On the Higher Order Nonlinearities of Algebraic Immune Functions

  • Claude Carlet
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4117)


One of the most basic requirements concerning Boolean functions used in cryptosystems is that they must have high algebraic degrees. This simple criterion is not always well adapted to the concrete situation in which Boolean functions are used in symmetric cryptography, since changing one or several output bits of a Boolean function considerably changes its algebraic degree while it may not change its robustness. The proper characteristic is the r-th order nonlinearity profile (which includes the first-order nonlinearity). However, studying it is difficult and almost no paper, in the literature, has ever been able to give general effective results on it. The values of the nonlinearity profile are known for very few functions and these functions have little cryptographic interest. A recent paper has given a lower bound on the nonlinearity profile of functions, given their algebraic immunity. We improve upon it, and we deduce that it is enough, for a Boolean function, to have high algebraic immunity, for having non-weak low order nonlinearity profile (even when it cannot be evaluated), except maybe for the first order.


stream cipher block cipher algebraic attack Boolean function algebraic immunity algebraic degree higher order nonlinearity 


  1. 1.
    Armknecht, F.: Improving Fast Algebraic Attacks. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 65–82. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Armknecht, F., Carlet, C., Gaborit, P., Künzli, S., Meier, W., Ruatta, O.: Efficient computation of algebraic immunity for algebraic and fast algebraic attacks. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 147–164. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Braeken, A., Preneel, B.: On the Algebraic Immunity of Symmetric Boolean Functions. Indocrypt, LNCS, vol.3797, pp. 35–48 (2005); Some false results of this reference have been corrected in Braeken’s PhD thesis entitled Cryptographic properties of Boolean functions and S-boxes (2005), available at:
  4. 4.
    Canteaut, A.: Open problems related to algebraic attacks on stream ciphers. In: Ytrehus, Ø. (ed.) WCC 2005. LNCS, vol. 3969, pp. 120–134. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  5. 5.
    Canteaut, A., Trabbia, M.: Improved fast correlation attacks using parity-check equations of weight 4 and 5. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 573–588. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Carlet, C.: On bent and highly nonlinear balanced/Resilient functions and their algebraic immunities. In: Fossorier, M.P.C., Imai, H., Lin, S., Poli, A. (eds.) AAECC 2006. LNCS, vol. 3857, pp. 1–28. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. 7.
    Carlet, C.: Boolean Functions for Cryptography and Error Correcting Codes. In: Crama, Y., Hammer, P. (eds.) Boolean Methods and Models. Chapter of the monography, Cambridge University Press, Cambridge (to appear, 2006), Preliminary version available at: Google Scholar
  8. 8.
    Carlet, C., Dalai, D., Gupta, K., Maitra, S.: Algebraic Immunity for Cryptographically Significant Boolean Functions: Analysis and Construction. IEEE Transactions on Information Theory 52(7) (July 2006) (to appear)Google Scholar
  9. 9.
    Carlet, C., Gaborit, P.: On the construction of balanced Boolean functions with a good algebraic immunity. In: Proceedings of BFCA (First Workshop on Boolean Functions: Cryptography and Applications), Rouen, France, March 2005, pp. 1–14 (2005)Google Scholar
  10. 10.
    Carlet, C., Guillot, P., Mesnager, S.: On Immunity Profile of Boolean Functions. In: Gong, G., Helleseth, T., Song, H.-Y., Yang, K. (eds.) SETA 2006. LNCS, vol. 4086, pp. 364–375. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Carlet, C., Mesnager, S.: Improving the upper bounds on the covering radii of binary Reed-Muller codes. IEEE Transactions on Information Theory (to appear, 2006)Google Scholar
  12. 12.
    Chabaud, F., Vaudenay, S.: Links between Differential and Linear Cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 356–365. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  13. 13.
    Cohen, G., Honkala, I., Litsyn, S., Lobstein, A.: Covering codes. North-Holland, Amsterdam (1997)MATHGoogle Scholar
  14. 14.
    Courtois, N.T.: Higher order correlation attacks, XL algorithm and cryptanalysis of toyocrypt. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 182–199. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Courtois, N., Meier, W.: Algebraic attacks on stream ciphers with linear feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 345–359. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Courtois, N.T.: Fast algebraic attacks on stream ciphers with linear feedback. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 176–194. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Dalai, D.K., Gupta, K.C., Maitra, S.: Results on Algebraic Immunity for Cryptographically Significant Boolean Functions. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 92–106. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  18. 18.
    Dalai, D.K., Gupta, K.C., Maitra, S.: Cryptographically Significant Boolean Functions: Construction and Analysis in Terms of Algebraic Immunity. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 98–111. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Dalai, D.K., Maitra, S., Sarkar, S.: Basic Theory in Construction of Boolean Functions with Maximum Possible Annihilator Immunity. Cryptology ePrint Archive No,15/229, (July 2005). To be published in Designs, Codes and Cryptography (2005),
  20. 20.
    Dalai, D.K., Gupta, K.C., Maitra, S.: Notion of algebraic immunity and its evaluation related to fast algebraic attacks. Paper,2006/018,
  21. 21.
    Didier, F.: A new upper bound on the block error probability after decoding over the erasure channel. Preprint A revised version will appear in IEEE Transactions on Information Theory (2006), available at:
  22. 22.
    Forré, R.: A fast correlation attack on nonlinearly feed-forward filtered shift-register sequences. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 586–595. Springer, Heidelberg (1990)Google Scholar
  23. 23.
    Golić, J.D.: Fast low order approximation of cryptographic functions. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 268–282. Springer, Heidelberg (1996)Google Scholar
  24. 24.
    Hawkes, P., Rose, G.G.: Rewriting Variables: The Complexity of Fast Algebraic Attacks on Stream Ciphers. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 390–406. Springer, Heidelberg (2004)Google Scholar
  25. 25.
    Iwata, T., Kurosawa, K.: Probabilistic higher order differential attack and higher order bent functions. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 62–74. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  26. 26.
    Knudsen, L.R.: Truncated and higher order differentials. Fast Software Encryption. Second International Workshop. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)MATHGoogle Scholar
  27. 27.
    Knudsen, L.R., Robshaw, M.J.B.: Non-linear approximations in linear cryptanalysis. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 224–236. Springer, Heidelberg (1996)Google Scholar
  28. 28.
    Lai, X.: Higher order derivatives and differential cryptanalysis. In: Proc. Symposium on Communication, Coding and Cryptography, in honor of J. L. Massey on the occasion of his 60’th birthday (1994)Google Scholar
  29. 29.
    Kurosawa, K., Johansson, T., Stinson, D.: Almost k-wise independent sample spaces and their applications. J. of Cryptology 14(4), 231–253 (2001)MATHMathSciNetGoogle Scholar
  30. 30.
    Lobanov, M.: Tight bound between nonlinearity and algebraic immunity. Paper, 2005/441,
  31. 31.
    Massey, J.L.: Shift-register synthesis and BCH decoding. IEEE Transactions on Information Theory 15, 122–127 (1969)MATHCrossRefMathSciNetGoogle Scholar
  32. 32.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar
  33. 33.
    Maurer, U.M.: New approaches to the design of self-synchronizing stream ciphers. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 458–471. Springer, Heidelberg (1991)Google Scholar
  34. 34.
    Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. Series on Discrete Mathematics and Its Applications. CRC Press, Boca Raton (1996)CrossRefGoogle Scholar
  35. 35.
    Millan, W.: Low order approximation of cipher functions. In: Dawson, E.P., Golić, J.D. (eds.) Cryptography: Policy and Algorithms 1995. LNCS, vol. 1029, pp. 144–155. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  36. 36.
    MacWilliams, F.J., Sloane, N.J.: The theory of error-correcting codes. North-Holland, Amsterdam (1977)MATHGoogle Scholar
  37. 37.
    Meier, W., Pasalic, E., Carlet, C.: Algebraic Attacks and Decomposition of Boolean Functions. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 474–491. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  38. 38.
    Meier, W., Staffelbach, O.: Nonlinearity Criteria for Cryptographic Functions. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 549–562. Springer, Heidelberg (1990)Google Scholar
  39. 39.
    Rueppel, R.A.: Analysis and design of stream ciphers, Berlin, Heidelberg, NY, London, Paris, Tokyo. Com. and Contr. Eng. Series (1986)Google Scholar
  40. 40.
    Shannon, C.E.: Communication theory of secrecy systems. Bell system technical journal 28, 656–715 (1949)MATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Claude Carlet
    • 1
  1. 1.INRIA Projet CODESLe ChesnayFrance

Personalised recommendations