Cryptographic Boolean functions must be complex to satisfy Shannon’s principle of confusion. Two main criteria evaluating, from crytpographic viewpoint, the complexity of Boolean functions on F 2 n have been studied in the literature: the nonlinearity (the minimum Hamming distance to affine functions) and the algebraic degree. We consider two other criteria: the minimum number of terms in the algebraic normal forms of all affinely equivalent functions (we call it the algebraic thickness) and the non-normality. We show that, asymptotically, almost all Boolean functions have high algebraic degrees, high nonlinearities, high algebraic thicknesses and are highly non-normal.


Boolean Function Block Cipher Stream Cipher Affine Function Bend Function 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    A. Canteaut and M. Trabbia. Improved fast correlation attacks using parity check equations of weight 4 and 5. Advances in Cryptology-EURO- CRYPT 2000, number 1805 in Lecture Notes in Computer Science, pp. 573–588. Springer-Verlag, 2000.Google Scholar
  2. 2.
    C. Carlet A transformation on Boolean functions, its consequences on some problems related to Reed-Muller codes, actes de EUROCODES’ 90, Lecture Notes in Computer Sciences n° 514, pp. 42–50, Springer-Verlag (1991)Google Scholar
  3. 3.
    C. Carlet and P. Sarkar. Spectral Domain Analysis of Correlation Immune and Resilient Boolean Functions, Finite Fields Appl. To appear (2001).Google Scholar
  4. 4.
    H. Dobbertin. Construction of bent functions and balanced Boolean functions with high nonlinearity. Fast Software Encryption (Proceedings of the 1994 Leuven Workshop on Cryptographic Algorithms), Lecture Notes in Computer Science 1008, Springer Verlag, pp. 61–74, 1995.Google Scholar
  5. 5.
    S. Dubuc. Etude des propriétés de dégérescence et de normalité des fonctions booléennes et construction de fonctions q-aires parfaitement non linéaires. PhD thesis, University of Caen, 2001.Google Scholar
  6. 6.
    J. H. Evertse, Linear structures in block ciphers, Advances in Cryptology, EUROCRYPT’ 87, Lecture Notes in Computer Science 304, pp. 249–266, Springer Verlag, 1988.Google Scholar
  7. 7.
    X.-D. Hou, On the covering radius of r(1,m) into r(3, in). IEEE Transactions on Information Theory, vol 42 n°3. pp. 1035–1037, 1996.Google Scholar
  8. 8.
    L.R. Knudsen. Truncated and higher order differentials. Fast Software Encryption, Second International Workshop, Lecture Notes in Computer Science, n 1008. pp. 196–211. Springer-Verlag, 1995.Google Scholar
  9. 9.
    X. Lai. Higher order derivatives and differential cryptanalysis. Proc. “Symposium on Communication, Coding and Cryptography”, in honor of J. L. Massey on the occasion of his 60’th birthday. 1994.Google Scholar
  10. 10.
    Lupanov. On circuits of functional elements with delay. Probl. Kibern. 23, pp. 43–81 (1970).Google Scholar
  11. 11.
    F.J. MacWilliams and N.J.A. Sloane. The theory of error-correcting codes. North-Holland. 1977.Google Scholar
  12. 12.
    J.L. Massey. Shift-register synthesis and BCH decoding. IEEE Transactions on Information Theory, vol. 15, pp. 122--127, 1969.MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    M. Matsui. Linear cryptanalysis method for DES cipher. Advances in Cryptology-EUROCRYPT’93, number 765 in Lecture Notes in Computer Science. Springer-Verlag, 1994.Google Scholar
  14. 14.
    W. Meier and O. Staffelbach, Nonlinearity Criteria for Cryptographic Functions, Advances in Cryptology, EUROCRYPT’ 89, Lecture Notes in Computer Science 434, pp. 549–562, Springer Verlag (1990)Google Scholar
  15. 15.
    A. Menezes, P. van Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press Series on Discrete Mathematics and Its Applications, 1996.Google Scholar
  16. 16.
    N.J. Patterson and D.H. Wiedemann. The covering radius of the [2 15,16] Reed-Muller code is at least 16276. IEEE Trans. Inform. Theory, IT-29, pp. 354–356, 1983.Google Scholar
  17. 17.
    N.J. Patterson and D.H. Wiedemann. Correction to [161. IEEE Trans. Inform. Theory, IT-36(2). pp. 443, 1990.Google Scholar
  18. 18.
    V. S. Mess, W. C. Huffman, Eds, R. A. Brualdi, Handbook of Coding Theory, Amsterdam, the Netherlands: Elsevier, 1998.Google Scholar
  19. 19.
    O. S. Rothaus. On bent functions, J. Comb. Theory, 20A, pp. 300–305, 1976.MathSciNetCrossRefGoogle Scholar
  20. 20.
    R. A. Rueppel Analysis and design of stream ciphers Com. and Contr. Eng. Series, Berlin, Heidelberg, NY, London, Paris, Tokyo 1986Google Scholar
  21. 21.
    C.E. Shannon. A mathematical theory of communication. Bell system technical journal, 27, pp. 379–423, 1948.MathSciNetzbMATHGoogle Scholar
  22. 22.
    C.E. Shannon. Communication theory of secrecy systems. Bell system technical journal, 28, pp. 656–715, 1949.MathSciNetzbMATHGoogle Scholar
  23. 23.
    C.E. Shannon. The synthesis of two-terminal switching circuits. Bell system technical journal, 28, pp. 59–98, 1949.MathSciNetGoogle Scholar
  24. 24.
    I. Wegener. The complexity of Boolean functions. B.C. Teubner, Stuttgart. John Wiley and sons. 1987.zbMATHGoogle Scholar
  25. 25.
    Y. Zheng, X.-M. Zhang and H. Imai. Restriction, terms and nonlinearity of Boolean functions. Theoretical Computer Science, 226 (1–2), pp. 207–223, 1999.MathSciNetzbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Claude Carlet
    • 1
    • 2
  1. 1.GREYCUniversity of Paris 8 and INRIAFrance
  2. 2.INRIA Projet CODES, Domaine de VohlceauLe Chesnay CedexFrance

Personalised recommendations