Algebraic immunity of S-boxes based on power mappings: analysis and construction

Authors:
Yassir Nawaz;Kishan Chand Gupta;Guang Gong
Affiliations:
Advanced Concepts and Technologies, Pitney Bowes Inc., Shelton, CT;Applied Statistics Unit, Indian Statistical Institute, Kolkata, India;Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, ON, Canada
Venue:
IEEE Transactions on Information Theory
Year:
2009

Citing 10
Cited 1

Introduction to finite fields and their applications

Introduction to finite fields and their applications
Differentially uniform mappings for cryptography

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Design of Rijndael

The Design of Rijndael
Essential Algebraic Structure within the AES

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Signal Design for Good Correlation: For Wireless Communication, Cryptography, and Radar

Signal Design for Good Correlation: For Wireless Communication, Cryptography, and Radar
General principles of algebraic attacks and new design criteria for cipher components

AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Algebraic attacks on combiners with memory and several outputs

ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
On exact algebraic [non-]immunity of s-boxes based on power functions

ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Almost perfect nonlinear power functions on GF(2n): the Welch case

IEEE Transactions on Information Theory

Analysis and improvement of the generic higher-order masking scheme of FSE 2012

CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems

Quantified Score

Hi-index	754.84

Visualization

Abstract

The algebraic immunity of an S-box depends on the number and type of linearly independent multivariate equations it satisfies. In this paper, techniques are developed to find the number of linearly independent, multivariate, bi-affine, and quadratic equations for S-boxes based on power mappings. These techniques can be used to prove the exact number of equations for any class of power mappings. Two algorithms to calculate the number of bi-affine and quadratic equations for any (n, n) S-box based on power mapping are also presented. The time complexity of both algorithms is only O(n2). To design algebraically immune S-boxes, four new classes of S-boxes that guarantee zero biaffine equations and one class of S-boxes that guarantees zero quadratic equations are presented. The algebraic immunity of power mappings based on Kasami, Niho, Dobbertin, Gold, Welch, and inverse exponents are discussed along with other cryptographic properties and several cryptographically strong S-boxes are identified. It is conjectured that a known Kasami-like highly nonlinear power mapping is differentially 4-uniform. Finally, an open problem to find an (n, n) bijective nonlinear S-box with more than 5n quadratic equations is solved.