Correlation-Immune Boolean Functions for Leakage Squeezing and Rotating S-Box Masking against Side Channel Attacks

  • Claude Carlet
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8204)


Boolean functions, from \( {\Bbb F}_{2^n}\) to \({\Bbb F}_2\), have been playing an important role in stream ciphers, because they can be used in their pseudo-random generators to combine the outputs to several LFSR (in the so-called combiner model). Recall that the keystream (which is bitwise added to the plaintext for producing the ciphertext) is in such framework the sequence output by the function during a sufficient number of clock-cycles. The combiner Boolean function must then be balanced, that is, have uniform output distribution, for avoiding some straightforward distinguishing attack; and it should be correlation-immune of highest possible order.


Boolean Function Smart Card Block Cipher Stream Cipher Side Channel Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bhasin, S., Carlet, C., Guilley, S.: Theory of masking with codewords in hardware: low weight d-th order correlation-immune functions. IACR ePrint Archive 303 (2013)Google Scholar
  2. 2.
    Carlet, C.: Boolean functions for cryptography and error-correcting codes, in Boolean Models and Methods in Mathematics, Computer Science, and Engineering, ser. In: Crama, Y., Hammer, P.L. (eds.) Encyclopedia of Mathematics and its Applications, ch. 8, vol.134, pp. 257–397. Cambridge University Press, Cambridge (2010),
  3. 3.
    Carlet, C., Danger, J.-L., Guilley, S., Maghrebi, H.: Leakage Squeezing of Order Two. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 120–139. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  4. 4.
    Carlet, C., Freibert, F., Guilley, S., Kiermaier, M., Kim, J.-L., Solé, P.: Higher-order CIS codes. IEEE Transactions on Information Theory (Submitted 2013)Google Scholar
  5. 5.
    Carlet, C., Gaborit, P., Kim, J.-L., Solé, P.: A new class of codes for Boolean masking of cryptographic computations. IEEE Transactions on Information Theory 58(9), 6000–6011 (2012)CrossRefGoogle Scholar
  6. 6.
    Carlet, C., Guilley, S.: Side-channel indistinguishability. In: Proceedings of HASP 2013, 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, Tel Aviv, Israel, pp. 9:1-9:8. ACM, New York (June 2013)Google Scholar
  7. 7.
    Carlet, C., Guillot, P., Mesnager, S.: On immunity profile of Boolean functions. In: Gong, G., Helleseth, T., Song, H.-Y., Yang, K. (eds.) SETA 2006. LNCS, vol. 4086, pp. 364–375. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Courtois, N.T.: Fast Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 176–194. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Courtois, N., Meier, W.: Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 346–359. Springer, Heidelberg (2003)Google Scholar
  10. 10.
    Maghrebi, H., Carlet, C., Guilley, S., Danger, J.-L.: Optimal first-order masking with linear and non-linear bijections. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 360–377. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  11. 11.
    Maghrebi, H., Guilley, S., Danger, J.-L.: Leakage Squeezing Countermeasure against High-Order Attacks. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 208–223. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  12. 12.
    Massey, J.L.: Shift-register analysis and BCH decoding. IEEE Transactions on Information Theory 15, 122–127 (1969)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Meier, W., Staffelbach, O.: Fast correlation attacks on stream ciphers. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 301–314. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  14. 14.
    Rønjom, S., Helleseth, T.: A new attack on the filter generator. IEEE Transactions on Information Theory 53(5), 1752–1758 (2007)Google Scholar
  15. 15.
    Siegenthaler, T.: Decrypting a Class of Stream Ciphers Using Ciphertext Only. IEEE Transactions on Computer C-34(1), 81–85 (1985)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Claude Carlet
    • 1
    • 2
  1. 1.CNRS, UMR 7539LAGA, Universities of Paris 8 and Paris 13France
  2. 2.Department of MathematicsUniversity of Paris 8Saint-Denis cedex 02France

Personalised recommendations