Quadratic Equations from APN Power Functions

We develop several tools to derive quadratic equations from algebraic S-boxes and to prove their linear independence. By applying them to all known almost perfect nonlinear (APN) power functions and the inverse function, we can estimate the resistance against algebraic attacks. As a result, we can show that APN functions have different resistance against algebraic attacks, and especially S-boxes with Gold or Kasami exponents have very weak resistance.

[1]  Josef Pieprzyk,et al.  Cryptanalysis of Block Ciphers with Overdefined Systems of Equations , 2002, ASIACRYPT.

[2]  Kaisa Nyberg,et al.  On the Construction of Highly Nonlinear Permutations , 1992, EUROCRYPT.

[3]  Hideki Imai,et al.  Comparison Between XL and Gröbner Basis Algorithms , 2004, ASIACRYPT.

[4]  Robert Gold,et al.  Maximal recursive sequences with 3-valued recursive cross-correlation functions (Corresp.) , 1968, IEEE Trans. Inf. Theory.

[5]  H. Niederreiter,et al.  Finite Fields: Encyclopedia of Mathematics and Its Applications. , 1997 .

[6]  Claus Diem,et al.  The XL-Algorithm and a Conjecture from Commutative Algebra , 2004, ASIACRYPT.

[7]  Philip Hawkes,et al.  Rewriting Variables: The Complexity of Fast Algebraic Attacks on Stream Ciphers , 2004, CRYPTO.

[8]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[9]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[10]  H. Dobbertin Almost Perfect Nonlinear Power Functions on GF(2n): A New Case for n Divisible by 5 , 2001 .

[11]  Hans Dobbertin,et al.  Almost Perfect Nonlinear Power Functions on GF(2n): The Welch Case , 1999, IEEE Trans. Inf. Theory.

[12]  Tadao Kasami,et al.  The Weight Enumerators for Several Clauses of Subcodes of the 2nd Order Binary Reed-Muller Codes , 1971, Inf. Control..

[13]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[14]  Yoji Niho Multi-Valued Cross-Correlation Functions between Two Maximal Linear Recursive Sequences , 1972 .

[15]  Nicolas Courtois,et al.  Higher Order Correlation Attacks, XL Algorithm and Cryptanalysis of Toyocrypt , 2002, ICISC.

[16]  Dong Hoon Lee,et al.  Resistance of S-Boxes against Algebraic Attacks , 2004, FSE.

[17]  Adi Shamir,et al.  Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations , 2000, EUROCRYPT.

[18]  Thomas Johansson,et al.  A New Version of the Stream Cipher SNOW , 2002, Selected Areas in Cryptography.

[19]  K. Conrad,et al.  Finite Fields , 2018, Series and Products in the Development of Mathematics.

[20]  Jung Hee Cheon,et al.  Nonlinearity of Boolean Functions and Hyperelliptic Curves , 2003, SIAM J. Discret. Math..