., Hulme, D., Mourouzis, T.: Solving circuit optimisation problems in cryptography and cryptanalysis (2011)Google Scholar
  11. 11.
    Courtois, N., Hulme, D., Mourouzis, T.: Multiplicative complexity and solving generalized brent equations with SAT solvers. In: COMPUTATION TOOLS 2012, The Third International Conference on Computational Logics, Algebras, Programming, Tools, and Benchmarking, pp. 22–27 (2012)Google Scholar
  12. 12.
    Boyar, J., Find, M., Peralta, R.: Four measures of nonlinearity. In: Spirakis, P.G., Serna, M. (eds.) CIAC 2013. LNCS, vol. 7878, pp. 61–72. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  13. 13.
    Boyar, J., Peralta, R., Pochuev, D.: On the multiplicative complexity of Boolean functions over the basis (\(\wedge \), \(\oplus \), 1). Theor. Comput. Sci. 235(1), 43–57 (2000)CrossRefzbMATHMathSciNetGoogle Scholar
  14. 14.
    Berlekamp, E.R., Welch, L.R.: Weight distributions of the cosets of the (32, 6) Reed-Muller code. IEEE Trans. Inf. Theory 18(1), 203–207 (1972)CrossRefzbMATHMathSciNetGoogle Scholar
  15. 15.
    Fuller, J.E.: Analysis of affine equivalent boolean functions for cryptography. Ph.D. thesis, Queensland University of Technology (2003)Google Scholar
  16. 16.
    Maiorana, J.A.: A classification of the cosets of the Reed-Muller code R(1,6). Math. Comput. 57(195), 403–414 (1991)zbMATHMathSciNetGoogle Scholar
  17. 17.
    Braeken, A., Borissov, Y., Nikova, S., Preneel, B.: Classification of Boolean functions of 6 variables or less with respect to some cryptographic properties. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 324–334. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  18. 18.
    Hou, X.-D.: AGL (m, 2) acting on R (r, m)/R (s, m). J. Algebra 171(3), 927–938 (1995)CrossRefGoogle Scholar
  19. 19.
    Carlet, C.: Boolean functions for cryptography and error correcting codes. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science and Engineering, chapter 8. Cambridge University Press, Cambridge (2010)Google Scholar
  20. 20.
    Uyan, E.: Analysis of Boolean Functions with respect to Walsh Spectrum. Ph.D. thesis, Middle East Technical University (2013)Google Scholar
  21. 21.
    Schnorr, C.-P.: The multiplicative complexity of Boolean functions. In: AAECC, pp. 45–58 (1988)Google Scholar
  22. 22.
    Mirwald, R., Schnorr, C.-P.: The multiplicative complexity of quadratic Boolean forms. Theor. Comput. Sci. 102(2), 307–328 (1992)CrossRefzbMATHMathSciNetGoogle Scholar
  23. 23.
    Boyar, J., Matthews, P., Peralta, R.: Logic minimization techniques with applications to cryptology. J. Cryptology 26(2), 280–312 (2013)CrossRefzbMATHMathSciNetGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015 (outside the US)  2015

Authors and Affiliations

  1. 1.National Institute of Standards and TechnologyGaithersburgUSA
  2. 2.Dakota Consulting Inc.Silver SpringUSA

Personalised recommendations