Classifying 8-Bit to 8-Bit S-Boxes Based on Power Mappings from the Point of DDT and LAT Distributions

  • Bora Aslan
  • M. Tolga Sakalli
  • Ercan Bulus
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5130)


S-boxes are vital elements in the design of symmetric ciphers. To date, the techniques for the construction of S-boxes have included pseudo-random generation, finite field inversion, power mappings and heuristic techniques. From these techniques, the use of finite field inversion in the construction of an S-box is so popular because it presents good cryptographic properties. On the other hand, while S-boxes such as AES, Shark, Square and Hierocrypt that are based on inversion mapping over GF(2 n ) use an affine transformation after the output of the S-box, in some ciphers like Camellia, an additional affine transformation is used before the input. In this paper, we classify 8-bit to 8-bit S-boxes based on power mappings into classes according to DDT and LAT distributions. Moreover, a formula is given for the calculation of the number of terms in the algebraic expression for a power mapping based S-box according to the given three probable cases.


S-boxes Power Mappings Classification DDT LAT 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Kavut, S., Yucel, M.D.: On Some Cryptographic Properties of Rijndael. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 300–311. Springer, Heidelberg (2001)Google Scholar
  2. 2.
    Matsui, M.: New Block Encryption MISTY. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 54–68. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  3. 3.
    3rd Generation Partnership Project, Technical Specification Group Services and System Aspects, 3G Security, Specification of the 3GPP Confidentiality and Integrity Algorithms; Document 2: Kasumi Specification, V.3.1.1 (2001)Google Scholar
  4. 4.
    Dobbertin, H.: Almost perfect nonlinear power functions on GF(2n): the Welch case. IEEE Transactions on Information Theory 45, 1271–1275 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Nyberg, K.: Differentially uniform mappings for cryptography. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 55–64. Springer, Heidelberg (1994)Google Scholar
  6. 6.
    Jakobsen, T., Knudsen, L.: The interpolation attack on block ciphers. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 28–40. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  7. 7.
    Youssef, A.M., Tavares, S.E., Gong, G.: On Some probabilistic approximations for AES-like s-boxes. Discrete Mathematics 306(16), 2016–2020 (2006)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Youssef, A.M., Tavares, S.E.: Affine equivalence in the AES round function. Discrete Applied Mathematics 148(2), 161–170 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: a 128-bit block cipher suitable for multiple platforms-design and analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 39–56. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J.Cryptology 4, 3–72 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Matsui, M.: Linear cryptanalysis method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar
  12. 12.
    Bending, T., Fon-Der- Flaass, D.: Crooked functions, bent functions and distance regular graphs. Electronic Journal of Combinatorics 5:R34, 14 (1998)MathSciNetGoogle Scholar
  13. 13.
    Gold, R.: Maximal recursive sequences with 3-valued recursive cross-correlation functions. IEEE Transactions on Information Theory 14, 154–156 (1968)zbMATHCrossRefGoogle Scholar
  14. 14.
    Kasami, T.: The weight enumerators for several classes of subcodes of the second order binary Reed-Muller codes. Information and Control 18, 369–394 (1971)zbMATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    Canteaut, A., Charpin, P., Dobbertin, H.: Binary m-sequences with three-valued cross-correlation: a proof of Welch’s conjecture. IEEE Transactions on Information Theory 46, 4–8 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Hollman, H.D.L., Xiang, Q.: A proof of the Welch and Niho conjectures on cross-correlations of binary m-sequences. Finite Fields and Their Applications 7, 253–286 (2001)CrossRefMathSciNetGoogle Scholar
  17. 17.
    Dobbertin, H.: Almost perfect nonlinear power functions on GF(2n): a new case for n divisible by 5. In: Jungnickel, D., Niederreiter, H. (eds.) Proceedings of the Conference on Finite Fields and Applications, pp. 113–121. Springer, Berlin (1999)Google Scholar
  18. 18.
    Budaghyan, L., Carlet, C., Felke, P., Leander, G.: An infinite class of quadratic APN functions which are not equvalent to power mappings (2005),
  19. 19.
    Dobbertin, H.: One to one highly nonlinear power functions on GF(2n), Applicable Algebra in Engineering. Communication and Computing 9, 139–152 (1998)zbMATHMathSciNetGoogle Scholar
  20. 20.
    Maxwell, M.S.: Almost Perfect Nonlinear functions and related combinatorial structures, Phd Thesis, Iowa State University (2005)Google Scholar
  21. 21.
    Akleylek, S., Yucel, M.D.: Comparing Substitution Boxes of the Third Generation GSM and Advanced Encryption Standard Ciphers. In: Information Security and Cryptology Conference, Ankara, Turkey (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Bora Aslan
    • 1
    • 2
    • 3
  • M. Tolga Sakalli
    • 1
    • 2
    • 3
  • Ercan Bulus
    • 1
    • 2
    • 3
  1. 1.Computer Tech. and Programming Dept.Kirklareli UniversityLuleburgaz-KirklareliTurkey
  2. 2.Computer Engineering Dept.Trakya UniversityEdirneTurkey
  3. 3.Computer Engineering Dept.Namik Kemal UniversityCorlu-TekirdagTurkey

Personalised recommendations