On Cryptographically Significant Mappings over GF(2n)

  • Enes Pasalic
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5130)


In this paper we investigate the algebraic properties of important cryptographic primitives called substitution boxes (S-boxes). An S-box is a mapping that takes n binary inputs whose image is a binary m-tuple; therefore it is represented as \(F:\text{GF}(2)^n \rightarrow \text{GF}(2)^m\). One of the most important cryptographic applications is the case n = m, thus the S-box may be viewed as a function over \(\text{GF}(2^n)\). We show that certain classes of functions over \(\text{GF}(2^n)\) do not possess a cryptographic property known as APN (Almost Perfect Nonlinear) permutations. On the other hand, when n is odd, an infinite class of APN permutations may be derived in a recursive manner, that is starting with a specific APN permutation on \(\text{GF}(2^k)\), k odd, APN permutations are derived over \(\text{GF}(2^{k+2i})\) for any i ≥ 1. Some theoretical results related to permutation polynomials and algebraic properties of the functions in the ring \(\text{GF}(q)[x,y]\) are also presented. For sparse polynomials over the field \(\text{GF}(2^n)\), an efficient algorithm for finding low degree I/O equations is proposed.


Quadratic Equation Block Cipher Advance Encryption Standard Algebraic Degree Algebraic Immunity 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Armknecht, F., Carlet, C., Gaborit, P., Künzli, S., Meier, W., Ruatta, O.: Efficient computation of algebraic immunity for algebraic and fast algebraic attacks. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 147–164. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)CrossRefMathSciNetzbMATHGoogle Scholar
  3. 3.
    Breveglieri, L., Cherubini, A., Macchetti, M.: On the generalized linear equivalence of functions over finite fields. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 79–91. Springer, Heidelberg (2004)Google Scholar
  4. 4.
    Budaghyan, L.: The simplest method for constructing APN polynomials EA-inequivalent to power functions. In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 177–188. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  5. 5.
    Budaghyan, L., Carlet, C., Pott, A.: New classes of almost bent and almost perfect nonlinear polynomials. IEEE Trans. on Inform. Theory IT-52(3), 1141–1152 (2006)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Carlet, C., Charpin, P., Zinoviev, V.: Codes, bent functions and permutations suitable for DES-like cryptosystems. Designs, Codes and Cryptography 15(2), 125–156 (1998)CrossRefMathSciNetzbMATHGoogle Scholar
  7. 7.
    Chabaud, F., Vaudenay, S.: Links between differential and linear cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 356–365. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  8. 8.
    Cheon, J.H., Lee, D.H.: Resistance of S-boxes against algebraic attacks. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 83–94. Springer, Heidelberg (2004)Google Scholar
  9. 9.
    Courtois, N.: Higher order correlation attacks, XL algorithm and cryptoanalysis of Toyocrypt. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 182–199. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Courtois, N., Debraize, B., Garrido, E.: On exact algebraic [non-]immunity of S-boxes based on power functions. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 76–86. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Courtois, N., Pieprzyk, J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Berlin (2002)zbMATHGoogle Scholar
  13. 13.
    Didier, F.: Using Wiedemann’s algorithm to compute the immunity against algebraic and fast algebraic attacks. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 236–250. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Dobbertin, H.: Almost perfect nonlinear power functions on GF(2n): The Welch case. IEEE Trans. on Inform. Theory IT-45(4), 1271–1275 (1999)CrossRefMathSciNetGoogle Scholar
  15. 15.
    Dobbertin, H.: Almost perfect nonlinear power functions over GF(2n): The Niho case. Inform. Comput. 151, 57–72 (1999)CrossRefMathSciNetzbMATHGoogle Scholar
  16. 16.
    Faugère, J.-C.: A new efficient algorithm for computing Gröbner basis without reduction to 0 F 5. In: Proceedings of ISSAC 2002, pp. 75–83. ACM Press, New York (2002)CrossRefGoogle Scholar
  17. 17.
    Fraenkel, S.A., Yesha, Y.: Complexity of problems in games, graphs, and algebraic equations. Discr. Appl. Math. 1, 15–30 (1979)CrossRefMathSciNetzbMATHGoogle Scholar
  18. 18.
    Hou, X.D.: Affinity of permutations of \(\mathbb{F}_{2^n}\). Discr. Appl. Math. vol. 154(2), 313–325 (2006)CrossRefGoogle Scholar
  19. 19.
    Knudsen, L.R.: Quadratic relations in Khazad and Whirlpool. NESSIE report NES/DOC/UIB/WP5/017/1 (2002)Google Scholar
  20. 20.
    Macchetti, M.: Addendum to On the generalized linear equivalence of functions over finite fields. Cryptology ePrint Archive, Report2004/347 (2004),
  21. 21.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar
  22. 22.
    Murphy, S., Robshaw, M.: Essential algebraic structure within the AES. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 1–16. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  23. 23.
    Nyberg, K.: Differentially uniform mappings for cryptography. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 55–64. Springer, Heidelberg (1994)Google Scholar
  24. 24.
    Shamir, A., Patarin, J., Courtois, N., Klimov, A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 392–407. Springer, Heidelberg (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Enes Pasalic
    • 1
  1. 1.IMFM Ljubljana & University of PrimorskaKoperSlovenia

Personalised recommendations