Enumerating Nondegenerate Permutations

  • Luke O’Connor
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 547)


Every cryptosystem with an n-bit block length may be modeled as a system of n-bit boolean equations. The cipher is said to be nondegenerate if the equation f i that describes the output c i is nondegenerate, for 1 ≤ in. Let N n,n be the set of nondegenerate permutations. We will derive an exact expression for |N n,n|, and show that
$$ \frac{{\left| {\mathcal{N}^{n,n} } \right|}} {{2^n !}} = 1 + o\left( {\frac{{\sqrt {2^n } }} {{2^{2^{n - 1} + n} }}} \right). $$


  1. [1]
    A. Adams and S. Tavares. The structured design of cryptographically good S-boxes. Journal of Cryptology, 3(1):27–41, 1990.zbMATHCrossRefMathSciNetGoogle Scholar
  2. [2]
    F. Ayoub. Probabilistic completeness of substitution-permutation encryption networks. IEE proceedings, 129, part E(5):196–199, 1982.Google Scholar
  3. [3]
    D. Chaum and J. H. Everste. Cryptanalysis of DES with a reduced number of rounds. Advances in Cryptology, CRYPTO 85, H. C. Williams ed., Lecture Notes in Computer Science, vol. 218, Springer-Verlag, pages 192–211, 1986.Google Scholar
  4. [4]
    D. Coppersmith and E. Grossman. Generators for certain alternating groups with applications to cryptography. SIAM Journal of Applied Mathematics, 29(4):624–627, 1974.CrossRefMathSciNetGoogle Scholar
  5. [5]
    S. Even and O. Goldreich. DES-like functions can generate the alternating group. IEEE Transactions on Information Theory, IT-29(6):863–865, 1983.CrossRefMathSciNetGoogle Scholar
  6. [6]
    H. Feistel. Cryptography and computer privacy. Scientific American, 228(5):15–23, 1973.CrossRefGoogle Scholar
  7. [7]
    H. Feistel, W. A. Notz, and J. Lynn Smith. Some cryptographic techniques for machine-to-machine data communications. proceedings of the IEEE, 63(11):1545–1554, 1975.CrossRefGoogle Scholar
  8. [8]
    J. Gordon and H. Retkin. Are big S-boxes best? In T. Beth, editor, Cryptography, proceedings, Burg Feuerstein, pages 257–262, 1982.Google Scholar
  9. [9]
    M. A. Harrison. Introduction to Switching and Automata Theory. McGraw-Hill, Inc., 1965.Google Scholar
  10. [10]
    S. T. Hu. Mathematical Theory of Swithcing Circuits and Automata. Berkeley, University of California Press, 1968.Google Scholar
  11. [11]
    J. B. Kam and G. I. Davida. A structrued design of substitution-permutation encryption networks. IEEE Transactions on Computers, 28(10):747–753, 1979.zbMATHMathSciNetCrossRefGoogle Scholar
  12. [12]
    A. Konheim. Cryptography: a primer. Wiley, 1981.Google Scholar
  13. [13]
    C. Meyer. Ciphertext/plaintext and ciphertext/key dependence vs. number of rounds for the data encryption standard. In AFIPS Conference proceedings, 47, pages 1119–1126, 1978.Google Scholar
  14. [14]
    C. Mitchell. Enumerating boolean functions of cryptographic significance. Journal of Cryptology, 2(3):155–170, 1990.zbMATHCrossRefMathSciNetGoogle Scholar
  15. [15]
    D. S. Mitrinovic. Analytic Inequalities. Springer-Verlag, 1970.Google Scholar
  16. [16]
    L O’Connor. Enumerating nondegenerate permutations. Technical Report 2527, University of Waterloo, Waterloo, Ontario, Canada, 1991.Google Scholar
  17. [17]
    W. L. Price and D. W. Davies. Security for computer networks. Wiley, 1984.Google Scholar
  18. [18]
    R. A. Rueppel. Design and Analysis of Stream Ciphers. Springer-Verlag, 1986.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  • Luke O’Connor
    • 1
  1. 1.Department of Computer ScienceUniversity of WaterlooOntarioCanada

Personalised recommendations