Algorithmica
Solving sparse linear equations over finite fields
IEEE Transactions on Information Theory
Discrete logarithms in finite fields and their cryptographic significance
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
Solving homogeneous linear equations over GF(2) via block Wiedemann algorithm
Mathematics of Computation
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Computing the algebraic immunity efficiently
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Results on algebraic immunity for cryptographically significant boolean functions
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Efficient computation of algebraic immunity for algebraic and fast algebraic attacks
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Mutually Clock-Controlled Feedback Shift Registers Provide Resistance to Algebraic Attacks
Information Security and Cryptology
On Cryptographically Significant Mappings over GF(2n)
WAIFI '08 Proceedings of the 2nd international workshop on Arithmetic of Finite Fields
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the security of the LILI family of stream ciphers against algebraic attacks
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
IEEE Transactions on Information Theory
Hi-index | 0.06 |
We show in this paper how to apply well known methods from sparse linear algebra to the problem of computing the immunity of a Boolean function against algebraic or fast algebraic attacks. For an n-variable Boolean function, this approach gives an algorithm that works for both attacks in O(n2nD) complexity and O(n2n) memory. Here and d corresponds to the degree of the algebraic system to be solved in the last step of the attacks. For algebraic attacks, our algorithm needs significantly less memory than the algorithm in [ACG+06] with roughly the same time complexity (and it is precisely the memory usage which is the real bottleneck of the last algorithm). For fast algebraic attacks, it does not only improve the memory complexity, it is also the algorithm with the best time complexity known so far for most values of the degree constraints.