Correlation-Immune Boolean Functions for Leakage Squeezing and Rotating S-Box Masking against Side Channel Attacks

  • Claude Carlet
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8204)


Boolean functions, from \( {\Bbb F}_{2^n}\) to \({\Bbb F}_2\), have been playing an important role in stream ciphers, because they can be used in their pseudo-random generators to combine the outputs to several LFSR (in the so-called combiner model). Recall that the keystream (which is bitwise added to the plaintext for producing the ciphertext) is in such framework the sequence output by the function during a sufficient number of clock-cycles. The combiner Boolean function must then be balanced, that is, have uniform output distribution, for avoiding some straightforward distinguishing attack; and it should be correlation-immune of highest possible order.




Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bhasin, S., Carlet, C., Guilley, S.: Theory of masking with codewords in hardware: low weight d-th order correlation-immune functions. IACR ePrint Archive 303 (2013)Google Scholar
  2. 2.
    Carlet, C.: Boolean functions for cryptography and error-correcting codes, in Boolean Models and Methods in Mathematics, Computer Science, and Engineering, ser. In: Crama, Y., Hammer, P.L. (eds.) Encyclopedia of Mathematics and its Applications, ch. 8, vol.134, pp. 257–397. Cambridge University Press, Cambridge (2010),
  3. 3.
    Carlet, C., Danger, J.-L., Guilley, S., Maghrebi, H.: Leakage Squeezing of Order Two. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 120–139. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  4. 4.
    Carlet, C., Freibert, F., Guilley, S., Kiermaier, M., Kim, J.-L., Solé, P.: Higher-order CIS codes. IEEE Transactions on Information Theory (Submitted 2013)Google Scholar
  5. 5.
    Carlet, C., Gaborit, P., Kim, J.-L., Solé, P.: A new class of codes for Boolean masking of cryptographic computations. IEEE Transactions on Information Theory 58(9), 6000–6011 (2012)CrossRefGoogle Scholar
  6. 6.
    Carlet, C., Guilley, S.: Side-channel indistinguishability. In: Proceedings of HASP 2013, 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, Tel Aviv, Israel, pp. 9:1-9:8. ACM, New York (June 2013)Google Scholar
  7. 7.
    Carlet, C., Guillot, P., Mesnager, S.: On immunity profile of Boolean functions. In: Gong, G., Helleseth, T., Song, H.-Y., Yang, K. (eds.) SETA 2006. LNCS, vol. 4086, pp. 364–375. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Courtois, N.T.: Fast Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 176–194. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Courtois, N., Meier, W.: Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 346–359. Springer, Heidelberg (2003)Google Scholar
  10. 10.
    Maghrebi, H., Carlet, C., Guilley, S., Danger, J.-L.: Optimal first-order masking with linear and non-linear bijections. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 360–377. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  11. 11.
    Maghrebi, H., Guilley, S., Danger, J.-L.: Leakage Squeezing Countermeasure against High-Order Attacks. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 208–223. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  12. 12.
    Massey, J.L.: Shift-register analysis and BCH decoding. IEEE Transactions on Information Theory 15, 122–127 (1969)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Meier, W., Staffelbach, O.: Fast correlation attacks on stream ciphers. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 301–314. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  14. 14.
    Rønjom, S., Helleseth, T.: A new attack on the filter generator. IEEE Transactions on Information Theory 53(5), 1752–1758 (2007)Google Scholar
  15. 15.
    Siegenthaler, T.: Decrypting a Class of Stream Ciphers Using Ciphertext Only. IEEE Transactions on Computer C-34(1), 81–85 (1985)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Claude Carlet
    • 1
    • 2
  1. 1.CNRS, UMR 7539LAGA, Universities of Paris 8 and Paris 13France
  2. 2.Department of MathematicsUniversity of Paris 8Saint-Denis cedex 02France

Personalised recommendations