Abstract
In this paper we describe applications of functions from GF(2)m onto GF(2)n in the design of encryption algorithms. If such a function is to be useful it must satisfy a set of criteria, the actual definition of which depends on the type of encryption technique involved. This in turn means that it is important to ensure that the selected criteria do not restrict the choice of function too severely, i.e., the set of functions must be enumerated. We discuss some of the possible sets of criteria and then give partial results on the corresponding enumeration problems. Many open problems remain, some of them corresponding to well-known hard enumeration questions.
Article PDF
Similar content being viewed by others
References
D. Andelman and J. Reeds, On the cryptanalysis of rotor machines and substitution-permutation networks, IEEE Transactions on Information Theory, 28 (1982), 578–584.
F. Ayoub, Trapdoors, random structures, and encryption functions design, Paper presented at the IEE Colloquium on Techniques and Implications of Digital Privacy and Authentication Systems, London, 1981.
F. Ayoub, Probabilistic completeness of substitution-permutation encryption networks, Proceedings of the IEE (Part E), 129 (1982), 195–199.
M. Beale and M. F. Monaghan, Encryption using random Boolean functions, in: Proceedings of the IMA Conference on Cryptography and Coding, Cirencester, December1986, Oxford University Press, Oxford, 1989, pp. 219–230.
H. J. Beker and F. C. Piper, Cipher Systems, Van Nostrand, Wokingham, 1982.
E. F. Brickell, J. H. Moore, and M. R. Purtill, Structure in the S-boxes of the DES, in: Advances in Cryptology: Proceedings of Crypto 86, Springer-Verlag, Berlin, 1987, pp. 3–8.
J. -O. Brüer, On pseudorandom sequences as crypto generators, in: Proceedings of the 1984 International Zurich Seminar on Digital Communications, IEEE, pp. 157–161. New York, 1984.
H. Cloetens, Y. Desmedt, L. Bierens, J. Vandewalle, and R. Govaerts, Additional properties in the S-boxes of the DES, Paper presented at Eurocrypt 86.
D. W. Davies and W. L. Price, Security for Computer Networks, Wiley, Chichester, 1984.
M. Davio, Y. Desmedt, and J.-J. Quisquater, Propagation characteristics of the DES, in: Advances in Cryptology: Proceedings of Crypto 84, Springer-Verlag, New York, 1985, pp. 62–73.
Y. Desmedt, Analysis of the Security and New Algorithms for Modern Industrial Cryptography, Doctoral dissertation, Katholieke Universiteit, Leuven, October 1984.
Y. Desmedt, J. -J. Quisquater, and M. Davio, Dependence of output on input in DES: Small avalanche characteristics, in: Advances in Cryptology: Proceedings of Crypto 84, Springer-Verlag, New York, 1985, pp. 359–376.
P. Erdös and I. Kaplansky, The asymptotic number of Latin rectangles, American Journal of Mathematics, 68 (1946), 230–236.
H. Feistel, Cryptography and computer privacy, Scientific American, 228 (1973), 15–23.
R. Forré, The Strict Avalanche Criterion: Spectral properties of Boolean functions and an extended definition, Paper given at Crypto 88.
J. A. Gordon and H. Retkin, Are big S-boxes best?, in: Cryptography: Proceedings of Burg Feuerstein 1982, Springer-Verlag, New York, 1983, pp. 257–262.
M. Hall, Jr., Combinatorial Theory (en2nd edition), Wiley, New York, 1986.
J. B. Kam and G. I. Davida, A structured design of substitution-permutation encryption network, in: Foundations of Secure Computation, Academic Press, New York, 1978, pp. 95–113.
J. B. Kam and G. I. Davida, Structured design of substitution-permutation encryption networks, IEEE Transactions on Computers, 28 (1979), 747–753.
S. A. Lloyd, Counting functions satisfying a higher order strict avalanche criterion, Proceedings of Eurocrypt 89, Houthalen, Belgium, to appear.
S. A. Lloyd, Balance, uncorrelatedness and the strict avalanche criterion, submitted.
S. A.Lloyd, Characterising and counting functions satisfying the strict avalanche criterion of order (n-3), Proceedings of the Second IMA Conference on Cryptography and Coding, Cirencester, 1989, to appear.
H. Minc, Permanents, Cambridge University Press, Cambridge, 1984.
H. Minc, Theory of permanents, 1978–1981, Linear and MultilinearAlgebra, 12 (1983), 227–263.
C. T. Retter, A key-search attack on MacLaren-Marsaglia systems, Cryptologia, 9 (1985), 114–130.
R. A. Rueppel, Correlationimmunity and thesummation generator, in: Advances in Cryptology: Proceedings of Crypto 85, Springer-Verlag, New York, 1986, pp. 260–272.
R. A. Rueppel, Analysis and Design of Stream Ciphers, Springer-Verlag, New York, 1986.
A. Shamir, On the security of DES, in: Advances in Cryptology: Proceedings of Crypto 85, Springer-Verlag, New York, 1986, pp. 280–281.
C. E. Shannon, Communication theory of secrecy systems, Bell System Technical Journal, 28 (1949), 656–715.
T. Siegenthaler, Correlation-immunity of nonlinear combining functions for cryptographic applications, IEEE Transactions on Information Theory, 30 (1984), 776–780.
T. Siegenthaler, Decrypting a class of stream ciphers using ciphertext only, IEEE Transactions on Computers, 34 (1985), 81–85.
T. Siegenthaler, Design of combiners to prevent divide and conquer attacks, in: Advances in Cryptology: Proceedings of Crypto 85, Springer-Verlag, New York, 1986, pp. 273–279.
T. Siegenthaler, Correlation-immune polynomials over finite fields, Paper given at Eurocrypt 86.
A. F. Webster and S. E. Tavares, On the design of S-boxes, in: Advances in Cryptology: Proceedings of Crypto 85, Springer-Verlag, New York, 1986, pp. 523–534.
K. Yamamoto, On the asymptotic number of Latin rectangles, Japan Journal of Mathematics, 21 (1951), 113–119.
K. Yamamoto, On the number of Latin rectangles, Science Report, Tokyo Women's Christian College Journal of Mathematics, 7–10 (1969), 86–97.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Mitchell, C. Enumerating Boolean functions of cryptographic significance. J. Cryptology 2, 155–170 (1990). https://doi.org/10.1007/BF00190802
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF00190802